From: Robert Millan <rmh@aybabtu.com>
To: The development of GRUB 2 <grub-devel@gnu.org>
Subject: Re: help installing grub-ima
Date: Tue, 23 Oct 2007 22:17:13 +0200 [thread overview]
Message-ID: <20071023201713.GA29047@thorin> (raw)
In-Reply-To: <60954307-5783-43C8-9A67-1203319A2E9C@gmail.com>
On Tue, Oct 23, 2007 at 09:11:58AM -0500, Andrei E. Warkentin wrote:
> ...Because having the ability, to be certain you didn't have a
> hypervirus or at runtime-binary-patched kernel booted due to a hacked
> bootloader loading from something like a USB stick, is one step
> towards "treacherous computing", whatever that is.
If you had any of the situations described, you wouldn't be able to trust
the APIs you use to access the Treacherous Chip at all. The funny thing is
that third parties would [1], but not you.
[1] Well, assuming our hypervirus is not dumb, they would just see that
your computer lacks a Treacherous Chip or is not using it, which is
not very useful. But of course, this has an easy solution:
- Premise: everyone who's not on TC is therefore running an hypervirus
- Consequence: let the witch hunt begin! :-)
> I think the SELinux people might object to that. One of the biggest
> problems with security in Linux is that the Linux kernel is not and
> cannot be the core root of trust, as it is by far not the first thing
> running and is not located on unmodifiable medium.
How can you trust your BIOS if you can't even read its source code, let
alone verify it was built from it?
> Man, those write-once read-many system-measurement registers are just
> one step closer to losing the right to read, right?
It's obvious that with computers being general-purpose machines, they cannot
take away basic rights. TC is specificaly designed [1] to take away these
rights and turn them into concessions.
[1] Yes, really. If you disagree, please explain why the Owner Override
proposal (http://www.linuxjournal.com/article/7055) was rejected.
> Or maybe to
> actually be in control of your system from power-on to shell prompt?
Being in control is not the same as trusting someone else who claims to be.
--
Robert Millan
<GPLv2> I know my rights; I want my phone call!
<DRM> What use is a phone call, if you are unable to speak?
(as seen on /.)
next prev parent reply other threads:[~2007-10-23 20:17 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-04 13:11 how does trusted grub work myfreneticvisions-grub
2007-10-04 21:00 ` Robert Millan
2007-10-23 10:09 ` help installing grub-ima myfreneticvisions-grub
2007-10-23 12:31 ` Robert Millan
2007-10-23 14:11 ` Andrei E. Warkentin
2007-10-23 20:17 ` Robert Millan [this message]
2007-10-23 20:31 ` Robert Millan
2007-10-23 20:50 ` Robert Millan
2007-10-23 21:22 ` Andrei E. Warkentin
2007-10-23 21:21 ` Andrei E. Warkentin
2007-10-25 9:17 ` Robert Millan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071023201713.GA29047@thorin \
--to=rmh@aybabtu.com \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.