• ozymandias117@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    5 days ago

    If the executable binary has to be signed with a key, similar to the module signing key, Microsoft could sign their binaries

    This, along with secureboot, would prevent the owner of the machine from running eBPF programs Microsoft doesn’t want you to run, even with root

      • lumony
        link
        fedilink
        English
        arrow-up
        7
        ·
        5 days ago

        Odds are because there isn’t one.

        Abusers will always try to justify their abuse by saying their victims “don’t understand” why it’s “necessary.”