Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://freesoftwareextremist.com/objects/2e5b0c51-1c1d-4cd5-97d2-b1f17b262dd8">翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Monday, 21-Aug-2023 22:46:52 JST</a><a href="https://freesoftwareextremist.com/users/Suiseiseki" title="suiseiseki@freesoftwareextremist.com"><img src="https://gnusocial.jp/avatar/789-48-20220724040913.webp" width="48" height="48" alt="翠星石" style="position: absolute; left: 0; top: 0;">翠星石</a><div><a href="https://freesoftwareextremist.com/objects/ba1bbcd5-9c35-47a5-a233-6d0f69e08ce2" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/147450" title="niggy@poa.st">:niggy:</a></li></ul></div></section><article><a href="https://poa.st/users/niggy">@niggy</a> I can't believe it took me this long to figure it out.<br><br>I am 100% confident that all UEFI signing schemes are 100% compromised by the NSA and/or other intelligence agencies, as bypassing Intel boot guard or secure boot etc is as easy as paying such companies a few million for the signing keys to get them to hand them over, or cracking into the relevant computers and extracting the keys (only mildly difficult for the NSA to pull off).<br><br>I would suggest relying on free software signing schemes with keys that you control, over proprietary software signing schemes with keys controlled by the NSA and ?? other parties.</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/1972806#notice-3874779">In conversation</a><time datetime="2023-08-21T22:46:52+09:00" title="Monday, 21-Aug-2023 22:46:52 JST">about a year ago</time> <span>from <span><a href="https://freesoftwareextremist.com/objects/2e5b0c51-1c1d-4cd5-97d2-b1f17b262dd8" rel="external" title="Sent from freesoftwareextremist.com via ActivityPub">freesoftwareextremist.com</a></span></span><a href="https://freesoftwareextremist.com/objects/2e5b0c51-1c1d-4cd5-97d2-b1f17b262dd8">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Monday, 21-Aug-2023 22:46:52 JST翠星石
in reply to
- 翠星石
- :niggy:
@niggy I can't believe it took me this long to figure it out.

I am 100% confident that all UEFI signing schemes are 100% compromised by the NSA and/or other intelligence agencies, as bypassing Intel boot guard or secure boot etc is as easy as paying such companies a few million for the signing keys to get them to hand them over, or cracking into the relevant computers and extracting the keys (only mildly difficult for the NSA to pull off).

I would suggest relying on free software signing schemes with keys that you control, over proprietary software signing schemes with keys controlled by the NSA and ?? other parties.
In conversationabout a year ago from freesoftwareextremist.compermalink

Public

Embed Notice

HTML Code

Corresponding Notice