On 02/06/12 14:06, Nigel Verity wrote:
Hi All
If anybody can get a key from Verisign for $99 that makes a mockery of
having secure boot in the first place.
no, that isn't how it works at all. It is possible for some people to
get a binary signed by Microsoft by paying $99 which goes to verisign.
You don't get the key and it isn't clear who can do it and what binaries
will get signed.
We can take it as read that there are long term plans by Microsoft to
tighten up the secure boot spec in the future in their favour.
yup, on ARM. Devices running Windows 8 on ARM will be pre-bricked at the
factory.
To my mind, this first pass is just to establish the principle and
getting all OEMs to adopt the spec. Making keys readily available will
help MS to respond to legal challenges from non-tech savvy legislators.
Possibly. I would imagine they are expecting and preparing for antitrust
action. As a slightly pedantic point, legislators don't tend to make
legal challenges.
I suspect that the secure boot technology will be hacked pretty
quickly enabling we enthusiasts to stay up and running. Having to
apply a hack as a fundamental part of Linux installation will not
exactly help with promoting wider adoption, though.
disabling it on Intel isn't a hack, it would be a checkbox option in the
place you currently call the BIOS. ARM would require a hack.
Regards
Nige
--
Libertus Solutions http://libertus.co.uk
--
ubuntu-uk@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk
https://wiki.ubuntu.com/UKTeam/
