Linked by Thom Holwerda on Fri 23rd Sep 2011 22:22 UTC, submitted by kragil
Windows The story about how secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog - but didn't take any of the worries away. In fact, Red Hat's Matthew Garrett, who originally broke this story, has some more information - worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
Thread beginning with comment 490820
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[4]: What to do about this...
by Soulbender on Mon 26th Sep 2011 19:20 UTC in reply to "RE[3]: What to do about this..."
Soulbender
Member since:
2005-08-18

device drivers cannot be used ti infiltrate a network.


Because that happen a lot. Or not. Unless you mean like Sony's rootkit but that would not have been stopeed since Sony would have a signed driver...
While we're protecting ourselves from far-fetched and unlikely threats I'd like my computer to survive nuclear winter.

Reply Parent Score: 2

modmans2ndcoming Member since:
2005-11-09

apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so.

Reply Parent Score: 2

Alfman Member since:
2011-01-28

modmans2ndcoming,

"apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so."

This is vague, a citation or at least a manufacturer would be good.

It's true, there are instances of windows drivers being infected, however as far as I know these have all been correctly signed to load under windows.

The windows code signing certificates that are sold to developers tell the windows to trust their code, and tell the user the identity of the developers (with the same caveats faced by SSL certificate authorities). However cryptography offers no features to block malicious code from being signed. Secure boot will not fix this, and can never hope to.

I have no idea which driver malware you are talking about, but unless it involved the bootloader, chances are secure boot would not have made a difference.

Reply Parent Score: 2

Soulbender Member since:
2005-08-18

apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so


Yes I am so please enlighten us. I would expect a mobo manufacturer to already sign the drivers so neither driver signing nor secure boot would protect you from that.

Edited 2011-09-28 19:48 UTC

Reply Parent Score: 2