I don't know about executable signing, but in the embedded world SecureBoot is also used to ser...

astrobe_ • today at 4:54 PM • 6 replies • view on HN

I don't know about executable signing, but in the embedded world SecureBoot is also used to serve the customer; id est provide guarantees to the customer that the firmware of the device they receive has not been tampered with at some point in the supply chain.

Replies

201984 • today at 5:02 PM

And what if that customer wants to run their own firmware, ie after the manufacturer goes out of business? "Security" in this case conveniently prevente that.

➕ show 4 replies

tosti • today at 5:19 PM

Computers should abide by their owners. Any computer not doing that is broken.

➕ show 3 replies

Galanwe • today at 6:06 PM

> id est provide guarantees to the customer that the firmware of the device they receive has not been tampered with

The firmware of the device being a binary blob for the most part... Not like I trust it to begin with.

Whereas my open source Linux distribution requires me to disables SecureBoot.

What a world.

➕ show 2 replies

mort96 • today at 6:03 PM

It's to serve the regulators. The Radio Equipment Directive essentially requires the use of secure boot fir new devices.

➕ show 1 reply

PunchyHamster • today at 7:05 PM

well, unless govt tells MS to tamper it

alt Hacker News

Replies