... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.misc

General topics about computers not cover

21,759 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 21,277 of 21,759

Scott Dorsey to dnomhcir@gmx.com

Re: Microsoft's Secure Boot UEFI Bootloa

28 Jul 25 15:21:55

   From: kludge@panix.com   

   In article <86h5ywi9q3.fsf@example.com>, Richmond   wrote:   
   >I checked with my favourite AI which agreed with you, saying that   
   >malware can get into firmware or in through other weaknesses. But I   
   >wonder why encryption would prevent that, as if malware got in through   
   >ssh or through a web browser, then the disk would be decrypted in the   
   >same way as for a legitimate user.   

   Your favorite AI is missing some of the point.   

   If you have device encryption enabled, then when your laptop is stolen   
   from your car or house the bad guys won't be able to read what is on   
   the disk.   

   Whether or not secure boot is enabled, they won't be able to read what   
   is on the disk.  So disk encryption is actually useful in some   
   applications.   

   Secure boot will prevent the system from booting without a boot password,   
   so without the boot password they won't be able to boot the machine and   
   try to guess your login password.  It's really just a matter of passwording   
   the machine as well as the disk and it's not really that useful.   

   Secure boot will in fact prevent bad people with physical access from   
   making changes to the bios firmware, but that is a relatively small risk.   
   --scott   
   --   
   "C'est un Nagra. C'est suisse, et tres, tres precis."   

   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]