Hacker Read top | best | new | newcomments | leaders | about | bookmarklet login

> That's not a great idea security-wise.

Unfortunately, a computer that doesn't do whatever you need it to do is useless, regardless of how "secure" it is.



sort by: page size:

> The sensible alternative is to not enable this functionality at all.

Far too many people seem to think the solution to security problems to ignore security and only consider the features you want.

This is such a bad idea that I'm starting to question the motives behind it. If I wanted to break the security of an important class of software, it would look something like this "standard".

> USB security is a joke

Most hardware security - USB or otherwise - doesn't exist. Local peripherals were never designed with security in mind.


> How do you secure your Windows PC?

By disconnecting it from the internet. Otherwise it is almost impossible to secure.


> "In addition it's probably a good idea for Secure Boot to be enabled for the average user if you can."

That's a hard pass for me.


> And what exactly do you call a machine that you are, by design, cryptographically locked out of, but a third party has access to?

Not a perfect solution, but such a problem can be mitigated by a firewall that blocks such ingoing/outgoing packets.

> I'm playing devils advocate here, but fundamentally if you don't care about actually controlling or being able to modify something, and pricing is cheaper to rent, why own?

Since I love to tinker with my computers, the answer is obvious to me.


> I need to be able to access them to secure them

If they are using md5 ssl certs, it's unlikely securing them is possible. I wouldn't be surprised if there are a dozen or more security vulns in such outdated devices.


>Yeah, it seems like this would have to be accomplished with a Management Engine application or something of the sort, otherwise probably easy to circumvent.

The correct solution to this is secureboot. No need for ME shenanigans.


> There is absolutely no reason to do that using hardware. Build an online portal where users can upload images and then check them yourself before offering them as background choices.

Doesn't that just move the threat surface? Now instead of having to convince end users to put something on a USB stick, you have to try a password dump against your interface.


> Are there any key limitations?

It's slow, you would not want any part of your program that isn't security critical using it.


> There's no purpose to Secure Boot if I can just put your hard drive in a different computer without Secure Boot.

There are scenarios where you can't take the hard drive out (evil maid attacks, public computers, ...).

But regardless, you are attacking SecureBoot with an argument against full disk encryption.


> I don't understand why anyone who actually cares about security uses Bitlocker, and not one of the systems that ask for a password before booting Windows.

Bitlocker also supports using a password at boot.


> And they are single purpose devices that don't run arbitrary code nor accept arbitrary input.

But be careful designing firmware upgrades though. Also I really don't see what kind of attack it prevents when you have a trusted keyboard and display but otherwise compromised OS.


>It's safer to have it assume that everyone flashing it is an attacker

In other words: "let's put everyone in jail because someone might be a thief", I find this way of thinking to be moronic. I wonder how an attacker could get physical access to a machine, disassemble it and flash without getting detected. Plus, if I already have physical access to the machine and plenty of time to execute such an attack, why not just grab the drive?

I hate this trend of forcing users to run nonsense programs in order to use their devices, like Windows 11 forcing you to have a Microsoft account during the installation process.


> Wouldn't you prefer that this data only be able to be decrypted by a computer that can prove to the world it booted a clean OS image with all the latest security patches installed?

Yeah, because transferring that data into another machine is an impossible task.

That's the stupidest argument I heard today...


> But UAC is not built into the motherboard, it's just a part of modern Windows, and it's only a factor when running Windows.

Yes, this is why I don't put a lot of thought into UAC stuff -- the only place I use Windows is at my job, where it's required.

Which means that SecureBoot is an even greater worry for me.


> If someone has physical access to your computer with secure documents present, it’s game over!

Err, why? Is AES encryption not sufficient? And the key is secure in my head - not something someone could steal.

So, why is this even a thing?


> ... with Chromebook is interesting: security.

If you take away the keys to my home I will not feel more secure, nor be more secure - I will be more ignorant about security, that's it. The same applies here.


> It seems to add a lot of complexity, and offers no real world usecases.

As sad as it is, there is one use case: DRM and other forms of device integrity attestations.


> Maybe this will wake people up to only using open source operating systems.

OS security has limited impact when other subsystems, not in control of the OS, run on the device.


> Would you feel safe picking up a random USB drive and running the programs on it?

Sure, why not? Just don't run it on the same computer that you access your sensitive data on. Given that you can buy a fully functional and tinker-friendly computer for like 20 bucks, this seems like a pretty straightforward solution.

next

Legal | privacy