:: Re: [DNG] UEFI and Secure Boot
Page principale
Supprimer ce message
Répondre à ce message
Auteur: Arnt Gulbrandsen
Date:  
À: dng
Sujet: Re: [DNG] UEFI and Secure Boot
Taiidan@??? writes:
> No you aren't.
>
> Intel ME + "Secure" boot non-owner controlled firmware code
> signing enforcement (probably hardware enforced via boot guard,
> so one couldn't even spend the thousands to have it removed via
> a coreboot platform port)
>
> If you can't execute whatever you please on all the processors
> then it isn't yours.


It sounds good when you put it like that. But you're telling someone who
has added an easter egg to a very widely used open source package, and
noone ever found it. I didn't even try to hide or obfuscate that, still,
noone ever found it (or at least mentioned it on any of the relevant lists
etc). I know a maintainer who put something controversial in the code he
was maintaining, too. None of his users noticed until he removed it
himself.

He and I could both put code on millions of people's systems that none of
them discovered. He hid his stuff in an unrelated commit, I didn't bother
even with that. Noone noticed. That's how effective open source is at
revealing to hardware owners what software they actually run.

You personally don't even known to within a factor of ten how many lines of
source code are installed on your most-used linux box. Am I right?
Closed-software users don't know, you don't know either. The control you
think you have is mostly an illusion.

Arnt