[Cryptography] USB 3.0 authentication: market power and DRM?

grarpamp grarpamp at gmail.com
Sun May 22 00:52:28 EDT 2016


On 5/2/16, dj at deadhat.com <dj at deadhat.com> wrote:
> The CA that needs to exist would the the USB-IF.

Who cares what CA exists.
So long as it is *optional* to the user.

Remember SecureBoot...

You can find many motherboards with SecureBoot
that have the Microsoft PK's locked in the BIOS. Best
you can do is 'disable' it and not be 'secure' anymore.

The Linux crowd went apeshit over it, and rightfully so. Then they
dropped to their knees and wrote silly stub loaders and submitted
them to their Microsoft Overlord for signing. They are still submitting
to this scheme today, even though they don't have to...

Because if you look, you can find boards that allow completely
deleting the Microsoft keys and installing and managing your
own in the BIOS, and opensource tools to sign and authorize
your own loaders do exist. Buy those boards instead.

Tech can be useful, but you better fight for, select, and
maintain your private right and control over it.


More information about the cryptography mailing list