Re: [GIT PULL] Load keys from signed PE binaries

From: Theodore Ts'o
Date: Wed Feb 27 2013 - 13:00:05 EST

On Wed, Feb 27, 2013 at 11:36:09AM -0600, Chris Friesen wrote:
> ...
> At this point you've got a running infected Win8 install that is
> running on Secure Boot hardware but is actually running malware.
> Admittedly this would be tricky to do reliably in a way that the
> user doesn't notice, so it may not actually be a real-world threat.

That's another thing which is extraordinarily vague. What counts as
"user doesn't notice"? If a whole bunch of kernel messages scroll by,
is that enough? What if a Penguin jpg shows up for a minimum 5
seconds? 15 seconds? 30 seconds?

- Ted

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at