Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/pid_eins/statuses/114635381540220436">Lennart Poettering (pid_eins@mastodon.social)'s status on Thursday, 12-Jun-2025 04:07:50 JST</a><a href="https://mastodon.social/@pid_eins" title="pid_eins@mastodon.social"><img src="https://gnusocial.jp/avatar/92094-48-20230126121211.webp" width="48" height="48" alt="Lennart Poettering" style="position: absolute; left: 0; top: 0;">Lennart Poettering</a><div><a href="https://floss.social/@siosm/114635361043890747" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://floss.social/@siosm">@siosm</a> you definitely need to reboot, to get back into an unbroken chain of trust. Now you have two ways to ensure this works. First of all you physically request the reset early during boot. That's why we have this in the boot menu. Or you ask for the reset from the compromised running system, and then use some form of attestation to validate that the reboot was genuine. The latter is stuff bigger deployments (i.e. companies which actually do attestation) can do, …</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5185694#notice-10172310">In conversation</a><time datetime="2025-06-12T04:07:50+09:00" title="Thursday, 12-Jun-2025 04:07:50 JST">about a month ago</time> <span>from <span><a href="https://gnusocial.jp/notice/10172310" rel="external" title="Sent from gnusocial.jp via ActivityPub">gnusocial.jp</a></span></span><a href="https://gnusocial.jp/notice/10172310">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Lennart Poettering (pid_eins@mastodon.social)'s status on Thursday, 12-Jun-2025 04:07:50 JSTLennart Poettering
in reply to
- Timothée Ravier
@siosm you definitely need to reboot, to get back into an unbroken chain of trust. Now you have two ways to ensure this works. First of all you physically request the reset early during boot. That's why we have this in the boot menu. Or you ask for the reset from the compromised running system, and then use some form of attestation to validate that the reboot was genuine. The latter is stuff bigger deployments (i.e. companies which actually do attestation) can do, …
In conversationabout a month ago from gnusocial.jppermalink

Public

Embed Notice

HTML Code

Corresponding Notice