| ▲ | swe02 a day ago | ||||||||||||||||
As someone who uses systemd, "boot security" is pointless. If someone has enough access to your hardware to try booting a different kernel, they have time to load a signed shim that passes secure boot and launches unsigned code. The only boot security real users need is disk encryption. | |||||||||||||||||
| ▲ | viraptor a day ago | parent | next [-] | ||||||||||||||||
"on a system not configured for boot security, you get no boot security" is indeed correct. If you care about boot security, your local platform doesn't give you the chance to boot custom kernels and not passing secure boot doesn't give you decryption keys. | |||||||||||||||||
| ▲ | fc417fc802 a day ago | parent | prev | next [-] | ||||||||||||||||
There are multiple possible configurations. Only the most basic will permit an arbitrary payload as you describe. I've never been entirely clear about the security model when the signed shim is permitted. I assume I'm missing some nuance. Disk encryption alone won't protect you from either persistent malware (remote) or evil maids (local). | |||||||||||||||||
| ▲ | bigfatkitten 20 hours ago | parent | prev | next [-] | ||||||||||||||||
> The only boot security real users need is disk encryption. Which becomes easy to bypass without boot security. If an adversary can modify code that executes in the boot process, they can steal your keys. | |||||||||||||||||
| ▲ | craftkiller a day ago | parent | prev [-] | ||||||||||||||||
> signed shim How would they sign such a shim without my keys? I don't leave Microsoft keys enrolled on my laptop. | |||||||||||||||||
| |||||||||||||||||