From owner-freebsd-questions@freebsd.org Sun Sep 20 02:52:39 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6189C3F8F2D for ; Sun, 20 Sep 2020 02:52:39 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.riseup.net", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BvBvB48ngz3dlT for ; Sun, 20 Sep 2020 02:52:38 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from bell.riseup.net (bell-pn.riseup.net [10.0.1.178]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "Sectigo RSA Domain Validation Secure Server CA" (not verified)) by mx1.riseup.net (Postfix) with ESMTPS id 4BvBv91LztzDt13 for ; Sat, 19 Sep 2020 19:52:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1600570357; bh=nJzEK8BojYhYlgf9vcr6YNc2ogqq0bNjgnWv3aWNWSk=; h=Date:From:To:Subject:In-Reply-To:References:From; b=OiJLT2cmMKhkoLCNrHOrGUc3IiwHkUHGkNU7O00WzUWbkIOlv0Nt1iUoL/MMc88uD m7s2L28qAkTQ0Z5JuXNT2YdRbAEe55d1dIfZ0Vc+6VuAnkqHRJCuZQiOBn+O9wOrSC meFVTjDWaZMVp93fifehlYidlMPrqM+XAjMIQUYM= X-Riseup-User-ID: 2C33D187D842B8039C2EF652E6CFEAD3358EC221C8F694F09CCD874A6B4C910D Received: from [127.0.0.1] (localhost [127.0.0.1]) by bell.riseup.net (Postfix) with ESMTPSA id 4BvBv83jcWzJnVs for ; Sat, 19 Sep 2020 19:52:36 -0700 (PDT) Date: Sun, 20 Sep 2020 04:52:39 +0200 From: Ralf Mardorf To: freebsd-questions@freebsd.org Subject: Re: Dual-booting/triple-booting FreeBSD under UEFI Message-ID: <20200920045239.52e90b96@archlinux> In-Reply-To: <20200920042414.7d396bc1@archlinux> References: <20200919180814.00005391@seibercom.net> <20200920035310.72276666@archlinux> <20200920042414.7d396bc1@archlinux> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4BvBvB48ngz3dlT X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=riseup.net header.s=squak header.b=OiJLT2cm; dmarc=pass (policy=none) header.from=riseup.net; spf=pass (mx1.freebsd.org: domain of ralf-mardorf@riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=ralf-mardorf@riseup.net X-Spamd-Result: default: False [-4.39 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[riseup.net:s=squak]; NEURAL_HAM_MEDIUM(-0.99)[-0.992]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[198.252.153.129:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[riseup.net:dkim]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[riseup.net:+]; DMARC_POLICY_ALLOW(-0.50)[riseup.net,none]; NEURAL_HAM_SHORT(-0.72)[-0.722]; NEURAL_HAM_LONG(-1.08)[-1.081]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:16652, ipnet:198.252.153.0/24, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_IN_DNSWL_LOW(-0.10)[198.252.153.129:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Sep 2020 02:52:39 -0000 PPS: This article ( https://www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-sys= tems-using-grub2-and-secure-boot/ ) is from "Catalin Cimpanu for Zero Day | July 29, 2020" The Ubuntu GRUB2 packages were fixed at "29 July 2020" ( https://ubuntu.com/security/notices/USN-4432-1 ). "Eclypsium said it expects patching to take a long while, as fixing bootloader bugs is usually a complex process due to the multitude of components and advanced cryptography involved in the process." - https://www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-sys= tems-using-grub2-and-secure-boot/ "There=E2=80=99s a Hole in the Boot=09 July 29, 2020 / Eclypsium" - https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ IIUC the news are from July 29, 2020 and the issue was fixed in July 29, 2020. Is this a "long time"? I'm even uncertain, if the issue wasn't already fixed, before the "news" was spread by those making a living from spreading FUD and selling snake oil. See https://blackarch.org/tools.html -> http://blog.fefe.de/?ts=3Db6cea88d (unfortunately in German only).