roots/wiki
1
0
Fork 0
mirror of https://github.com/PhyllomeOS/wiki.git synced 2024-10-01 03:25:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: update phyllomeos/comparaison

Browse Source
This commit is contained in:
lukas 2022-01-07 10:56:50 +00:00
parent 4626ee1493
commit f06a19c1cf
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
phyllomeos/comparaison.md
View File

@ -2,7 +2,7 @@
title: Comparaison
description:
published: true
date: 2022-01-07T10:39:15.878Z
date: 2022-01-07T10:56:47.689Z
tags:
editor: markdown
dateCreated: 2022-01-07T10:39:15.878Z
@ -41,3 +41,7 @@ This table is not meant to be clear-cut, or definitive.
[^2]: A common pain point for Linux security are desktop environments (DE), which have a limited user base scattered across many different DE: there is a lot of complexity due to adding desktop environments atop the Linux kernel and its associated tools. Simple bugs might still lurk in the codebase for a long time. See for instance [*Is the Linux desktop less secure than Windows 10: Or how super mario music can own your system* (PDF)](https://archive.fosdem.org/2017/schedule/event/linux_desktop_versus_windows10/attachments/slides/1730/export/events/attachments/linux_desktop_versus_windows10/slides/1730/fosdem_linux_desktop_security.pdf), by M.Hanno Böck (2017).
[^3]: Take for instance the boot process, or before an operating system effectively takes control over the hardware. Major operating systems editors that are working directly with OEM integrators have a distinct advantage over editors that aren't: these major editors have almost unlimited resources, sometimes almost perfect control over hardware, and can therefore tame the underlying hardware, effectively controlling, measuring and attesting the entire boot process. To implement a user-backed root of trust on a particular hardware platform, one would need to take several extra measures, relying on something like [Heads](https://github.com/osresearch/heads) which, among other things, involves physically flashing a more open firmware to a motherboard, a complicated process. Fortunately, some hardware integrators like [Purism](https://puri.sm/) or [System76](https://system76.com/) are backing security measures straight into hardware platforms, while at the same time respecting user freedom.
---
*[Go back one level](/phyllomeos/)*