[Arm-netbook] Microsoft confirms UEFI fears, locks down ARM devices

Sat Jan 14 19:50:37 GMT 2012

On Sat, Jan 14, 2012 at 6:22 PM, Alain Williams <addw at phcomp.co.uk> wrote:

> That is roughtly what it did all those years ago. I'm not sure if there was
> the ability to refuse to boot if signatures were not verified, but that would
> have been a trivial addition:

well, this time, it's unbreakable.  the boot loader's internal to the CPU,
in a small amount of internal NAND.  there's no access to that; there's
no way to replace it: nothing.

ok, that's not quite true: if you took the plastic case off the CPU,
and you then used laser to cut tracks in the actual silicon itself,
including if necessary doing a complete internal redesign by burning
out the ASIC's circuits and re-laying some new transistors, you'd
be able to bypass the security.

l.