On Sep 23, 2011 5:34 AM, "Craig Sanders" <cas@taz.net.au> wrote:
On Thu, Sep 22, 2011 at 08:52:35PM -0700, Daniel Pittman wrote:
So, the biggest advantage is that it does work against all those attacks that compromise the kernel and/or drivers to get into the kernel after a restart. Which, indeed, is where many of the "root kit" tools hit, on Windows.
so the "solution" is to prevent installation of competing operating systems that don't have the security flaws that allow malware to compromise the kernel? or the BIOS.
Not really, no, given that nothing requires that as written. It *might* be a side-effect, or might not, depending on what the vendors implementing this do. Also, unrealistic claims (like, oh, that Linux is immune to kernel level compromise, or that it prevents firmware updates) are not super convincing. Our one item deep pool of evidence suggests that Linux is not *yet* subject to this attack, but as the saying goes, the attack never gets *worse*... (IIRC, it was award that you could flash the bios of first; LinuxBIOS certainly have the tools.)
wonderful. makes perfect sense.
It is one possible outcome, but I don't think it is entirely likely. More probable, I think, is that many vendors will allow Linux in some way, while the "hardware bundle" system where you get, for example, a desktop with Windows "small business edition" for free will end up mostly locked down. Will it be overall worse for Linux? Maybe, but I doubt it will be substantially worse than the current driver problems are. Having a second problem like that sucks, but it is hardly the breathless end-of-the-world you are suggesting. Daniel