Re: *countable infinities only

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 05/31/2012 11:10 AM, Basil Mohamed Gohar wrote:


This will exclude a whole class of usages that are currently available
to Fedora users, such as the ReSpin projects that Fedora Unity used to
produce from stock Fedora packages as well as any other downstream
projects that build on Fedora.


It will make the barrier to entry for them higher, yes, by requiring them
to take one of the three previously described steps to get systems installed,
which I'll repeat here:

1) get users to turn off secure boot
2) get users to enroll a distro-specific key
3) pay the $99 bucks and sign the first stage bootloader.

Two are expensive in terms of will, the third incurs monetary cost.  Pick
your poison.


This is not something affecting only a limit set of cases.  It's a major
change to the ecosystem around Fedora.


We agree, but we don't see a good way around it.


I'm not in a position at this point to provide a specific solution to
this, but Windows 8 is not even out yet.  Fedora, Red Hat, and others
may still have the option of putting pressure on either Microsoft or
other entities (hardware manufacturers) to change how this is
implemented to prevent the lockout that the key requirement causes in
its current state.


We argued in public, and even more in private (by legal necessity) against
secureboot being enabled by default for quite some time. Ubuntu has done
some of that as well, but aside from that we're the only voices against it,
largely because vendors have a legitimate security concern and secureboot
does close that attack surface. We'd be happy to see others become involved
and find some other solution that everybody can be happy with, but at this
point market forces seem to indicate that we'll have to deal with this
solution. I'm sorry we haven't been able to stop this.


But announcing support for it before it's even in  real systems widely
is premature only serves their interests, not ours.


So your better solution is to develop this completely in private without
letting you guys know what we're planning to do or what we're working on,
ship F18 in a way that won't install on say 90% of the desktop/laptop systems
that ship between F18 and F19, and then roll out F19 with secureboot
support implemented to show our users how much we're protecting them
from the big bad Microsoft?

I'll write that one down on my list to consider. Thanks.

--
        Peter
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux