Comment by fc417fc802
5 hours ago
I want an equivalent of boot guard that I hold the keys to. Presented only with a binary choice certainly having boot guard is better than not having it if physical device security is in question. But that ought to be a false dichotomy. Regulation has failed us here.
that defeats the point, having the "keys" allows malicious actors to perform the same kind of attacks... trust is protected by trusted companies...
certificate companies sell trust, not certificates.