Gregory's Server
@AdrianVovk aren't there like, very good critiques of why the centralised approach to secureboot is bad?
|
2 comments
@cas Analogizing to Fedi: a "trusted network" won't eliminate the need for moderators (just like SB w/ wide trust isn't particularly robust without Measured Boot), but it will prevent obvious malicious instances from participating. |
@cas Sure, but it depends on what you're defending against.
Relying only on Secure Boot w/ a wide trust model is definitely something to criticize, because anything in the trust circle can have a vulnerability and break the whole system. Adding Measured Boot into the mix changes the dynamics completely: now SB just acts to prevent outright malware from running, and MB ensures the integrity of the boot chain.
(1/2)