Agreed there is a point where one has to instill trust in some entity. That said, cpu microcode is miles away from trust the blob that initializes the system hardware. You can get a secured boot for your kernel, but aside from that there isn't much guaranteed.
As for my original question: your biggest concern with chromebooks is the high barrier for replacing keys so that self-signed kernels can be used?
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: Everything that glitters isn't Secure Boot
Date: 2013-02-06 07:13 pm (UTC)As for my original question: your biggest concern with chromebooks is the high barrier for replacing keys so that self-signed kernels can be used?