On Fri, 2012-06-08 at 16:29 +0100, Andrew Haley wrote: > On 06/08/2012 04:24 PM, Adam Jackson wrote: > > And? I wasn't speaking to "we should sign our arm images with > > Microsoft's key", I was speaking to "we should support Secure Boot on > > arm". If someone wants to build an arm machine with SB support capable > > of running non-Windows operating systems, why would we not want to run > > there, and why would enabling that look any different from self-signing > > an x86 machine? > > Forgive me if I'm missing something, but surely the reason we would > not want to run there is that our users would not be able to do so > as well: they wouldn't be able to modify our kernel and run it on > their machine. I chose my words carefully. I think you're hearing "Secure Boot on arm" and concluding "immutable Secure Boot configuration", which to my knowledge is not a given. It's a given for machines that will ship with Windows for arm on them, and one can choose to be angry at Microsoft for that I suppose, but that's not necessarily a statement about the broader arm ecosystem. Personally I really like the idea of establishing my own trust chain on my own machines. I like the idea that I can get the assurance that my firmware hasn't been rooted _and_ not rely on anyone else's cert safety practices but my own. If I'm the sort of person who's taking my computer into hostile territory - insert oppressive government of choice here - that level of trust is potentially life saving. And - though it pains me that this next thought might actually be unpopular, though closer investigation might reveal that I'm giving the feature too much credit, and without considering or conceding whether such a machine would be non-free - I'm pretty sure I am willing to sacrifice a minor technical point of software freedom for real gains in human freedom. Software freedom is a means, not an end. Microsoft's requirements for SB on x86 enable that kind of trust for Linux (and for anyone else who wants it). It's possible to build arm machines the same way; they won't be able to run Windows, but whatever, as if I want to run Windows anyway. If arm machines like that were to exist, why _wouldn't_ we want to support them? For that matter, why would we not want to enable building them? - ajax
Attachment:
signature.asc
Description: This is a digitally signed message part
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
