|reply to rexbinary |
Re: Red Hat users pay up to run Fedora on Windows 8 machines
Linus Torvalds on Windows 8, UEFI, and Fedora
Setting the anger aside, theres something to all of this, but as Torvalds told me, Yes, yes, the sky is falling, and I should be running around like a headless chicken in despair over signing keys. But as long as you can disable the key checking in order for kernel developers to be able to do their job, signed binaries really can be a (small) part of good security. I could see myself installing a key of my own in a machine that supports it.»www.zdnet.com/blog/open-source/l···ra/11187
That said, Torvalds doesnt think Microsofts spin on Windows 8 UEFI secure boot is really going to do for security. The real problem, I feel, is that clever hackers will bypass the whole key issue either by getting a key of their own (how many of those private keys have stayed really private again? Oh, thats right, pretty much none of them) or theyll just take advantage of security bugs in signed software to bypass it without a key at all.
Torvalds concluded, Signing is a tool in the tool-box, but its not solving all the security problems, and while I think some people are a bit too concerned about it, its true that it can be mis-used.
Verizon FiOS subscriber since 2005 | Mac owner since 1990 | Fedora user since 2006 | CentOS user since 2007 | "Anyone who is unwilling to learn is entitled to absolutely nothing." - graysonf | EDIT: I seldom post without an edit.