OpenWrt One / project update
Michael Richardson
mcr+ietf at sandelman.ca
Mon Apr 29 12:04:37 PDT 2024
{sorry for the long delay, been unwell}
Bjørn Mork <bjorn at mork.no> wrote:
> Maybe it is possible to deploy the system with secure boot and a
> protected IDevId key by default, but allowing the user/owner to erase
> the key and disable secure boot? This way all use cases could be
> supported, including playing with the BL2 code etc.
It won't work that way. If someone can easily turn off secure boot, then so can malware.
I hope we can go the other way.
I'm willing to do the legwork, and I can sign an NDA if necessary, and then
communicate what needs to be said.
--
Michael Richardson <mcr+IETF at sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 515 bytes
Desc: not available
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20240429/9e141947/attachment.sig>
More information about the openwrt-devel
mailing list