I agree that an attacker that could get a beachhead inside a hardware/os provider and sneak in a vuln into source control that isnt caught via code review and other means could create a back door that would get signed.
I don't know if CA compromise is more common than build server compromise, I think it might be close. I agree it's different, but the point is both would be good enough to defeat FDE, do we agree on that?
-
-
I don’t think so; you seem to be operating on a misconception of how these systems work today; I’m happy to agree that if they reduced the security of of these keys and their use to match your understanding then yes.
-
I’m also happy to say that keys used for authenticating patches, loaders and other sensitive components are atleast if not more important that CA keys.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

to
.