*countable infinities only

phantomjinx p.g.richardson at phantomjinx.co.uk
Fri Jun 1 12:30:49 UTC 2012 

On 06/01/2012 12:58 PM, Steve Clark wrote:
> On 05/31/2012 09:14 PM, Kevin Kofler wrote:
>> Chris Adams wrote:
>>> - Secure boot is required to be able to be disabled on x86 (the only
>>> platform Fedora will support it).
>> And this is exactly why we should just require our users to disable it!
>>
>> I don't see any advantage at all from supporting this "feature", just 
>> problems:
>> * extra restrictions added to GRUB and the kernel to comply with the 
>> "security" (lockout) requirements. Even if they're all conditional on 
>> "secure" boot being enabled (are they really?), that still means extra code 
>> which can cause extra breakage even when running in normal mode (the one 
>> every Free Software user should be using).
>> * possible GPL violation. Did Red Hat Legal have a look at the plans 
>> already? Are they sure they're compliant with the GPL, v2 when it comes to 
>> the kernel, v3 when it comes to GRUB 2? (What's sure is that they aren't 
>> compliant with the spirit of the GPL, whatever version!)
>> * ineffectiveness of the added restrictions: Can't you still bring up a 
>> "Blue Pill" with a Window$ VM even with only unsigned userspace apps? And if 
>> we don't even allow those, where's the freedom?
>> * exercising your freedom to change the kernel (or even just to load an out-
>> of-tree module!) requires you to disable "Secure" (Restricted) Boot anyway, 
>> so why support the restricted mode? (As much as I hate proprietary drivers, 
>> you can definitely expect a horde of their users showing up at your door 
>> with a pitchfork…)
>> * implicit endorsement of M$ and their signature racket (including a 
>> monetary payment to their racketing partner Veri$ign – was that already 
>> made?). It might even lead M$ to drop the requirement to allow disabling 
>> "Secure" Boot (or even invert it into a prohibition as on ARM!), arguing 
>> that "Linux" (sic, should be GNU/Linux) supports it too anyway.
>> * dependence on the racket, which can change its terms at any moment.
>>
>> Just saying "disable 'Secure' Boot in the BIOS" is the easiest solution to 
>> the problem. I remember the days where one had to disable "Plug&Play 
>> Operating System" in the BIOS to get GNU/Linux to boot at all on some 
>> machines, it didn't cause any real problems.
>>
>>         Kevin Kofler
>>
> +100
> 
> 
> -- 
> Stephen Clark
> *NetWolves*
> Director of Technology
> Phone: 813-579-3200
> Fax: 813-882-0209
> Email: steve.clark at netwolves.com
> http://www.netwolves.com
> 
> 
> N�n�r����)em�h�yhiם�w^��

+100

-- 
Paul Richardson

  * p.g.richardson at phantomjinx.co.uk
  * pgrichardson at linux.com

More information about the devel mailing list