On Monday, July 13, 2020 7:52:51 AM MST Przemek Klosowski via devel wrote: > On 7/10/20 5:22 PM, John M. Harris Jr wrote: > >> Android, actually, is trying to get it right by a) being a platform so > >> that common security updates are available from the platform owner, and > >> can be applied to everyone's system and b) having a secure remote update > >> method. > > > > The problem with implementing systems such as this is obvious.. If the end > > user cannot upload their own firmware, because the host has a hardware > > mechanism for checking the signature of the firmware, that's not good for > > the end user, it's harmful. It would mean they don't actually own the > > system, the vendor does. > > Yes, but it it's too easy (and can be triggered remotely) it becomes a > huge problem. > > I also want to be able to load alternative firmware---but it has to be > difficult, e.g. by requiring to disassemble the device and physically > access the electronics. This is precisely what we're trying to fight with the libreboot project. It should be as easy as possible, so that more end users can use FLOSS boot firmware. Vendors have no trouble making it difficult as it is. -- John M. Harris, Jr. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx