Hello Roger, Roger Leigh <rleigh@codelibre.net> wrote: > This depends upon the hardware. You might not be able to disable it. > In fact, Microsoft *require* that it can't be disabled on ARM hardware > carrying a "certified for Windows 8" (or whatever) badge. This > hardware will only be capable of booting signed code. No way of > disabling it or changing the key. I doubt that Microsoft has any effect on the ARM market at the moment, since it appears to be dominated by Android and iOS? > One could argue that "it's only ARM hardware, who cares", but ARM is > quite likely to displace intel as the common denominator in hardware. > I for one am looking forward to 64-bit ARM hardware, and it'll be > replacing my noisy and power hungry PC PDQ! Of course, we don’t know what the future brings, but I think it will take a few more years until ARM has replaced x86/amd64, if that ever happens. > This *is* a problem-- > Microsoft have de-facto complete control over the hardware by requiring > signed code. Even on the PC, where it's "optional", you are entirely > at the mercy of the motherboard vendor regarding the ability to disable > or replace keys. We shall see how this works out with regard to anti-trust laws. > > However, I welcome the fact that attacks on Windows will be made more > > difficult, since that also means smaller botnets, fewer vulnerable > > computers etc. > > It will have zero effect. Not only was the certificate effectively > compromised by allowing arbitrary code to be signed apparently by > Microsoft (see recent news) Of course, this incident is not nice at all - but then again, it only became public now and I imagine Microsoft to having reacted quickly. Additionally, I doubt that any other major institution signing such software will only sign non-malware/bug-free software. Given that Microsoft has been in the field for a few years, their count is not too bad. > how effective is the security when you > have the ability to chainload GRUB? Once you can do that, you can > load any arbitrary code of your choice. Any malware worth its salt > will just co-opt the Linux bootloader and continue on its way. > Effective security gained: none. Isn’t that the reason the small boot loader signed by MS for Fedora (according to their plans) will only load a signed Grub which will only load signed kernels etc.? I agree that there are problems with secure boot, mainly because mainboard manufacturers might block users from managing the keys on their computers. However, I think that – provided that users are free to change these keys or disable secure boot – this will help computer security. Best regards, Claudius -- Real programmers can write assembly code in any language. :-) -- Larry Wall in <8571@jpl-devvax.JPL.NASA.GOV> http://chubig.net telnet nightfall.org 4242
Attachment:
signature.asc
Description: PGP signature