Hacker News new | ask | show | jobs
by naasking 245 days ago
> If you want to be able to prevent root kits you need secure boot

I think this is very misleading. Secure boot was a response to the poor security of commodity operating systems which allowed programs easy access to make low-level system modifications. In other words, the poor security models of commodity operating systems was the actual cause that allowed rootkits to spread and become a major threat that required mitigation.

In an alternate world in which operating systems enforced least privilege on all programs, the likelihood of a rootkit spreading would be orders of magnitude smaller, almost not even worth mentioning. The motivation for secure boot in this world is really only to prevent supply chain attacks, which can also be solved by just buying hardware from reputable companies. Secure boot arguably would not have been created in this world, thus avoiding the new dangers inherent to it.
1 comments
hollerith 245 days ago
Yes, but when an individual hacker needs a secure computer and is deciding which computer to buy, it does him no good to tell him that if the whole industry had evolved in a more convenient way over the last 4 decades, he would have been able to avoid secure boot: in the actual world, the only user-facing computers on the market with decent security use secure boot to help deliver that decent security where "user-facing" means "used to browse the web and maybe other things".

Also remote attestation has pro-social uses. Without it, photographs will soon become useless as evidence because soon there will be no way to distinguish a photo of a real scene from the output of generative AI.

link
naasking 245 days ago
My point is that secure boot isn't the only way forward, and depending on your circumstances, a foundation built on something like seL4 could suffice for particular applications. And it doesn't even require a whole new OS or foundation like seL4, even Windows has the right core primitives if they're used in the right way [1]. And that work was from 2005, not 40 years ago, but still long before any of this really became an issue.

[1] https://cacm.acm.org/research/polaris-2/

link
fsflover 244 days ago
Coreboot with Heads exists and works fine for me with Qubes OS. So it's not a hypothetical.
link
hollerith 244 days ago
Coreboot with Heads and Qubes prevents malware that has inserted itself into the firmware of your ethernet driver, keyboard or block-storage device from modifying your software?
link
fsflover 244 days ago
Yes? Qubes provides compartmentalization for the hardware you listed.
link