On 06/01/2012 02:40 PM, Sam Varshavchik wrote:
they can't possibly review all the software that could follow the boot
loader down the chain,
They won't have to. Once they have a signing key that boots their
current Windows OS, they have no further need for a certification
process. What value added benefit does it bring to them?
For now, they avoid public outrage and keep control. I personally
believe there will be other players in that game in the future, because
there's a potential market for trust brokers between the OEMs and the OS
distributors. If that's true, Microsoft will simply be ahead of
everyone else and by feeding the mouths of everyone now they delay the
necessity for other businesses to take parts of that market. I could be
wrong, but at least it makes sense, and since they *do* sell these
certifications and act all "we're the good guys", this explanation
doesn't seem far off.
I agree it's not ideal, so we must still demand for alternatives to
Microsoft, preferably unbiased, now.
I don't think there is much information on the exact nature of the
relationship between Microsoft and Verisign. It's weird that Microsoft
wouldn't get a penny out of it, especially since they host the platform,
so Verisign must be paying back a good share. Or maybe I'm looking at
it the wrong way and it's not about money, but.. well it usually is.
because it includes big monolithic kernels, so they have to trust the
people who develop the software instead of the software itself.
No, they don't have to trust anyone. Who says that Microsoft must trust
a bunch of hippies?
Hahaha.
How about buying a laptop or a PC that will boot any damn OS you want,
without all this cockamamie crap?
Well any computer *will* boot any damn OS, just add a key, or don't
use the technology.
Again, you're assuming that I will be able to add my own key.
All I've heard is that OEMs will have a physical kill switch, to turn
off secure boot.
Where can I read some big name OEM's announcement of a board that will
accept user-generated keys?
Please prove me wrong. Where can I get the details of those plans?
Well I don't see why Matthew Garrett would lie about that in his article
(we all read his post right?). Maybe I trust his word too easily, or
maybe his source is wrong, but I certainly think he's way more informed
about the situation than any of us. You're right in that we should wait
to see it formally announced by the OEMs before shouting victory though,
but I kind of got from the vibe that it was a sure thing, so I don't
think we should worry about that too much until the situation changes,
hoping that it won't.
And would you care to take my bet, for 1,000 quatloos, that Microsoft's
certification program will be a farce? They'll sign Oracle's key, that
can only boot Solaris, sure. They may very well sign an RHEL key, that
will boot a locked-down RHEL.
A $100 farce? At that price, they are *clearly* targeting very small
players. I know it doesn't help that their site has been down since the
beginning of this discussion, we can't really evaluate, but I got the
feeling that Fedora's decision to use Microsoft's services was informed
and not just thrown in the wild, so they presumably know for sure that
they can get it.
So yeah, okay, trekker, I take the bet, they get the key. :)
An open Fedora? Not going to happen.
Ah come on, it's not the end yet.
--
t
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
