Setting aside the amusing political debates and going back to the original topic - what's the actual status of the UEFI boot issue?
(Following up on the link from Tzafrir's post:http://mjg59.dreamwidth.org/6503.html, see my comments below ) On Mon, Oct 24, 2011 at 1:56 AM, Amos Shapira <amos.shap...@gmail.com>wrote: > On 23 October 2011 22:06, geoffrey mendelson > <geoffreymendel...@gmail.com> wrote: > > > > On Oct 23, 2011, at 12:28 PM, Shlomi Fish wrote: > >> > >> The Free Software Foundation started a campaign called “Stand up for > your > >> freedom to install free software!” about Microsoft's plan to enforce > >> “Secure Boot” in the installations of Windows 8, which will prevent > people > >> from being able to boot into GNU/Linux, one of the BSD variants, or > other > >> operating systems. You can sign it here: > >> > >> http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/statement > > > > > > It's pure FUD. > > "we are concerned that Microsoft and hardware manufacturers will > implement > > these boot restrictions in a way that will prevent users from booting > > anything other than Windows." > > > > Not that they are, or saying they will, or even hinted they will. > > I didn't follow the detail but a few weeks ago this made a noise on > Slashdot and as far as I'm aware Microsoft issued a statement which > calmed down the activists and it became a none-issue. I didn't follow > it closely so I might be wrong. > > Can you help locating the MS statement that you describe? Some relevant details, described in Mathew Garett's post (thanks Tzafrir for the link), and some of the replies there: 1. Problems with the proposed UEFI boot standard boil down to the fact that it lacks any means to allow the *owner of the hardware* to edit the list of trusted keys (load new keys, delete old ones). 2. It seems to me that some aspects of this are in fact a security issue, which should also be in the interest of Microsoft to solve (e.g. they would probably want some means to recover in case one of their keys get stolen). 3. Some solution to the problem (a mechanism for loading keys from specially formatted removable media) will be (is being) suggested by Garrett to UEFI during this week's "plugfest" http://www.uefi.org/events/ 4. Readers of this group should be interested to know that this solution (whatever other advantages/disadvantages it might have) would allow you to end up being able to boot kernels (or bootloaders) that you compiled yourself and signed with your own private key. Hence: if that MS statement contained some indication that Microsoft would support such a solution, indeed I see no serious reason to worry. Either way, we should follow closely for reports from the plugfest conclusions next week. AA
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
