Idea: secure boot signing system that lives on your phone. Bootloader updates trigger a Bluetooth communication that requires affirmative consent on your phone and then signs the bootloader with a key that never leaves your phone.
But then you wouldn't want the phone to show a consent dialog, you'd want it to run a reproducible build and create a signature if the build output matches what the distro created, right?
-
-
Like, what information can you display to the user that allows them to make a meaningful choice? "Here's GRUB 1.2.3, with binary hash 0123456789abcdef, and your distro pinky promises that there's no backdoor in here, tap here if that sounds good"?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.