dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
15

rexbinary
MOD King
Premium Member
join:2005-01-26
Plano, TX
·Frontier FiberOp..

rexbinary

Premium Member

Re: Red Hat users pay up to run Fedora on Windows 8 machines

Linus Torvalds on Windows 8, UEFI, and Fedora
Setting the anger aside, there’s something to all of this, but as Torvalds told me, “Yes, yes, the sky is falling, and I should be running around like a headless chicken in despair over signing keys. But as long as you can disable the key checking in order for kernel developers to be able to do their job, signed binaries really can be a (small) part of good security. I could see myself installing a key of my own in a machine that supports it.”

That said, Torvalds doesn’t think Microsoft’s spin on Windows 8 UEFI secure boot is really going to do for security. “The real problem, I feel, is that clever hackers will bypass the whole key issue either by getting a key of their own (how many of those private keys have stayed really private again? Oh, that’s right, pretty much none of them) or they’ll just take advantage of security bugs in signed software to bypass it without a key at all.”

Torvalds concluded, “Signing is a tool in the tool-box, but it’s not solving all the security problems, and while I think some people are a bit too concerned about it, it’s true that it can be mis-used.”
»www.zdnet.com/blog/open- ··· ra/11187

FF4m3
@verizon.net

FF4m3

Anon

Interesting. Thanks for the link.
FF4m3

FF4m3 to rexbinary

Anon

to rexbinary

Torvalds doesn’t think Microsoft’s spin on Windows 8 UEFI secure boot is really going to do for security. “The real problem, I feel, is that clever hackers will bypass the whole key issue either by getting a key of their own (how many of those private keys have stayed really private again? Oh, that’s right, pretty much none of them) or they’ll just take advantage of security bugs in signed software to bypass it without a key at all.”

If so, then just simply disable the thing to remove the issue and fogetaboutit. That's my plan.

Linux has not experienced similar security issues that face Microsoft & Windows. The whole thing is another Microsoft 'restraint-of-trade/competition' scam. Don't let MS put their own Windows fears into Linux users.