On Fri, 9 Mar 2012 11:07:55 +0100 "Joshua C." <joshuacov@xxxxxxxxxxxxxx> wrote: > I saw that the x86 modules can (_should_) be signed int the future. We > all know the pros and cons of signing but I'm wondering if all this > _crap_ has anything to do with the microsoft's idea to use a signed > bootloader, drivers, etc in the latest windoof 8. I think all of you > have heard that there's a posibility to make the OEM vendors activate > the so called "secure boot" by default. It's mandatory they do so for Windows 8 logo on some machine classes (the size of the class in question keeps growing too), so all Win 8 logo systems will be locked down by default and require some undefined screwing around to unlock. For x86 the spec currently does require they can be unlocked, for ARM the last version I saw says it must be impossible. Beyond that at this point it looks like it'll be a matter for competition bodies, lawsuits and the like to resolve. It's also not clear how it will fit with the French law on not typing PCs and software together. Module signing itself isn't just useful for that though - its a matter of who owns the key and you can do your own module signing with your own key irrespective of the bogus 'secure boot' stuff. In theory you can even stuff said keys into the TPM and do very clever tricks with them. Alan -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
