Re: Re: Red Hat engineer renews attack on Windows 8-certified secure boot
these two emails are interesting. Thank you Yasha and Nico. -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. Nico Kadel-Garcia nka...@gmail.com wrote: On Thu, Oct 20, 2011 at 6:16 PM, Yasha Karant ykar...@csusb.edu wrote: Any idea how to get persons such as Victor Helsing to understand the issue here? -- this is NOT a rant. If we ignore it, we shall all be in the soup. It's a rant. By continuing to rant, you discourage people from paying attention to such issues where and when they *are* relevant, such as (hopefully) the material below. A discussion of the UEFI technology and its direct effects on Linux or Scientific Linux based hardware management might be useful. What are our favorite upstream vendor's plans? And ave you actually laid hands on the technology or attempted to use it, to see the implications of it. For example, it avoids the 63 block DOS compatiliby chunk of space at the beginning of your available disk space, avoiding the 4096 byte block alignment problem for both real and virtualized hardware on more modern hard drives. And boot loaders have suffered from a great deal of awkwardness in backwards compatiblity requirements, for example with the 8 1023 cylinder limitation with earlier versions of LILO and motherboards, and with various other complex schema to work around legacy requirements. So a new, well defined boot loader architecture can make eminent sense. The problem is the lockdown features. It's completely understandable that people who buy computers, and maintain them, do *not* want arbitrary script kiddies or laptop thieves to be able to boot a live CD or USB stick and read everything off their drive. My Windows and other friends are *shocked* when I walk in with a live CD, including ones very like Scientific Linux's, and help them recover lost data or change relevant passwords. In general, if I can access your hardware, I own your data. The need for freedom and access to our own tools conflicts with this. Being able to change a kernel or OS freely is vital to developers, students, and people who need their tools modified for reasons software vendors don't agree with. It's also *vital* for anonymity. Too many systems record too much data. But this conflicts with desires for security. We've seen things like this play out with SELinux. The toolkit is powerful, flexible, and so unpredictable and poorly integrated and complex that most developers would actively *fire* me if I tried to make them work with it. I'll be very curious to see if UEFI's vaunted security features suffer from the same flaws in the long term. Support for UEFI *is* built into recent releases of grub and various virtualization technologies, so I don't anticipate it being too much of a Linux issue unless the lock down features are enforced.
Re: Red Hat engineer renews attack on Windows 8-certified secure boot
We subscribe to this list because we are interested in Scientific Linux *per se*, and even a mention about Red Hat (from which it is derived) does not legitimize off topic rants. Please find your gratification in another forum where others wish to read your opinions. On Thu, Oct 20, 2011 at 3:58 PM, Yasha Karant ykar...@csusb.edu wrote: Although a number of comments on and off the SL list have opined that any discussion of UEFI is off-limits to this list, below is a popular press article concerning a view from Red Hat (the beloved TUV of this list) that presumably is on-limits. Again -- is there a workaround were efforts to prevent the MS version of UEFI fail?
Re: Red Hat engineer renews attack on Windows 8-certified secure boot
On 10/20/2011 08:58 PM, Yasha Karant wrote: the practical issue the practical issue is that you are posting links that have nothing to due with intent of this list as they are off topic. what is even more aggravating and irritating about your posting is that you post a link and then quote that link. please stop posting what *you think* is interesting. *it is not*. -- peace out. tc.hago, g . *please reply plain text. html text are deleted* in a free world without fences, who needs gates. ** help microsoft stamp out piracy - give linux to a friend today. ** to mess up a linux box, you need to work at it. to mess up an ms windows box, you just need to *look* at it. ** The installation instructions stated to install Windows 2000 or better. So I installed Linux. ** learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/ signature.asc Description: OpenPGP digital signature
Re: Red Hat engineer renews attack on Windows 8-certified secure boot
On 20 October 2011 21:58, Yasha Karant ykar...@csusb.edu wrote: Although snip I will be brutally frank and straightforward. Please stop posting links and verbatim quotations from items previously posted elsewhere. I have already read them -- and, I suspect, so have many other of this list's subscribers -- in the original location, when initially published. Do you regards all other subscribers to this mailing-list as imbeciles? We do not require some pontificating professor to instruct us as to how we are to act. react, think or otherwise behave. You have been asked before. Now I shall tell you -- Go and read the archives for this mailing list and stop trying to manipulate its usage for your own personal glorification. If you do not wish to fit in with the established social norm then please depart. An interesting link -- http://www.ratemyprofessors.com/ShowRatings.jsp?tid=142948 One of the more amusing quotations from the above: [quote] avoid at all costs and whatever you do don't mention microsoft or bill gates. Just rambles on and on and on... seriously avoid him if you can [/quote] Alan.
Re: Red Hat engineer renews attack on Windows 8-certified secure boot
Somebody ought to complain to the CSUSB and to Verizon about his spam. Or maybe configure the spam filter being used to block CSUSB until he is removed. That's a little harsh. But, what is there to do when it's really easy for him to simply setup a new alias and have more of his fun? (Sadly lunch mobs result in way too much paperwork for the mob members.) {^_^} On 2011/10/20 17:27, g wrote: On 10/20/2011 08:58 PM, Yasha Karant wrote: the practical issue the practical issue is that you are posting links that have nothing to due with intent of this list as they are off topic. what is even more aggravating and irritating about your posting is that you post a link and then quote that link. please stop posting what *you think* is interesting. *it is not*.
Re: Re: Red Hat engineer renews attack on Windows 8-certified secure boot
On Thu, Oct 20, 2011 at 6:16 PM, Yasha Karant ykar...@csusb.edu wrote: Any idea how to get persons such as Victor Helsing to understand the issue here? -- this is NOT a rant. If we ignore it, we shall all be in the soup. It's a rant. By continuing to rant, you discourage people from paying attention to such issues where and when they *are* relevant, such as (hopefully) the material below. A discussion of the UEFI technology and its direct effects on Linux or Scientific Linux based hardware management might be useful. What are our favorite upstream vendor's plans? And ave you actually laid hands on the technology or attempted to use it, to see the implications of it. For example, it avoids the 63 block DOS compatiliby chunk of space at the beginning of your available disk space, avoiding the 4096 byte block alignment problem for both real and virtualized hardware on more modern hard drives. And boot loaders have suffered from a great deal of awkwardness in backwards compatiblity requirements, for example with the 8 1023 cylinder limitation with earlier versions of LILO and motherboards, and with various other complex schema to work around legacy requirements. So a new, well defined boot loader architecture can make eminent sense. The problem is the lockdown features. It's completely understandable that people who buy computers, and maintain them, do *not* want arbitrary script kiddies or laptop thieves to be able to boot a live CD or USB stick and read everything off their drive. My Windows and other friends are *shocked* when I walk in with a live CD, including ones very like Scientific Linux's, and help them recover lost data or change relevant passwords. In general, if I can access your hardware, I own your data. The need for freedom and access to our own tools conflicts with this. Being able to change a kernel or OS freely is vital to developers, students, and people who need their tools modified for reasons software vendors don't agree with. It's also *vital* for anonymity. Too many systems record too much data. But this conflicts with desires for security. We've seen things like this play out with SELinux. The toolkit is powerful, flexible, and so unpredictable and poorly integrated and complex that most developers would actively *fire* me if I tried to make them work with it. I'll be very curious to see if UEFI's vaunted security features suffer from the same flaws in the long term. Support for UEFI *is* built into recent releases of grub and various virtualization technologies, so I don't anticipate it being too much of a Linux issue unless the lock down features are enforced.
Re: Red Hat engineer renews attack on Windows 8-certified secure boot
On 10/21/2011 02:13 AM, jdow wrote: Somebody ought to complain to the CSUSB and to Verizon about his spam. it is not truly spam, and complaining to above, as you suggest, is not really necessary. i will give op credit to have enough intelligence to re-frame after he sees the post that are against his posting of such needless emails. should he be a 'd.a.', then yes. :-) -- peace out. tc.hago, g . *please reply plain text only. html text are deleted* in a free world without fences, who needs gates. ** help microsoft stamp out piracy - give linux to a friend today. ** to mess up a linux box, you need to work at it. to mess up an ms windows box, you just need to *look* at it. ** The installation instructions stated to install Windows 2000 or better. So I installed Linux. ** learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/ signature.asc Description: OpenPGP digital signature
Re: Red Hat engineer renews attack on Windows 8-certified secure boot
On 10/21/2011 03:37 AM, jdow wrote: Your rant is an off topic rant, too, sir. Please stop it lest you issue further proof of your dysfunctional personality. so which is worse, a rant or a slander? think about it. -- peace out. tc.hago, g . *please reply plain text only. html text are deleted* in a free world without fences, who needs gates. ** help microsoft stamp out piracy - give linux to a friend today. ** to mess up a linux box, you need to work at it. to mess up an ms windows box, you just need to *look* at it. ** The installation instructions stated to install Windows 2000 or better. So I installed Linux. ** learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html 'The Linux Documentation Project' http://www.tldp.org/ 'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html 'HowtoForge' http://howtoforge.com/ signature.asc Description: OpenPGP digital signature