From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Cc: matthew.finkel@gmail.com
Subject: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo
Date: Sun, 17 Jun 2012 19:10:13 +0200 [thread overview]
Message-ID: <20120617191013.38dda99e@pomiocik.lan> (raw)
In-Reply-To: <CAGF8hssozZN8D9TxzWLA5E=xuEG2vri_J-i9UyeLoAba8YpY0g@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1346 bytes --]
On Sun, 17 Jun 2012 12:56:34 -0400
Matthew Finkel <matthew.finkel@gmail.com> wrote:
> On Sun, Jun 17, 2012 at 11:51 AM, Michał Górny <mgorny@gentoo.org>
> wrote:
> > 1. How does it increase security?
> >
> This removed a few vectors of attack and ensures your computer is only
> bootstrapped by and booted using software you think is safe. By using
> any software we don't write, we make a lot of assumptions.
I agree that it removes a few vectors of attack. But this doesn't
necessarily mean the system is more secure. It has one vulnerability
less but let's not get overenthusiastic.
I'm basically trying to point out that a single solution like that can
do more evil than good if people will believe it's perfect.
> > 3. What happens if the machine signing the blobs is compromised?
> >
> See above. But also, a compromised system wouldn't necessarily mean
> the blobs would be compromised as well. In addition, ideally the
> priv-key would be kept isolated to ensure a compromise would be
> extremely difficult.
In my opinion, if a toolchain is quietly compromised, everything built
on the particular machine can be compromised. And signed. I doubt that
someone will check bit-exact machine code of the toolchain
and operating system before starting to sign packages.
--
Best regards,
Michał Górny
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 316 bytes --]
next prev parent reply other threads:[~2012-06-17 17:10 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-15 4:28 [gentoo-dev] UEFI secure boot and Gentoo Greg KH
2012-06-15 4:45 ` Arun Raghavan
2012-06-15 4:56 ` Greg KH
2012-06-15 5:24 ` Arun Raghavan
2012-06-15 21:28 ` Matthew Thode
2012-06-15 5:48 ` Eray Aslan
2012-06-15 7:26 ` Michał Górny
2012-06-15 7:49 ` Florian Philipp
2012-06-15 8:06 ` Richard Farina
2012-06-15 8:24 ` Florian Philipp
2012-06-15 23:59 ` Greg KH
2012-06-16 8:33 ` Florian Philipp
2012-06-16 0:03 ` gregkh
2012-06-15 5:00 ` [gentoo-dev] " Duncan
2012-06-15 5:03 ` [gentoo-dev] " Ben de Groot
2012-06-15 5:08 ` Matthew Finkel
2012-06-15 5:24 ` Arun Raghavan
2012-06-15 7:12 ` Ben de Groot
2012-06-15 7:58 ` Richard Farina
2012-06-15 8:37 ` Florian Philipp
2012-06-15 11:32 ` Walter Dnes
2012-06-15 12:01 ` Rich Freeman
2012-06-15 12:48 ` Florian Philipp
2012-06-16 9:22 ` Maxim Kammerer
2012-06-17 17:03 ` Greg KH
2012-06-17 19:22 ` Maxim Kammerer
2012-06-15 10:50 ` Ben de Groot
2012-06-16 0:02 ` Greg KH
2012-06-15 4:45 ` Greg KH
2012-06-15 5:48 ` Philip Webb
2012-06-16 0:01 ` Greg KH
2012-06-16 3:18 ` Philip Webb
2012-06-15 21:35 ` Matthew Thode
2012-06-16 0:00 ` Greg KH
2012-06-15 4:50 ` [gentoo-dev] " Duncan
2012-06-15 5:01 ` Matthew Finkel
2012-06-15 7:54 ` Florian Philipp
2012-06-15 12:28 ` Walter Dnes
2012-06-15 12:55 ` Florian Philipp
2012-06-16 23:37 ` Steev Klimaszewski
2012-06-17 16:58 ` Greg KH
2012-06-17 17:24 ` Dale
2012-06-16 17:51 ` Michał Górny
2012-06-17 9:20 ` Florian Philipp
2012-06-17 15:51 ` Michał Górny
2012-06-17 16:55 ` Greg KH
2012-06-17 17:06 ` Michał Górny
2012-06-17 17:17 ` Rich Freeman
2012-06-17 17:28 ` Florian Philipp
2012-06-17 17:56 ` Greg KH
2012-06-17 16:56 ` Matthew Finkel
2012-06-17 17:10 ` Michał Górny [this message]
2012-06-17 17:40 ` Florian Philipp
2012-06-17 17:34 ` Sascha Cunz
2012-06-17 17:55 ` Rich Freeman
2012-06-17 18:00 ` Florian Philipp
2012-06-17 18:56 ` Sascha Cunz
2012-06-17 19:20 ` Graham Murray
2012-06-17 20:30 ` Florian Philipp
2012-06-17 23:07 ` Rich Freeman
2012-06-22 6:42 ` George Prowse
2012-06-15 4:57 ` [gentoo-dev] " Chí-Thanh Christopher Nguyễn
2012-06-15 12:18 ` Luca Barbato
2012-06-15 12:33 ` Rich Freeman
2012-06-15 23:56 ` Greg KH
2012-06-16 6:30 ` Michał Górny
2012-06-15 10:14 ` Rich Freeman
2012-06-15 11:26 ` Florian Philipp
2012-06-15 12:22 ` Luca Barbato
2012-06-15 12:45 ` Rich Freeman
2012-06-15 15:46 ` G.Wolfe Woodbury
2012-06-15 23:55 ` Greg KH
2012-06-16 0:41 ` Rich Freeman
2012-06-16 3:49 ` Greg KH
2012-06-16 23:52 ` Matthew Summers
2012-06-17 0:23 ` [gentoo-dev] " Duncan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120617191013.38dda99e@pomiocik.lan \
--to=mgorny@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
--cc=matthew.finkel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox