On Mon, Jan 07, 2013 at 03:29:01PM +0100, Xavi Drudis Ferran wrote: > For now secure boot only restricts what we boot (and the booted OS restricts > the rest > of what we run). But in the end the purpuse is to stablish a DRM scheme so > that > if a server can't prove that we're running software trusted by them (not us) > then we won't > be able to access content or even we'll be refused connection to the internet > or whatever > has to do with equipment controlled by someone else.
This. It's called 'remote attestation' (https://en.wikipedia.org/wiki/Trusted_Computing#Remote_attestation). An obvious (first?) application will be your bank, which will refuse you access to their online banking system unless you run a 'trusted' software stack. And you can be sure that their idea of a 'trusted' stack will be proprietary software, only. Because we all know that Windows is the most secure operating system out there (/sarcasm). Thanks, Ward. -- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot