On Monday, August 14, 2017 at 8:50:20 PM UTC-4, tai...@gmx.com wrote: > Secure boot is a stupid Microsoft controlled project to eventually > remove the ability for commercial PC's to run non windows operating systems. > > SB 1.0 specs mandate owner controlled (an option to shut it off), SB2.0 > doesn't and PC's built to that spec such as the Windows 10 ARM PC's and > MS's "signature series" PC's prevent you from installing non microsoft > operating systems. > > "Secure" boot is simply a marketing name for kernel code signing, you > can easily do this with coreboot and a grub payload (grub supports > kernel signing). > > SB doesn't stop virii as that wasn't what it was designed to do, > preventing rootkits from modding the kernel is irrelevant as you can > simply change another critical system file of which there are > many on windows. > > Kernel code signing is only useful in an AEM context with an encrypted > filesystem but unencrypted kernels. > > I myself have a variety of owner controlled fully libre firmware devices > such as the KGPE-D16 and KCMA-D8 asus motherboards, those two are the > only ones that offer full libre functionality along with high > performance - they also run qubes great - having 32 cores and 128GB ram > is excellent for it. > Please note these are the only owner controlled devices that support > v4.0 (purism isn't owner controlled and their firmware isn't and can't > ever be open source) > Another neat feature is an addon user configurable CRTM TPM module (very > rare). > > As always I offer free tech support for libre motherboards if you wish > to buy one.
I have to add another thing. Its nice to say that the motherboard firmware is libre, but it makes no difference to me cause I don't have the know how to read or alter the code myself. So you and Microsoft are no different to me because I still have to trust and rely on you because I'm just an avg noob. But IMO, it would be more naive and dangerous for me to buy a board or get tech support from some random stranger online, then it would be to use monitored support service by paid emplooyees, or a commercial product used by millions that can't be as easily altered from its factory state. (minus gov't backdoors) I hope you don't take offense. I mean the whole argument for libre and open source is having more eyes on the code. But what people don't understand is "eyes on the code" encompasses many things. Microsoft for example has "more eyes on the code" for the simple fact its more widely used and more widely targeted by attackers. But its not a security focused os unfortunately. Also, are we talking about good eyes or evil eyes? IMO, this aint the 90s anymore and evil eyes are the wide majority now. Even linus torvalds has changed his tune past couple years. And I have to put this out there, guys like Linus Torvalds, or Brad Spengler, would never use linux at home for their family or personal use. They use windows. I kid you not. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d27a6908-06ab-4e98-9a1a-4d8bb859dbd9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
