Comment by usr1106

Comment by usr1106 8 days ago

8 replies

View on Hacker News

That grub has security vulnerabities does not surprise me, it's just too big. That's why Lennart recommends systemd-boot. (Incidently a Microsoft employee, but I have no information that he would have been involved in these discoveries.) U-boot again is typical embedded software, a field generally known more for hacks than strict programming practices. So I cannot say I would be shocked. That said, I would be surprised if systemd-boot or Microsoft's loader had zero vulnerabilities hiding somewhere.

When does Microsoft open their source for searching vulnerabilities?

FirmwareBurner 8 days ago

>That's why Lennart recommends systemd-boot.

The creator of SystemD recommends systemd-boot? Seems legit and unbiased.

Reply View 6 replies
  • ahartmetz 8 days ago

    There is probably an overlong yet superficial, easy to read post on his blog about it.

    Reply View 0 replies
  • onli 8 days ago

    Yeah, and because grub is too big. Says systemd, of all places.

    Reply View 4 replies
    • jonathanstrange 8 days ago

      Pulseaudio still doesn't work reliably.

      Reply View 2 replies
      • bayindirh 8 days ago

        I think Pipewire has completely replaced Pulseaudio where it matters.

        Reply View 1 reply
        • ahartmetz 8 days ago

          Yes, PulseAudio works great since it's actually PipeWire.

          Reply View 0 replies
    • otterley 8 days ago

      systemd-boot is much smaller than grub.

      Reply View 0 replies
bayindirh 8 days ago

GRUB is too big? Maybe because it's 30 years old and can boot at least 11 architectures.

...and what systemd-boot is? A UEFI only boot menu which gets its data from UEFI only.

I mean comparing two different things and claiming the more featured one too big is mental gymnastics to put it politely.

GRUB having vulnerabilities is not surprising, esp. when the thing is written at an age where computers were completely different things, programming and requirements wise, but insinuating that systemd-boot is the ultimate replacement is, eh, a bit underhanded. Esp. when it comes from Lennart, whose systemd is too big and encompassing for an init system.

It's the pot calling the kettle black, heh.

Reply View 0 replies