:: Re: [DNG] UEFI and Secure Boot
Top Page
Delete this message
Reply to this message
Author: KatolaZ
Date:  
To: dng
Subject: Re: [DNG] UEFI and Secure Boot
On Mon, Oct 23, 2017 at 11:16:50AM +0100, Arnt Gulbrandsen wrote:
> katolaz@??? writes:
> >I don't know much about signed bootloaders, and i will try to re-read
> >the thread to fully understand your statement.
>
> The short version: You can remove keys, so that only your own key is valid
> for booting. If you're then careful about that key, then later physical
> access is almost useless.
>


Yes, but what about *adding* your own keys? This does not seem to be a
popular option, AFAIK.

My2Cents

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[     "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[       @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[     @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]