Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://chaos.social/users/agowa338/statuses/114635723860418542">Klaus Frank (agowa338@chaos.social)'s status on Thursday, 12-Jun-2025 04:07:47 JST</a><a href="https://chaos.social/@agowa338" title="agowa338@chaos.social"><img src="https://gnusocial.jp/avatar/161170-48-20240513030312.webp" width="48" height="48" alt="Klaus Frank" style="position: absolute; left: 0; top: 0;">Klaus Frank</a><div><a href="https://gnusocial.jp/notice/10172319" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/252638" title="siosm@floss.social">Timothée Ravier</a></li></ul></div></section><article><p><a href="https://mastodon.social/@pid_eins">@pid_eins</a> <a href="https://floss.social/@siosm">@siosm</a> </p><p>to be frank I just don't want to think about how trustworthy it is and just dump the entire state into the trash.</p><p>You're making things way more complicated than they should have to be.<br>Now one actually needs to check if the chain of trust is still valid or if the attacker was able to just use e.g. some exploit to disable secure boot (or it may not even have been enabled to begin with) or re-signed parts of the trustchain using and so on...</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5185703#notice-10172320">In conversation</a><time datetime="2025-06-12T04:07:47+09:00" title="Thursday, 12-Jun-2025 04:07:47 JST">about 12 days ago</time> <span>from <span><a href="https://chaos.social/@agowa338/114635723860418542" rel="external" title="Sent from chaos.social via ActivityPub">chaos.social</a></span></span><a href="https://chaos.social/@agowa338/114635723860418542">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Klaus Frank (agowa338@chaos.social)'s status on Thursday, 12-Jun-2025 04:07:47 JSTKlaus Frank
in reply to
- Lennart Poettering
- Timothée Ravier
@pid_eins @siosm
to be frank I just don't want to think about how trustworthy it is and just dump the entire state into the trash.
You're making things way more complicated than they should have to be.
Now one actually needs to check if the chain of trust is still valid or if the attacker was able to just use e.g. some exploit to disable secure boot (or it may not even have been enabled to begin with) or re-signed parts of the trustchain using and so on...
In conversationabout 12 days ago from chaos.socialpermalink

Public

Embed Notice

HTML Code

Corresponding Notice