Make it easier to re-measure boot integrity #3
SharkPlush
started this conversation in
Ideas
Replies: 1 comment
-
|
I'd rather we reduce the need to remeasure rather than make it too easy If everyones just remeasuring all the time then theres no real security because a compromised system will just have the compromised binaries measured instead |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Currently to re-measure boot integrity after a certain updates you need to open the terminal and type a command which is fine it's not the end of the world.
I think this can be made easier in two ways. This is of course considering if it's even possible?
Have a GUI to re-measure boot integrity. Either an app, or GNOME extension where it adds a button for re-measuring, in the settings app "Privacy & Security" panel for example? Having a link somewhere in the panel or app to the wiki page for re-measuring boot integrity would also be very helpful.
After an update happens where it's needed to re-measure, if possible Aeon should be able to detect that and send a notification to the user that they should re-measure boot integrity. Clicking the notification will bring you to the GUI mentioned earlier.
If the above can't be done, I believe at the minimum that Aeon (or the installer) should have the information about re-measuring boot integrity baked into the system and before the first need for re-measuring boot integrity happens. Instead of having the user find information about it on the wiki after it randomly happens it's just awkward and unexpected.
Beta Was this translation helpful? Give feedback.
All reactions