[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Re: the ghost of UEFI and Micr0$0ft

On Tue, Jun 5, 2012 at 12:22 PM, Camaleón <noelamac@gmail.com> wrote:
> On Tue, 05 Jun 2012 19:03:54 +0200, Claudius Hubig wrote:
>> Hello Camaleón,
>> Camaleón <noelamac@gmail.com> wrote:
>>> For years, we've (the FLOSS community) been avoinding to be always
>>> Windows dependant and now it seems we are going back to the darkest
>>> ages.
>>> Repeat with me: we-don't-need-Windows-anymore.

This has absolutely *nothing* to do with a dependency on Windows.

>> This does not depend on Windows but on something else: A position that
>> is trusted by users and hardware manufacturers to only sign ‘safe’ code.
> Microsoft (I can't tell for the rest of the hardware manufacturers
> because their position is not mentioned in detail in the blog post) is
> forcing a needing for something I (and I guess others) _don't need_, like
> TPM modules, using a password in GRUB2, using encryption nor signing for
> safe code.

Microsoft isn't forcing anyone to do anything.  They're saying, "if
you want to put the Windows 8 logo on your hardware, you must enforce
trusted boot."  No one else has to use it, however, PC manufacturers
are likely to, you know, enforce secure boot which means Linux *won't*
boot unless it's either signed or secure boot is disabled.  You're
completely free to not use secure boot if you don't want to.

> We are who decide what/how/when we need something not the others and even
> less MS :-/

Yes, and you're free to decide you don't need secure boot and to
disable it at your option.  If you can't figure out how, I'm sure your
PC or motherboard will come with documentation that can help.

>> Given that this makes it necessary to audit the code, watch out if it
>> gets exploited, set up a system to revoke certificates etc., $99 really
>> is cheap. I doubt that someone else could do the same job cheaper, if
>> they don’t have another source of income.
> The price to pay here is more than a few pennies: there's a freedom price.

There is absolutely zero price anyone needs to pay.  Fedora is
purchasing a key from a trusted 3rd party to sign their own code with
so it can work with secure boot UEFI out of the box with a minimum of
hassle.  They're buying a convenience, not something that's at all

>>> I'm a bit tired of being so condescending with Microsoft or Apple or
>>> Oracle... or other companies policies. How about our needings?
>> Found your own company or buy them and I’ll guarantee that they’ll do
>> just as you like.
> I value ideas and the good work more than money; they're priceless.

Your rant against UEFI secure boot, Fedora, and Microsoft smells an
awful lot like "I just hate Microsoft just because I hate them and
they're evil and I hate them" than it does any kind of reasoned
technical objection.

>>> >> (since when blindly following what
>>> >> Microsoft -or any other company- does is the correct way to achieve
>>> >> a milestone?)
>>> >
>>> > Given the aforementioned blog post, I doubt that this happened
>>> > ‘blindly’.
>>> "Blindly" here means there's no technical reason that supports the path
>>> they want to take for UEFI, but a marketing strategy.
>> UEFI has many benefits over the traditional BIOS, secure boot being one
>> of them. Why do you think there is no technical reason to support secure
>> boot? And what other mechanism would you suggest to use to get a chain
>> of trust from the BIOS(-replacement) to the desktop?
> UEFI is not the problem here. People is using UEFI nowadays without any
> issue. Is MS who is building a fictional wall in between.

People are using UEFI just fine without secure boot.  Secure boot is a
new feature that requires signed code to work.  You're free to not use
it.  The rest of us feel it's beneficial.  There's no artificial wall.
 You just hate Microsoft.


Reply to: