On 06/05/2012 04:47 AM, Kevin Fenzi wrote:
On Mon, 04 Jun 2012 18:06:24 -0700
JD<jd1008@xxxxxxxxx> wrote:
On 06/04/2012 05:03 PM, Sam Varshavchik wrote:
This has been explained in this thread before.
It is logically impossible to have a so-called "secure-boot" for
both a free OS and a non-free OS on the same platform. Since, by
definition, a free OS allows unrestricted access to the hardware, a
free OS can then be trivially used to bypass any secure boot
hardware restrictions for a non-free OS.
I'm not following your logic there...
Because there's none. Not sure I want to argue again, so let's just say
Sam and I have different interpretations of the facts. In mine, it is
perfectly possible to have multiple keys in the same firmware at the
same time, and perfectly possible to securely dual-boot systems.
For this to work, you can't have a universal key for free OSes (or any
OS) as Sam rightly points out, which is why every OS must have a key of
its own in every device (not realistic in practice) or obtain a
signature from a "certificate authority", "trust broker", or
"intermediary" (whatever you want to call it) whose sole job is to
verify that every OS it signs is doing a good job at securing itself so
that it won't be used to chainload the others.
To do such a job, you'd want an intermediary that you can trust, and
that is unbiased, which is not the case with Microsoft (and which is the
basis of this whole controversy), because whenever someone shows signs
that it isn't willing to plug its known security holes, the intermediary
should blacklist its key. The reason is that the trust relationship is
broken. The effect is that its users won't be able to use secure boot
with that key anymore, and will either have to find another intermediary
that is willing to trust the OS developers, or let the users sign it
themselves, provided they themselves trust the OS developers, which is
hopefully the case for any OS. If users don't trust their own OS, they
will migrate and this OS will be doomed anyway (not talking about
Windows and Mac users, who don't have alternatives like we have with our
different distributions).
No one has wanted to be this 'authority'. Perhaps someone will come out
appear now given all the press.
Precisely. I'd like to add something I haven't seen in explained
clearly anywhere yet: Microsoft really didn't have to provide
signatures for $99. If they hadn't, other operating systems would be
*forced* to do the right thing and provide this service themselves or
pay another organization to do it (if they want a zero-config secure
boot out of the box, that is, anyone can still provide secure boot
without all the hassle, but users would have to configure it).
Now we already argued about why they would do it, and I believe they
have many reasons (control, a little income, being first in a potential
new market).
--
t
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
