The technology to support measured boot has existed for over a decade, but no mainstream Linux distribution provides it out of the box. Now that we know people are attacking not only the boot chain but the system firmware itself, that's not good enough.
This presentation will cover the reasons for lack of adoption, why we need to do better and what needs to be done to achieve that. It'll also discuss how traditional models of measurement are suboptimal, how we can provide fine-grained measurement in reproducible ways and demonstrate some fun things that we can do with TPMs to improve general quality of life. It'll also describe some additional work distributions can do to make it easier for users to deploy trusted boot in their environments.