lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20121103010331.3dd593a5@pyramind.ukuu.org.uk>
Date:	Sat, 3 Nov 2012 01:03:31 +0000
From:	Alan Cox <alan@...rguk.ukuu.org.uk>
To:	ebiederm@...ssion.com (Eric W. Biederman)
Cc:	Matthew Garrett <mjg59@...f.ucam.org>,
	James Bottomley <James.Bottomley@...senPartnership.com>,
	Eric Paris <eparis@...isplace.org>,
	Jiri Kosina <jkosina@...e.cz>, Oliver Neukum <oneukum@...e.de>,
	Chris Friesen <chris.friesen@...band.com>,
	Josh Boyer <jwboyer@...il.com>, linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org, linux-efi@...r.kernel.org
Subject: Re: [RFC] Second attempt at kernel secure boot support

> No reason to?  How can I configure an off the shelf system originally
> sold with windows 8 installed to boot in UEFI secure boot mode using
> shim without trusting Microsoft's key?

Assuming its an x86 and a PC class platform and thus should allow you to
disable secure boot mode then you disable secure boot mode and boot in
sane PC mode. You then jump through a collection of hoops to sign all
your OS stuff, your ROMs and a few other things with a new key, remove
the MS key and then "secure" boot it.

That will also stop random people demonstrating how secure your "secure"
boot is by walking up to your box and installing Windows 8 over your
distribution by reformatting your hard drive and probably block a wide
range of interesting law enforcement and other tools some of which will
inevitably fall into the wrong hands.

A lot of the work there is the mechanising of all of the hoop jumping and
key management, but there isn't an intrinsic reason you can't turn this
into a nice clean click and point self-sign my PC UI.

There are some interesting uses for self signed keys or having your own
corporate key included in your builds as a big company. One thing it
solves if you do it with Linux and an own key is being able to remote
install securely over a network which right now for all OS's and PC class
devices is a problem as you have no way to verify the image.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ