Hacker News new | ask | show | jobs
by ahepp 144 days ago
https://0pointer.net/blog/authenticated-boot-and-disk-encryp...

Yes, system data should be locked to the system with a TPM. That way your system can refuse to boot if it's been modified to steal your user secrets.
2 comments
blueflow 144 days ago
... and it will also refuse to boot if it has been modified by the user.

Preventing this was the reason we had free software in the first place.

link
ahepp 143 days ago
Increasing security for the system owner will necessarily decrease the ability of others to modify the system in ways the owner doesn't like.
link
blueflow 143 days ago
With "owner" not being the legal owner, but Microsoft.
link
microthief 144 days ago
And if Linux$oft suddenly decides every user's system needs a backdoor or that every system mus automatically phone home with your entire browsing data, then, well, too bad, so sad of course!

Jesus.

link
ahepp 143 days ago
Unless you're one of the 0.00000000001% of humans using a farm-to-table laptop with coreboot, what's stopping that from happening today?
link
0dayz 144 days ago
How exactly would this happen.
link