Re: Red Hat Will Pay Microsoft To Get Past UEFI Restrictions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> > The firmware already has this.
> 
> Yes, now my mental cobwebs are getting cleaned out. I do recall reading  
> about this, a while ago.

Much of it is there for network booting (PXE etc) and in fact a fair bit
of it is there in the modern old style BIOS too.

> 
> > > Before it boots the OS.
> >
> > Fine UEFI is a powerful enough base to be capable of supporting this. I
> > don't know if anyone has implemented it, but you have a complete chain of
> > keys to verify the request.
> 
> Should be interesting to see how the great unwashed will accept waiting 2-3  
> minutes for their PC to boot, while their firmware is trying to grab CRLs  
> over the network.

I think firmware people are smarter than this. However there are a whole
array of issues with BIOS and other firmware management. For example all
those wireless cards that need firmware not in RPM format are completely
outside of RPM package management if the firmware is updated to fix a
security hole. In the USB case its probably not a big deal but in the PCI
case a card with DMA and complex firmware could provide holes.

That's also going to be fun if anyone tries to lock down Fedora. There
are ways and means but it's pretty ugly trying to sign stuff you can't
ship but users need to make their box work.

> Should also be interesting to see what happens when you put it behind a  
> proxy that drops the packets on the floor.

I'm not a great fan of the quality of firmware code but give then some
credit 8).

Alan
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux