[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: help installing grub-ima

From: Andrei E. Warkentin
Subject: Re: help installing grub-ima
Date: Tue, 23 Oct 2007 09:11:58 -0500

...Because having the ability, to be certain you didn't have a hypervirus or at runtime-binary-patched kernel booted due to a hacked bootloader loading from something like a USB stick, is one step towards "treacherous computing", whatever that is.

I think the SELinux people might object to that. One of the biggest problems with security in Linux is that the Linux kernel is not and cannot be the core root of trust, as it is by far not the first thing running and is not located on unmodifiable medium. 

Man, those write-once read-many system-measurement registers are just one step closer to losing the right to read, right? Or maybe to actually be in control of your system from power-on to shell prompt?

Andrei Evgenievich Warkentin
Cell: (+1) (847) 321-15-55

23.10.2007, в 7:31, Robert Millan писал(а):

On Tue, Oct 23, 2007 at 12:09:55PM +0200, address@hidden wrote:
 i'm trying to install grub-ima, the grub patch that enable it to use the TPM chip in the bootstrap.
 i follow this guide

We don't support Treacherous Computing because it's against the ideals of
freedom we are trying to defend.  You should know that this "TPM chip" you're
trying to get working is in fact purposely designed so that you can make your
whole OS stack treacherous and prove to others that it has been setup this way.

If you want to learn more about Treacherous Computing and why we object to it,
please see:

Robert Millan

<GPLv2> I know my rights; I want my phone call!
<DRM> What use is a phone call, if you are unable to speak?
(as seen on /.)

Grub-devel mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]