Originally posted by schmidtbag
View Post
You compile stuff, and then you run a software that adds a cryptographic signature linked to both the hash of the binary file AND your own private key (NVIDIA's in this case).
That ensures that the binary signed in that way cannot be tampered as any tampering with it will change its hash and therefore fail the signature check, AND that it comes from someone that has your own private key.
This would allow the firmware to be opensource while still not allowing people to run their own firmware on your hardware, which would allow opensource DRM or security mechanisms to work fine. Because if their signature is correct then you are sure that the program being run was compiled by a trusted party AND was not tampered with in any way.
And this is done also on Windows, because there is a big amount of people that will try to hack or tamper with binaries too.
Again this check would need to be performed by some trusted part of the system, so we have ME and friends. That's one of the main reasons they are there. In the case of NVIDIA it's the card's BIOS doing the check.
To add to what imirkin said, all distros sign in a similar way their packages, and all package managers complain loudly if they get a package with a wrong or unknown signature.
That's why DVD piracy became a problem - once the key was cracked via open-source efforts, piracy became effortless.
Signatures allow you to make sure that the file comes from a TRUSTED source and was NOT tampered with. Anyone can read the file without any issue, it does not protect the contents in any way.
DRM uses various tricks to not allow everyone else to view the file unless they have the key or something. It's usually some form of encryption.
Despite their open-source efforts, even AMD still insists on keeping their firmware closed. So unless I can be proved otherwise, you can't open source a signature and have it secure/safe from malicious intent.
When it clearly is not, because you need to cryptographically sign your stuff anyway even if it is closed-source.
Comment