On 03/23/2018 10:01 AM, cooloutac wrote: > secure boot is a gimmick, that even Richard Stallman admits is ok to use for > security purposes. a gimmick that when enabled stopped hacking teams insyde > bios attack. and probably would stop the latest intel and latest amd bios > attacks in the news. "Secure" boot is firmware based kernel code signing enforcement - the insideh20 exploit is entirely different and doesn't involve loading a different kernel. > Does your super expensive fancy board at least have a jumper to stop flashing > of that "Free" bios? $415 is actually quite cheap for a server motherboard, which you would know if you made money doing this instead of just being a kid on a mailinglist who enjoys giving out dangerous advice to people who might be living in a hostile foreign regime where bad computer security can get them shot.
Jumpers that restrict internal flashing are simply setting a lock on the flash regions that contain the firmware, as you would yourself if you wanted additional security and it can be done with just about any EEPROM flash device running almost any firmware. > The reason why the freedom software movement is dying is because its filled > with dramatic nuts nobody can take seriously. Over hyping nonsense. Just > like Richard Stallman himself had to admit secure boot is ok to use "because > its failed its intended purpose". But only in his crazy mind was limiting > free software its intended purpose. not in reality. He has done and will continue to do more for society in a month that you will in your entire life. > The guy from thinkpenguin was talking about loading up his guns when the fcc > made its ruling about wireless routers having restrictions. But yet open > source software is still available for routers. Something being available doesn't prevent it from being illegal or eventually phased out where one can't buy a new wi-fi card with libre firmware. The thinkpenguin people know much more about this matter than you as it is their livelihood. > Although not as popular cause most hackers around nowadays just like to > destroy things not build things. By your standards what exactly is a hacker? someone who gets arrested and ends up on the news? or maybe someone who contributes unique code to foss projects? > Free software, vs open source, vs closed does not matter when it comes to > security. I take it you are using windows 10 then? > It depends on the software and one can be more secure then the other, > regardless of how open it is. How clueless you are. > It worries me that Joanna Rutkowska use to call you guys hippy nuts but now > she sounds more and more like one of you. Better as you say "hippy nut" than someone > Most real world security researchers are not going to take Qubes seriously > until it has secure boot or a secure flash. Operating systems don't and can't modify EEPROM settings. > All the major linux distros already adopted it, and it still doesn't even go > far enough. The expert has spoken and he says that a linux distribution is not good unless it uses a microsoft technology designed to eventually take away the right for people to install linux altogether on the average computer. What qualifications do you have on computing security anyway? are you employed as a programmer? IT security? etc? have you even one computer with non-factory firmware? what are some projects or contributions that you have made to a libre project? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1e535ded-4e85-2afa-489b-6f1b979a2143%40gmx.com. For more options, visit https://groups.google.com/d/optout.
