On 12/02/2017 03:11 AM, taii...@gmx.com wrote:
> On 11/23/2017 07:55 AM, Leo Gaspard wrote:
>
>> Can you please avoid ranting against secure boot once again?
>>
>> Secure boot is *not* useless. It *does* bring security benefits,
>> although not as good as measured boot with a TPM: it requires an
>> additional flaw somewhere in the {BIOS, bootloader} to bypass, instead
>> of just coming in and replacing a non-encrypted element of the bootchain
>> by taking the hard disk out of its case without ever being noticed. So
>> if you have no TPM, using secure boot is a definitive security
>> enhancement.
> The "linux" SB (ie: red hat signed grub) is only for signed grub it
> doesn't sign the kernel or the initramfs, one can also mess with the
> BIOS or ME which is well within the skill level of a state attacker such
> as the MSS.
Ugh. Red Hat signed grub is not at all the only secure boot available
for linux: YOU CAN REPLACE THE KEYS IN YOUR UEFI WITH YOUR OWN. (sorry
for yelling but I think I've written it one too many times, maybe this
way it'll better stand out)
Please check [1] if you want to know how to do it by yourself.
As for signing the kernel or the initramfs, grub can also check the
signature of the kernel and initramfs, see [2] also (which does exactly
the same thing as secure boot except here grub is directly included in
the BIOS, so there is no need for signing it)
> There are also a variety of SB exploits/bypasses.
Of course there always will be flaws on systems, but does it mean you
shouldn't try to harden everything possible? Flaws can most often be
fixed, non-existent feature cannot
> Irregardless it'll be what eventually kills linux on the desktop for the
> average person after the vendors stop including the linux signing key
> (SB 2.0 specs don't obligate them to allow for owner control or even the
> inclusion of the second key unlike SB 1.0 specs), if you desire such
> features it would be much better to simply use a bios-embedded GRUB2 via
> coreboot which supports kernel/initramfs signing features.
Now you are just designing a future you don't like and state “that's
what will happen”. Sorry if I'm no seer, but for the desktop I haven't
owned yet a computer that doesn't allow one to change the keys, and thus
see no reason to believe what you are saying.
Also, libre/coreboot is a nice way to have a level of security
equivalent to secureboot (maybe slightly better because there is one
less step in the boot chain, thus one less possibility of flaw). But
then coreboot is not available/working on all hardware platforms, while
SB is, and the two bring equivalent security.
> "Secure" Boot is a MS trojan horse.
There is no argument to support this assertion. Please once again stop
spreading FUD.
[1]
https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide/Configuring_Secure_Boot
[2] https://libreboot.org/docs/gnulinux/grub_hardening.html
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/16f4d3dd-df08-5af6-4c64-8e29f9bc94e7%40gaspard.ninja.
For more options, visit https://groups.google.com/d/optout.
