Guaranteeing running code is signed

Krzysztof Halasa khc at pm.waw.pl
Wed May 13 20:15:12 UTC 2009


Matthew Woehlke <mw_triad at users.sourceforge.net> writes:

> Indeed. (I've read stuff about military testing microchips to verify
> that the circuitry is correct. Forget flash, eeprom, even rom; do you
> trust the fab plant that built your CPU?)

In this case all users would equally be affected (and are, who knows how
many unknown bugs the CPU has), but the chance of someone using an
unknown CPU bug to break into a particular system is really small.

OTOH, a chance that someone who already broke into a system will do that
again (with flash ROMs etc. especially modified for this purpose during
the first break-in) may be considerable.
-- 
Krzysztof Halasa




More information about the fedora-devel-list mailing list