Y
Hacker News
new
|
ask
|
show
|
jobs
by
Foxboron
1726 days ago
I don't think a 5 year old project linked without context is appropriate when talking about modern boot chain security.
It doesn't even support stubs so it fails at the first threat scenario described in this post.
1 comments
selfhoster11
1726 days ago
I disagree. UEFI boot security is not that recent, and it hasn't changed so much as to render earliest approaches less secure.
link
Foxboron
1726 days ago
It is less secure. The initramfs is not signed, along with the microcode.
link