[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: Trust system write-up
From:       Eric McCorkle <eric () metricspace ! net>
Date:       2017-10-24 10:44:12
Message-ID: eb912ecf-0ffe-ab4f-4812-cb28e22bb767 () metricspace ! net
[Download RAW message or body]

On 10/23/2017 21:09, Rozhuk Ivan wrote:
> On Mon, 23 Oct 2017 09:44:34 -0700
> "Simon J. Gerraty" <sjg@juniper.net> wrote:
> 
>> With the advent of secure boot and TPM's, there is potentially scope
>> to allow for mixed control.
> 
> TPM is closed hardware and software: you dont know what inside and how it works.
> Secure boot same crap: closed source with many known security holes.
> 

I think it's necessary to support secure boot for commercial vendors and
such.  I personally have no interest in Microsoft being able to certify
random programs to boot on my machines, and am much more interested in
things like coreboot.

There are, however, secure boot mechanisms such as the Power
architecture boot that maintain user control, and I'm hoping with the
rise of RISC-V that we'll see trustworthy hardware crypto and TPM-like
devices.
_______________________________________________
freebsd-hackers@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]