dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
13
share rss forum feed

TuxRaiderPen

join:2009-09-19
reply to markofmayhem

Re: FSF Publishes Important Whitepaper on Secure Boot

said by markofmayhem:
Secure Boot isn't unbreakable, it has been hacked already. The major difference is it hasn't been broken remotely or through a worm/trojan;
So whats the point of having it other than competition lockout? None!

said by markofmayhem:
Linux deserves a PLATFORM key, intradistro politics is eating us. Where is the FSF or LF? Why are they not stepping up with a PK and KeK system for us all to use?
And who is going to run this?

FSF, LF? You will have factions who will not agree to either running this.

Third party? Who? ?

said by markofmayhem:
Microsoft was convinced, through market preasure, to join the OSS Virtual Machine eco system. Through the same preasure, they can be preasured to join a global OPEN PK/KeK system (lock them out of the server space and see them agree to a board hosted solution).
What is going to "pressure" OEM/ODM's to do such a lockout? Yeah Dell is going to not sell equipment that will not run "server 'OS'" from ms. Yeah right... The exact tactic will be you want to sell computers with this "OS" then you will sell hardware able to run "server 'OS'."

said by markofmayhem:
Secure Boot can be brought to its intended goal
I don't think that means what you think it does! The intended goal of "Secure" Boot is LOCKOUT Linux! Period. Any one, ANY ONE, ANY ONE! who believes otherwise is just fooling them selves...Yes, when the idea for it came about... it probably was for what its stated name is, but is been corrupted along the birth canal to its current mess. Need further proof? Look no further than crapple who has used it to do EXACTLY this LOCKDOWN OS X to its hardware, at least try to. Its NOT about security, its about LOCK OUT OF COMPETITION. If crapple thinks they have the !@(*$!(!*) be all end all bees knees OS, then COMPETE with it!

And....

If its insecure already.... whats the point, security wise? OK.... so its not remotely attackable, yet... but for 99.9999% of the situations that problem is for ONE particular line "OS" which is so infectable it could probably catch a cold from a human!

The BIOS needs replaced... the sky is falling... BS!

UEFI offers:

Better GUI for the BIOS.. SO? Big whoop! Not needed! Its a BIOS, its not meant to be user friendly! You don't need to be in there mucking with things if you don't know what they are!

GPT disk support... ok how many systems are using this? HANDS UP! UP HIGH! ! Still searching! This can be added to current BIOS architecture. You can't tell me Award etc. can not do this.

Scripting - REALLY! What nucklehead thinks this a good idea in a BIOS!

Fine we need to improve the BIOS to handle new technology ... fine... but some of this is just crap not needed, and like many other things solutions looking for problems. Scripting in a BIOS, talk about a !$(!*()$!() security hole big enough for a battleship... GEEZ!
--
1311393600 - Back to Black.....Black....Black....


FF4m3

@bhn.net
said by TuxRaiderPen:

The intended goal of "Secure" Boot is LOCKOUT Linux! Period. Any one, ANY ONE, ANY ONE! who believes otherwise is just fooling them selves...Yes, when the idea for it came about... it probably was for what its stated name is, but is been corrupted along the birth canal to its current mess.

+1

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS
reply to TuxRaiderPen

FSF, LF? You will have factions who will not agree to either running this.

It's hardly Intel and Microsoft's fault that the open-source advocates can't stop squabbling like children. Or perhaps that should be 'like politicians', since they're apparently more interested in consolidating their positions than helping those whose interests they claim to have at heart.

TuxRaiderPen

join:2009-09-19
said by dave:
It's hardly Intel and Microsoft's fault that the open-source advocates can't stop squabbling like children. Or perhaps that should be 'like politicians', since they're apparently more interested in consolidating their positions than helping those whose interests they claim to have at heart.
I don't think any one with any stake in OS on equipment should be involved in this whole signing thing...

And absolutely not verisign they are more corrupt than the 2 players you mention, and the FSF and LF combined.

No I don't know who.....and no I don't need the "UN" involved in it or TubeGore. A respected, third party ... OK... time for more FlavorAde and meds, cause with that one I've obvisouly lost it.

BUT irregardless of who you get to be this "independent neutral third party" [glurp!] . . . what is going to FORCE/MANDATE/REQUIRE that "Linux KEY", "BSD KEY", "Solaris key", is going to be present? ? IN PLACE OR IN ADDITION to the lamer "OS" key? ANY OEM/ODM even thinking about including a key other than one particular "OS" key will be getting a visit from the ms thugs to 'splain it' how the new licensing works. The same old crap thats been going on for decades.
--
1311393600 - Back to Black.....Black....Black....

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS
I conclude you're against it because you are unable to solve the problem.

So, just turn off Secure Boot and you're done (at least on x86).

ANY OEM/ODM even thinking about including a key other than one particular "OS" key will be getting a visit from the ms thugs to 'splain it' how the new licensing works.

Oh, why didn't you say? You're a conspiracy nut.

So, just turn off Secure Boot and you're done (at least on x86).

TuxRaiderPen

join:2009-09-19
said by dave:
I conclude you're against it because you are unable to solve the problem.
Secure Boot at this time is really only needed for one "OS."

Its solves nothing really, security wise.

said by dave:
So, just turn off Secure Boot and you're done (at least on x86).
First I plan to.

said by TuxRaiderPen:

Any new hardware I get will be:

UEFI and Secure Boot - DISABLED
Legacy BIOS ENABLED
UEFI BIOS REPALCED with a NON UEFI and I will be actively sourcing motherboards with just that ability and BIOS(s).


If your reading comprehension had kicked in you would have read the above in a prior message.

said by dave:
Oh, why didn't you say? You're a conspiracy nut.
No. If you don't think ms is 'splain'ng' to OEM's on this, then YOUR the nut! Its about as bad if not worse than the whole payola in the record [music] business.

Any one who fails to get that xyz OEM is going to be heavily pressured and other tactics to be sure that NO KEY other than the "annointed and approved" key is in the BIOS.

said by dave:
So, just turn off Secure Boot and you're done (at least on x86).

Again, rereading prior post, will show:

said by TuxRaiderPen:

Any new hardware I get will be:

UEFI and Secure Boot - DISABLED
Legacy BIOS ENABLED
UEFI BIOS REPALCED with a NON UEFI and I will be actively sourcing motherboards with just that ability and BIOS(s).
Plain and simple bolied down, UEFI, is just more whippersnappers who got bored and could not just leave well enough alone and find something more constructive to do in with their coding.

Its a BASIC INPUT/OUTPUT SYSTEM, it is NOT a !@$!&*&$!*(&$!*(@& *! GUI system... and you don't need no !*()@&$!()@*$!()* mouse to change things in the BIOS!

Scripting in a BIOS? For WHAT?! ! Security hole wider than a battelship!

What you need is a BASIC system to display the settings and allow changes. NOTHING MORE. So it don't have cute little stupid icons, or mouse movements, or touch screen, or explain what any of this does... aaahhhh poor little idolts can't handle it... waaahhhhaaa.. be lucky you don't have to bootstrap your PC's to start them! Been there, done it! I would have zero issue with going back to it, and maybe even dig out the punch tape, cards, and TTY's!

Want to add GPT support or better support for larger HD's, or other things, fine! Doesn't mean we need this mess!

I will say it again... when it started, Secure Boot, probably had good intentions and merit... at this point it does not!

Your missing the ball and the game... its over here! ! ! Ignore the man behind the curtain! And your little dog too!
--
1311393600 - Back to Black.....Black....Black....