What other "trustable" things are "untrustable"?
Only all of them ...
tpm.fail/

@theruran @thegibson @yojimbo And now people know why I don't / won't support things like secure boot and such on the Kestrel. The only security possible is utter transparency and the willingness to periodically check your code. Impractical? Maybe. But, so is 6 MIPS performance these days, so who cares?

Not that I will prevent others from forking and/or porting their own implementations. But me? Nope. Not gonna happen.

@vertigo @theruran @thegibson @yojimbo Not that secure boot is necessarily a panacea, but check your code... how, exactly? And how do you catch some malicious firmware change before it ransomwares you or leaks all your secrets? One of the things secure boot tries to do is to check the code on every boot to make sure your computer is running the code you (or MS and Intel usually) think it is.

@freakazoid @vertigo @theruran @yojimbo

The entire world must move to some form of EDR.

Our best defense is protecting from these attacks by dynamically stop malicious code execution by pattern recognition.

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.