13·
18 days agoAGPL 😎
Edit: this looks pretty slick, I’ll keep it in mind next time I need a cache
- 0 Posts
- 4 Comments
Joined 2 years ago
Cake day: July 24th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
11·23 days ago“Capitalism creates innovation!”
The innovation:
Well yes, assuming that:
- you trust the hardware manufacturer
- you can install your own keys (i.e. not locked by vendor)
- you secure your bios with a secure password
- you disable usb / network boot
With this you can make your laptop very tamper resistant. It will be basically impossible to tamper with the bootloader while the laptop is off. (e.g install keylogger to get disk-encryption password).
What they can do, is wipe the bios, which will remove your custom keys and will not boot your computer with secure boot enabled.
Something like a supply-side attack is still possible however. (e.g. tricking you into installing a malicious bootloader while the PC is booted)
Always use security in multiple layers, and to think about what you are securing yourself from.
Warning: useless use of cat