|
|
|
|
|
|
by fsflover
48 days ago
|
|
|
@TommyTran732, you are going to a great length to downplay everything about devices/companies promoting freedom, including Librem 5, Purism, and laptops with Heads. And you are promoting proprietary staff instead. This looks like trolling or astroturfing. For observers, here is the actual quote from the heads developer, not in the (incorrect) interpretation of TommyTran732: As I pointed before @TommyTran732 and to anyone thinking compromising measured boot is trivial, I layed down the tooling for anyone wanting to further protection / prove measured boot not enough to understand and break it once and for all under WiP: introspection - replicate TPM PCRs measurements directly from measured content (TCPA/TPM Event log) by tlaurion · Pull Request #1568 · linuxboot/heads · GitHub Just use it for the bad to faster the development of something good/better. Until then, it was proven non trivial. https://forum.qubes-os.org/t/discussion-on-purism/2627/187 |
|
|
The actual admission (requires a login): https://forum.qubes-os.org/t/how-exactly-is-heads-pureboot-s...
His words, not mine:
> The goal of Heads is to bring reasonably trustworthy firmware on reasonably open platforms to boot reasonably secure OS, enforcing best effort user controlled atteststion, compartmentalization and prevention. Never is it written anywhere that the firmware is tampering resistant or tampering proof: we lack open source implementation in hardware to have root of trust in hardware. Heads is best approach on what is available, the anchor of trust being in the bootblock, not in hardware. The chain of trust lies there. Of course an evil maid could craft a firmware that would lie about its measurements in the bootblock, raminit, romstage and the payload. But as today, no PoC has even been made public, showing it being actoinnable, and by nature of TPM extend operations is nothing easy to realize, while possible.
I am just gonna highlight the critical part here one more time, since I sent you the same thing before and you didn't read:
> *Of course an evil maid could craft a firmware that would lie about its measurements in the bootblock, raminit, romstage and the payload.*
Yeah, I wouldn't call heads "best approach on what is available" and I do think Boot Guard is better, but at least he is honest about the actual mechanism and the very obvious attack vector.