Fwd: Re: Ubuntu 16.04 Secure Boot Policy
Just a dumb question, since I have not been happy with UEFI let alone secure boot with keys. If you roll your own kernels, do the build scripts let you generate your own keys? Dale Amon -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Fwd: Re: Ubuntu 16.04 Secure Boot Policy
Yes, it would be more user-friendly to disable secure boot instead of asking a user to go through the process of importing a new key after every kernel or driver upgrade. Therefore, I will modify my proposal a bit and suggest that the menu to disable secure boot should have a new option to add an exception for the package being installed. The recommended option could be to disable secure boot, an option to add an exception could be recommended only for advanced users, and the final option would be to do nothing at all. This change would allow users to choose an option that best suits how they wish to use their computer, but still allow a novice user to select a recommended action and not deal with being asked to import a new key after upgrades. While a savvy user could easily do this on their own, it would be nice to have this functionality streamlined into the distribution. I do believe there are benefits to using secure boot with any operating system. Keeping secure boot enabled, even with some exceptions, would still offer users protection from things like an evil maid attack. Additionally, people in the GNU/Linux or BSD world should not ignore secure boot simply because there aren't enough *known* threats to warrant the extra effort of keeping secure boot enabled. My recommendation would be to find ways to better implement secure boot *before* it is needed instead of trying to find ways to keep it enabled after *known* threats force the adoption of secure boot. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Connection Information in Ubuntu Desktop 16.04
On Fri, Jul 1, 2016 at 3:31 PM, Contact Orielstar wrote: > Folks, > > I'm almost embarrassed to bother you with this - it's such a small issue - > but still, I guess we need to know about everything big or small... > > I have 3 DNS servers set up in my network connection, and when I go to > connection information it shows me the Primary, Secondary and *Ternary* > DNS ips. I'm sorry to be pedantic, but “*Ternary*” means “having three > parts”. Operators in C# can be unary, binary or *ternary* – they take > one, two or three operands. “*Tertiary*” means “third in order”. > > Hi Dave, thanks for taking the time to report this. Details are important :) I'm not familiar with the codebase, but I tracked down the bug to be in the package network-manager-applet. Would you please file a bug? https://bugs.launchpad.net/ubuntu/+source/network-manager-applet Click on "Report a bug" on the right ^ Cheers, Andrea On this basis, it should be Primary, Secondary and Tertiary (not Ternary) > DNS. If you would like to argue that it's an operand with 3 parts, then it > should be Unary, Binary and Ternary DNS, however, the DNS servers are hit > in order so I think P/S/T is correct. > > Cheers, > -- > > Dave Jury > > rielstar > Business Solutions > > Marondera Branch: > 10A Tipperary > Marondera > Phone 0773 247 121 > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu 16.04 Secure Boot Policy
On 04.07.2016, at 00:02, Tom H wrote: > The Linux developers who put together a Linux solution/option for > Secure Boot must've thought that there's a case to be made for Secure > Boot on Linux. Yes hardware and multi-boot with a proprietary OS that enforces usage of secure boot is at least one reason. > Think malware existing outside of the OS and targeting > the pre-kernel boot process. Are there some examples for such malware that affected Linux or BSD machines, where secure boot would have protected those machines or are there any other evidences for more security for Linux or BSD machines by secure boot? > If there's a way for Ubuntu to offer its users the possibility of > using Secure Boot and dkms-compiled modules, why not? Sure, if somebody likes to maintain this option, it's ok. It's still more user-friendly to disable secure boot, than to deal with it, isn't it? Regards, Ralf -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss