DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 28th October 2022
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default Microsoft's Lennart Poettering proposes tightening up Linux boot process

From https://www.theregister.com/2022/10/...ft_poettering/

Quote:
Lennart Poettering's latest blog post proposes moving the Linux boot process into a "Brave New Trusted Boot World" of cryptographically signed Unified Kernel Images.

Agent Poettering offers a mechanism for tightening up the security of the system startup process on Linux machines, using TPM 2.0 hardware. In brief, what he sees as the problem is that on hardware with Secure Boot enabled, while the boot process up to and including the kernel is signed, the next step, loading the initrd, is not. That's what he wants to fix.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 28th October 2022
Head_on_a_Stick's Avatar
Head_on_a_Stick Head_on_a_Stick is offline
Real Name: Matthew
Bitchy Nerd Elitist
 
Join Date: Dec 2015
Location: London
Posts: 461
Default

That article is unnecessarily sensationalist IMO. "Agent P", really?

As a counterpoint I would observe that I've been booting using unified kernel images signed with my own SecureBoot key for a while now. I've removed the Microsoft SecureBoot keys so the machine will not boot Windows with SecureBoot enabled.

Guide here for any Linux users: https://www.rodsbooks.com/efi-bootlo...olling-sb.html

And here's an overview of unified kernel images: https://uapi-group.org/specification..._kernel_image/
Reply With Quote
  #3   (View Single Post)  
Old 29th October 2022
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Quote:
Originally Posted by Head_on_a_Stick View Post
That article is unnecessarily sensationalist IMO. "Agent P", really?
It's The Register; they've always had a snarky style like this about pretty much anything and anyone. You can love or hate it.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #4   (View Single Post)  
Old 31st October 2022
blackhole's Avatar
blackhole blackhole is offline
Spam Deminer
 
Join Date: Mar 2014
Posts: 316
Default

"First they came for the init system,
And I did not speak out
Because I did not care about the init system
Then they came for the device manager,
And I did not speak out
Because I did not care about the device manager
Then they came for the initrd..."
Reply With Quote
  #5   (View Single Post)  
Old 3rd November 2022
bhyeti bhyeti is offline
Real Name: Darren Breidigan
New User
 
Join Date: Apr 2015
Location: Cleveland,Tennessee
Posts: 2
Default

Lennart Poettering :

Mister SystemD works for Microsoft? Really....?
Reply With Quote
  #6   (View Single Post)  
Old 3rd November 2022
hitest's Avatar
hitest hitest is offline
Real Name: George Nielsen
VPN Cryptographer
 
Join Date: Sep 2008
Location: B.C., Canada
Posts: 373
Default

Quote:
Originally Posted by bhyeti View Post
Lennart Poettering :

Mister SystemD works for Microsoft? Really....?
Yep. After messing up Red Hat and Linux in general his work is done. Onto M$. Heh.
__________________
hitest
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The linker starts at the boot process. Zielonykid123 OpenBSD General 2 7th May 2022 11:24 AM
Linux Foundation struggles with Microsoft's Secure Boot signing service J65nko News 0 21st November 2012 08:44 PM
Other CODE QUOTE: Lennart Poettering vermaden News 13 12th March 2011 08:25 PM
Loader, MBR and the boot process Jago FreeBSD Installation and Upgrading 1 22nd January 2010 04:52 AM
Daemon Process not starting on boot map7 FreeBSD General 4 11th September 2008 04:24 PM


All times are GMT. The time now is 06:20 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick