• HumanPerson@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    1
    ·
    9 months ago

    So if someone breaks into my house and gets access to my device and another device on my network to execute a man in the middle attack, they could bypass secureboot which I don’t use anyway? Because I’m okay with that.

    • Sims@lemmy.ml
      link
      fedilink
      English
      arrow-up
      11
      ·
      9 months ago

      Because I’m okay with that.

      You daredevil you - LIVING ON THE EDGE ! ;-)

  • fl42v@lemmy.ml
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    9 months ago

    Given you need physical access (afaiu), there’s an easier root route: you come with a flash drive that also has shim, boot from it, and do whatever you wanted to do.

    Now if you don’t want whoever to be able to bypass suckure boot, you remove microshit’s keys and install your own ones. Coincidentally, you don’t really need a crutch - that is shim - in that case.

    • ProgrammingSocks@pawb.social
      link
      fedilink
      arrow-up
      11
      ·
      9 months ago

      Every fucking time. “Critical security problem with all Linux machines!!!” Turns out you need physical access and the ability to program tools that don’t exist yet

  • Possibly linux
    link
    fedilink
    English
    arrow-up
    8
    ·
    9 months ago

    The author sounds like they don’t fully understand Linux or how Linux boots.

    Anyone can just boot off of a USB or remove and modify the disk. The really protection for Linux is full disk encryption with a strong password.