Comment by pseudohadamard

Comment by pseudohadamard 5 days ago

2 replies

View on Hacker News

But what's it attesting? Their byline "Every system starts in a verified state and stays trusted over time" should be "Every system starts in a verified state of 8,000 yet-to-be-discovered vulns and stays in that vulnerable state over time". The figure is made up but see for example https://tuxcare.com/blog/the-linux-kernel-cve-flood-continue.... So what you're attesting is that all the bugs are still present, not that the system is actually secure.

chris_wot 5 days ago

Well, if a rootkit gets installed later, attention might be handy? Or am I missing something?

Reply View 1 reply
  • direwolf20 4 days ago

    It comes rootkitted from the factory, and if you remove the rootkit, the device stops working.

    Reply View 0 replies