undefined | Better HN

0 pointsJCattheATM9mo ago0 comments

Not so, the reference implementation is open source and incorporated into Coreboot, for a long time now.

0 comments

The reference implementation is not the same as knowing which code runs on "your" hardware and having all keys from "your" hardware. If you are protected by a steel door but you don't have the keys, you are not safe, you are imprisoned.

JCattheATMOP9mo ago

This seems like a ridiculous argument. There is a fully source open source secure boot implementation, that if you have concerns about it you can fully audit, just as you can fully audit your current setup if you wanted to - but almost certainly have not.

fsflover9mo ago

So you are suggesting me to audit an implementation which I do not necessarily run and there's no way to know if I do. What's the point? How will it help?

The code running on my hardware is open, so anybody from the community can audit it and I have a possibility to verify that this is what I run at least by reflashing it. And I did reflash it. This approach is getting more reliable with more software becoming reproducible.

1 more reply

j / k navigate · click thread line to collapse

0 comments

fsflover9mo ago

JCattheATMOP9mo ago

fsflover9mo ago

So you are suggesting me to audit an implementation which I do not necessarily run and there's no way to know if I do. What's the point? How will it help?

1 more reply

j / k navigate · click thread line to collapse