You’d think at some point they would learn their lesson but they seem to love footing the bill.
henfredemars
joined 1 year ago
I thought I was told just a year or two ago it was supposed to be the future of manufacturing.
It is highly unlikely that you have malware sophisticated enough to do something like compromise installation media (already exceedingly rare) yet not sophisticated enough to bypass secure boot.
The purpose of secure boot is to verify that the boot loader and kernel are approved by the manufacturer (or friends of such). There are certainly ways to inject software into a system that doesn’t reside in those locations. It just makes boot sector viruses and kernel mode rootkits slightly more technically challenging to write when you can’t simply modify those parts of the operating system directly. If malware gets root on your installation it’s game over whether or not you have secure boot enabled. Much of the software on a computer is none of those things protected by secure boot.
Plus, take another wager: most systems today ship with secure boot enabled. If you were a malware author, would you still be writing malware that needs secure boot turned off to run? Of course not! You would focus on the most common system you can to maximize impact. Thus, boot sector viruses are mostly lost to time. Malware authors moved on.
Overall, it’s a pretty inconsequential feature born of good intentions but practically speaking malware still exists in spite of it. It’s unlikely to matter to any malware you would find in the wild today. Secure boot keys get leaked. You can still get malware in your applications. Some malware even brings its own vulnerable drivers to punch into the kernel anyway and laugh in the face of your secure boot mitigation. The only thing secure boot can actually do when it works is to ensure that on the disk the boot loader and kernel look legit. I guess it kind of helps in theory.
This is good advice in general. Think of it like penetration testing. You really should verify what you can actually access remotely on a device and not assume you have any level of protection until you’ve tried it.
Log files can also contain signs of attack like password guessing. You should review these on a regular basis.
No. You will get scammed with zero recourse.
This again! Are you trying to program this image into my long term memory?
I was hoping for FreeBSD.
Is this related to the ermm convention going on right now in Orlando?
This is awesome! I didn’t know this was a thing.
Polling? I don’t even know what that word means. I only know Vote!
Datums
Can we please stop with the privitization? It's absolutely not been working out very well for the people.