On 25/06/11 18:52, Chris Adams wrote: > Once upon a time, Camilo Mesias<camilo@xxxxxxxxxxxx> said: >> In a sense, part of it isn't under user control. There is a secret in >> there, held against the user, and possibly known by the manufacturer >> or other third parties. There is also a black box of code that could >> do anything. > > You already have that; it is called System Management Mode. > >> I'm not really that paranoid but it is worth considering >> the worst case, just as a theoretical possibility. What if the device >> became standard by virtue of being bundled with every consumer >> device... what if it became crucial to system operation somehow... > > Fedora supporting or not supporting it will have zero impact on that > outcome happening or not happening. > >> Already there are systems that have whitelisted hardware (eg. wireless >> cards in netbooks) and the BIOS polices the presence of the right >> device. If you make unauthorised modifications to the BIOS, you can >> install any compatible wireless card (or WWAN device). BUT if the BIOS >> was signed and loaded by a trusted method, this option would not be >> available. > > All of that is pre-kernel, so either can or cannot happen no matter what > Fedora does. None of that has any bearing on the technical discussion > about whether Fedora should or should not include this functionality in > the installer. > > I think there is some misunderstanding about what the discussion is > supposed to be about. The supporting open source code is already in > Fedora. The feature request is simply to modify grubby/anaconda to set > up the boot entries to include the support by default (or when the > hardware is found). Please could you update the Feature page to say what exactly Trusted Boot is? -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
