Of course the argument about compromised code reaches to the heart of the argument: the integrity of the keys.
Sooner or later sombody will leak, steal or break the signing keys. The malware authors have a strong economic incentive to try this, whether by technical means or social engineering.
Once the signing keys are compromised (and it is an absolute certainty that they will be at some point) then we are all worse off, as the malware author can now craft a trusted bootloader that we cannot reject.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Key compromises
Date: 2011-09-24 02:49 pm (UTC)Sooner or later sombody will leak, steal or break the signing keys. The malware authors have a strong economic incentive to try this, whether by technical means or social engineering.
Once the signing keys are compromised (and it is an absolute certainty that they will be at some point) then we are all worse off, as the malware author can now craft a trusted bootloader that we cannot reject.