ikidd@lemmy.world to Linux@lemmy.mlEnglish · edit-213 days agoMicrosoft Proposes "Hornet" Security Module For The Linux Kernellore.kernel.orgexternal-linkmessage-square43fedilinkarrow-up11arrow-down10file-text
arrow-up11arrow-down1external-linkMicrosoft Proposes "Hornet" Security Module For The Linux Kernellore.kernel.orgikidd@lemmy.world to Linux@lemmy.mlEnglish · edit-213 days agomessage-square43fedilinkfile-text
minus-squareozymandias117@lemmy.worldlinkfedilinkEnglisharrow-up0·12 days agoIf the executable binary has to be signed with a key, similar to the module signing key, Microsoft could sign their binaries This, along with secureboot, would prevent the owner of the machine from running eBPF programs Microsoft doesn’t want you to run, even with root
minus-squareMagiilaro@feddit.orglinkfedilinkarrow-up0·12 days agoI fail to see the positive side of that…
minus-squareozymandias117@lemmy.worldlinkfedilinkEnglisharrow-up0·12 days agoI wasn’t trying to give a positive side, I was just explaining why Microsoft wants the feature
minus-squarelumony@lemmings.worldlinkfedilinkEnglisharrow-up0·12 days agoOdds are because there isn’t one. Abusers will always try to justify their abuse by saying their victims “don’t understand” why it’s “necessary.”
minus-squareMagiilaro@feddit.orglinkfedilinkarrow-up0·12 days agoYeah, that’s why I am against Microsoft Keys on my systems
If the executable binary has to be signed with a key, similar to the module signing key, Microsoft could sign their binaries
This, along with secureboot, would prevent the owner of the machine from running eBPF programs Microsoft doesn’t want you to run, even with root
I fail to see the positive side of that…
I wasn’t trying to give a positive side, I was just explaining why Microsoft wants the feature
Odds are because there isn’t one.
Abusers will always try to justify their abuse by saying their victims “don’t understand” why it’s “necessary.”
Yeah, that’s why I am against Microsoft Keys on my systems