[coreboot] Feedback On Coreboot: the Solution to the Secure Boot Fiasco

David Hubbard david.c.hubbard+coreboot at gmail.com
Sat Jan 5 03:11:10 CET 2013


Hi Andrew,

On Fri, Jan 4, 2013 at 5:09 PM, Andrew Goodbody <ajg4tadpole at gmail.com>wrote:

>
> Enrol your own key. Sign your own kernel. Seems to scale linearly per user
> to me.
>
> Security is not free. There will always be a cost.
>
>
I am actually quite conflicted because I try to look out for the underdog
in every fight. Right now that would be you (no offense intended). Please
view my comments as directed at Microsoft and the standard they have pushed
onto us. And thanks for debating.

"Security is not free"

I think the Linux kernel is a glaring hole in that argument. The Linux
kernel is *free*, by many definitions. Oh, and it is the *right* way to
implement security.

Secure Boot is neither libre nor gratis. For $99 you can have a closed DRM
solution. All DRM solutions are fundamentally flawed because both lock
*and* key must be present on the machine. The only thing DRM has
consistently done is inconvenience the average person.

"Enrol (sic) your own key. Sign your own kernel."

For $99 I could get my kernel signed by Verisign. That does not scale. That
was my point, thanks.

To attempt to convince all the OEM's to sign their UEFI drivers with my key
would be impossible; furthermore, the UEFI spec only has *one* slot for
signatures on OEM UEFI drivers.

The whole bring-your-own-key argument is a red herring as soon as a
third-party driver is involved, because the driver must then be trusted
without verifying its signature. You wouldn't accept that kind of security
compromise, would you?

I know I won't. I'll ditch Secure Boot entirely and use coreboot.

Regards,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20130104/27e5b8bd/attachment.html>


More information about the coreboot mailing list