Re: the ghost of UEFI and Micr0$0ft
On 20120607_213632, Christofer C. Bell wrote:
> On Thu, Jun 7, 2012 at 5:34 PM, Roger Leigh <email@example.com> wrote:
> > Let's be clear what this is. I have to get *permission* from someone
> > else, to run a program on my own computer. To actually use my
> > computer to do my stuff, I have to take extraordinary steps to get
> > someone else to grant me access. That's *fundamentally wrong*.
> No, we need to be clear that you do *not* have to get permission from
> someone else to run a program on your computer. You can get
> permission from *yourself* by using your own signing key. The only
> downside is that you can't distribute your custom kernel without also
> providing the signing key to whomever is going to *also use it with
> secure boot* (they are free to disable secure boot, of course, or sign
> it with their *own* key, just like you did).
> This "new world" doesn't tie you to Microsoft or any other company.
Of course, after this infrastructure is in place, people will start
discovering other uses for this identity key that 'everybody' has,
like controlling access to the internet, and neat tricks like
that. But that has nothing to do with software freedom. A self-signed
key would surely not be accepted for these new infringements of our
I hope I haven't thought of something that is unthinkable and thereby
marked myself as an evil person in the eyes of those who are watching.
Paul E Condon