Khalid ♾️ on Nostr: all who is avoiding ventoy due to security risks - what *are* the risks? Assuming the ...
all who is avoiding ventoy due to security risks - what *are* the risks? Assuming the partitions are encrypted, and the ISO:s are used to boot up linux distros (who also, I assume, verify their checksums before booting up), the only avaible attacksurface I see is the UEFI / BIOS, and that's still quite complicated to pull off. Granted, I haven't compared the github binary to their sourcecode, but being a FOSS project makes it also avaible to be scrutinized by outsiders.
Published at
2024-08-05 06:40:25Event JSON
{
"id": "f74dd04a48b30dd9bdb9fd32be6d10d35e3dbf9e3448e220e44ac02c162b097e",
"pubkey": "2b0e06059a1155bb9914b932aa2712730302546fb82b3cba1ce087214e50bdbc",
"created_at": 1722840025,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.nu/@khalid/112908043909528684",
"web"
],
[
"p",
"6efe24e8d551d8669d975aa16c67e86eba709c443f107b9b3a42297c0d8f4ccf"
],
[
"e",
"f7376539fff35f436206c28404614b6258b8208d28f941ec0a84434c1446b869",
"",
"root",
"6efe24e8d551d8669d975aa16c67e86eba709c443f107b9b3a42297c0d8f4ccf"
],
[
"proxy",
"https://mastodon.nu/users/khalid/statuses/112908043909528684",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.nu/users/khalid/statuses/112908043909528684",
"pink.momostr"
],
[
"-"
]
],
"content": "all who is avoiding ventoy due to security risks - what *are* the risks? Assuming the partitions are encrypted, and the ISO:s are used to boot up linux distros (who also, I assume, verify their checksums before booting up), the only avaible attacksurface I see is the UEFI / BIOS, and that's still quite complicated to pull off. Granted, I haven't compared the github binary to their sourcecode, but being a FOSS project makes it also avaible to be scrutinized by outsiders.",
"sig": "70a78ed5fb86044acce4b153588f87f10254c8ad25575e75737218e451ddcbc173c39528513e893ad7dc13515cb9e7cf7ed33bfc92955b4cec9e615b8f6a3ce0"
}
