Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why do you trust a closed down chip like TPM, why do you trust secure-boot when the only time it's verifying the kernel is at boot time? Why trust something like IntelME? Why trust something like a proprietary UEFI?


I don't trust anyone, especially boot drives that have been exposed to the internet. That's why I would like a system of trust between my hardware components until the OS takes over. Why do you trust your boot drive?


>Why do you trust your boot drive?

Because HIDS with my own signed hash database and hids-exec.

But i cannot scan/proof what the UEFI TPM IntelME makes.


> Why do you trust

Because most of the industry does, and companies have little choice in the matter. That's the power (and the convenience) of a monopoly. For your small-scale setup at home you are free to do as you wish (you can even use a RaspberryPi or whatever, although in such cases you are dealing with at least partially closed-source hardware anyway).


>Because most of the industry does

That's a pretty bad comparison in a time when every day 100's of "industry's" get ransomware'd.

>That's the power (and the convenience) of a monopoly.

No that's the week point and inconvenience of every brand monopoly.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: