Gentoo Archives: gentoo-dev

From: "Michał Górny" <mgorny@g.o>
To: gentoo-dev@l.g.o
Cc: gregkh@g.o, lists@×××××××××××.net
Subject: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo
Date: Sun, 17 Jun 2012 17:06:02
Message-Id: 20120617190616.186bd49a@pomiocik.lan
In Reply to: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo by Greg KH
1 On Sun, 17 Jun 2012 09:55:35 -0700
2 Greg KH <gregkh@g.o> wrote:
3
4 > On Sun, Jun 17, 2012 at 05:51:04PM +0200, Michał Górny wrote:
5 > > 2. What happens if, say, your bootloader is compromised?
6 >
7 > And how would this happen? Your bootloader would not run.
8
9 Yes. I'm asking what happens next. Is there an easy way to replace it?
10 Or is your computer bricked until you run some other bootloader to
11 replace the compromised one?
12
13 > > 3. What happens if the machine signing the blobs is compromised?
14 >
15 > So, who's watching the watchers, right? Come on, this is getting
16 > looney.
17
18 I'm just pointing out that this simply relies on trusting people. Much
19 like not having those signatures.
20
21 --
22 Best regards,
23 Michał Górny

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] Re: UEFI secure boot and Gentoo Rich Freeman <rich0@g.o>
Re: [gentoo-dev] Re: UEFI secure boot and Gentoo Florian Philipp <lists@×××××××××××.net>
Re: [gentoo-dev] Re: UEFI secure boot and Gentoo Greg KH <gregkh@g.o>