Comment by PunchyHamster

Comment by PunchyHamster 5 days ago

1 reply

View on Hacker News

it doesn't stop remote code injection. Protecting boot path is frankly hardly relevant on server compared to actual threats.

You will get 10000 zero days before you get a single direct attack at hardware

bri3d 5 days ago

The idea is that by protecting boot path you build a platform from which you can attest the content of the application. The goal here is usually that a cloud provider can say “this cryptographic material confirms that we are running the application you sent us and nothing else” or “the cloud application you logged in to matched the one that was audited 1:1 on disk.”

Reply View 0 replies