Hacker News new | ask | show | jobs
by JCattheATM 374 days ago
You could still have that with UEFI though.
1 comments
fsflover 374 days ago
But not with Secure Boot AFAIK.
link
JCattheATM 374 days ago
Well, yeah, you could, that was the point of my comment.

Coreboot supports secure boot, so why isn't that sufficient?

link
fsflover 374 days ago
Secure Boot is closed and not auditable.
link
JCattheATM 374 days ago
Not so, the reference implementation is open source and incorporated into Coreboot, for a long time now.
link
fsflover 374 days ago
The reference implementation is not the same as knowing which code runs on "your" hardware and having all keys from "your" hardware. If you are protected by a steel door but you don't have the keys, you are not safe, you are imprisoned.
link
JCattheATM 373 days ago
This seems like a ridiculous argument. There is a fully source open source secure boot implementation, that if you have concerns about it you can fully audit, just as you can fully audit your current setup if you wanted to - but almost certainly have not.
link