'Re: The future of legacy BIOS support in Fedora.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-devel-list
Subject:    Re: The future of legacy BIOS support in Fedora.
From:       Przemek Klosowski via devel <devel () lists ! fedoraproject ! org>
Date:       2020-07-10 3:58:26
Message-ID: cd3e31b1-0c7e-a5b5-8377-f35a0316fc44 () nist ! gov
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


On 7/9/20 10:46 AM, John M. Harris Jr wrote:
> "Secure Boot" doesn't make root non-uid 0, and can't keep root from
> controlling system devices, even uploading unsigned firmware to peripherals.

While it's true that a completely secure software chain doesn't really 
exist yet, we are slowly going in that direction, because it is just 
inconceivable otherwise in the world with billions of autonomous IOT 
devices---the consequences of a worm-type insecurity that would subvert 
a significant portion of Internet-connected devices are just too scary.

For instance, one possible solution used e.g. for a secure BIOS updates 
is to prevent loading firmware directly, and instead load it into a 
separate flash area. Then, reset the system:

  * existing certified firmware boots and finds the updated firmware
  * new firmware is measured and verified
  * if it passes, the old firmware copies and activates the updated firmware

So you see that you can't subvert this even with UID==0. Same thing for 
controlling system devices---with secure software chain even the 
applications can be certified and controlled. THis is not your or my 
desktop system, of course, but there is a need for systems like this.

When I hear you say that this takes away the ownership of our computers 
from us, I think that it's got to be this way for a large part of those 
billions of systems---as the saying goes, we have to stop thinking of 
computers as pets, and start seeing them as cattle. We can still have 
pets as well, but there has to be a way to herd cattle.


[Attachment #5 (text/html)]

<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">On 7/9/20 10:46 AM, John M. Harris Jr
      wrote:<br>
    </div>
    <blockquote type="cite" cite="mid:3059978.aeNJFYEL58@mail.malum.me">
      <pre class="moz-quote-pre" wrap="">"Secure Boot" doesn't make root non-uid 0, \
and can't keep root from  controlling system devices, even uploading unsigned \
firmware to peripherals. </pre>  </blockquote>
    <p>While it's true that a completely secure software chain doesn't
      really exist yet, we are slowly going in that direction, because
      it is just inconceivable otherwise in the world with billions of
      autonomous IOT devices---the consequences of a worm-type
      insecurity that would subvert a significant portion of
      Internet-connected devices are just too scary.</p>
    <p>For instance, one possible solution used e.g. for a secure BIOS
      updates is to prevent loading firmware directly, and instead load
      it into a separate flash area. Then, reset the system:</p>
    <ul>
      <li>existing certified firmware boots and finds the updated
        firmware</li>
      <li>new firmware is measured and verified</li>
      <li>if it passes, the old firmware copies and activates the
        updated firmware</li>
    </ul>
    <p>So you see that you can't subvert this even with UID==0. Same
      thing for controlling system devices---with secure software chain
      even the applications can be certified and controlled. THis is not
      your or my desktop system, of course, but there is a need for
      systems like this.<br>
    </p>
    <p>When I hear you say that this takes away the ownership of our
      computers from us, I think that it's got to be this way for a
      large part of those billions of systems---as the saying goes, we
      have to stop thinking of computers as pets, and start seeing them
      as cattle. We can still have pets as well, but there has to be a
      way to herd cattle.<br>
    </p>
  </body>
</html>


[Attachment #6 (text/plain)]

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic