[coreboot] LinuxBIOS/coreboot and security

Torsten Duwe duwe at lst.de
Sun Jan 27 23:32:26 CET 2008


On Saturday 26 January 2008, Carl-Daniel Hailfinger wrote:
> Hi Philipp,
>
> On 25.01.2008 12:50, Philipp Marek wrote:
> > My question is this. I'd like to secure machines against the
> > people that should work with them [1].
>
> Ah. Classic DRM.

DRM does not work.
The only use I can think of is a student pool at the university.

> Do you control (manufacture) the hardware?

Even that does not help. Ask M$ about a thing called "Ex-box" (or so...)

> There is no easy way to set the bar higher. It will almost always cost
> you a lot more time to secure a machine than it takes the user to break it.

Not if it's under surveillance, like a student's computer pool room, subject 
to unannounced inspection. In that scenario cases with a single screw have 
proven themselves. That screw is then chained and locked.

HTH,
	Torsten





More information about the coreboot mailing list