If the end user can arbitrarily sign code themselves that is bootable then it kind of defeats the purpose of secure boot.
They can & it doesn’t. They can change the platform key to become the platform owner & control the public keys they keep in the code signing databases. Secure Boot gives the platform owner control over authorized code signers of boot processes.
That’s true today, but there’s no guarantee it will be true in the future.
It’s in the specification.
The platform key establishes a trust relationship between the platform owner and the platform firmware. The platform owner enrolls the public half of the key (PKpub) into the platform firmware. The platform owner can later use the private half of the key (PKpriv) to change platform ownership or to enroll a Key Exchange Key. See “Enrolling The Platform Key” and “Clearing The Platform Key” for more information.
The platform owner clears the public half of the Platform Key (PKpub) by deleting the Platform Key variable using UEFI Runtime Service SetVariable(). The data buffer submitted to the SetVariable() must be signed with the current PKpriv - see Variable Services for details. The name and GUID of the Platform Key variable are specified in Globally Defined Variables. The platform key may also be cleared using a secure platform-specific method. When the platform key is cleared, the global variable SetupMode must also be updated to 1.
It’s a matter of clearing the platform key & enrolling your own platform key. I’ve done this before.
Typically, computers with Secure Boot let us clear the platform key from the boot menu. (You can choose to purchase only those that do.) Some computer vendors ship Secure Boot in setup mode or let the customer provide public keys to ship preloaded.
Secure Boot has always been for enabling the owner to enforce integrity of the boot process through cryptographic signatures. Linus Torvalds thought the feature makes sense.
Linus: I actually think secure boot makes a lot of sense. I think we should sign our modules. I think we should use the technology to do cryptographic signatures to add security; and at the same time inside the open source community this is so unpopular that people haven’t really worked on it.
It’s true that secure boot can be used for horribly, horribly bad things but using that as an argument against its existence at all is I think a bit naive and not necessarily right. Because if you do things right then it’s a really good thing. I would like my own machine to have the option to not boot any kernel, or boot loader, that is not signed by this signature.
he repeatedly used technicalities and weaseley language to refuse to admit it
see
Yet, Mosseri repeatedly said he was not an expert in addiction in response to Lanier’s questioning.
Even if a nonexpert claims something is clinical addiction, they’re a nonexpert & their word is meaningless. For a credible statement, they’ll need to admit relevant evidence instead of ask a nonexpert.
Imagine being asked for a medical diagnosis when you’re not a qualified physician. It’s perfectly fair to point out you’re not an expert on the matter & point out your awareness of distinctions between imprecise conventional language & precise, scientific definitions.
No one is obligated to volunteer dubious claims to antagonize themselves on the stand just because you want them to.
This is sensationalist BS and I dearly want this platform to be better than that.
This platform loves sensationalism. Same with other platforms.
It’s an atrocious, pointlessly complicated system resulting in convoluted project histories prone to confusion. Trunk-based development with sensible tags of releases & hotfixes achieves the same thing without the junk complexity. Git flow isn’t overkill, it’s just ill-conceived.
Seems like these failures suing them & demanding government paternalism
don’t know how to effectively limit access/use parental controls as tech CEO’s claim to do.