*countable infinities only
p.g.richardson at phantomjinx.co.uk
Fri Jun 1 12:30:49 UTC 2012
On 06/01/2012 12:58 PM, Steve Clark wrote:
> On 05/31/2012 09:14 PM, Kevin Kofler wrote:
>> Chris Adams wrote:
>>> - Secure boot is required to be able to be disabled on x86 (the only
>>> platform Fedora will support it).
>> And this is exactly why we should just require our users to disable it!
>> I don't see any advantage at all from supporting this "feature", just
>> * extra restrictions added to GRUB and the kernel to comply with the
>> "security" (lockout) requirements. Even if they're all conditional on
>> "secure" boot being enabled (are they really?), that still means extra code
>> which can cause extra breakage even when running in normal mode (the one
>> every Free Software user should be using).
>> * possible GPL violation. Did Red Hat Legal have a look at the plans
>> already? Are they sure they're compliant with the GPL, v2 when it comes to
>> the kernel, v3 when it comes to GRUB 2? (What's sure is that they aren't
>> compliant with the spirit of the GPL, whatever version!)
>> * ineffectiveness of the added restrictions: Can't you still bring up a
>> "Blue Pill" with a Window$ VM even with only unsigned userspace apps? And if
>> we don't even allow those, where's the freedom?
>> * exercising your freedom to change the kernel (or even just to load an out-
>> of-tree module!) requires you to disable "Secure" (Restricted) Boot anyway,
>> so why support the restricted mode? (As much as I hate proprietary drivers,
>> you can definitely expect a horde of their users showing up at your door
>> with a pitchfork…)
>> * implicit endorsement of M$ and their signature racket (including a
>> monetary payment to their racketing partner Veri$ign – was that already
>> made?). It might even lead M$ to drop the requirement to allow disabling
>> "Secure" Boot (or even invert it into a prohibition as on ARM!), arguing
>> that "Linux" (sic, should be GNU/Linux) supports it too anyway.
>> * dependence on the racket, which can change its terms at any moment.
>> Just saying "disable 'Secure' Boot in the BIOS" is the easiest solution to
>> the problem. I remember the days where one had to disable "Plug&Play
>> Operating System" in the BIOS to get GNU/Linux to boot at all on some
>> machines, it didn't cause any real problems.
>> Kevin Kofler
> Stephen Clark
> Director of Technology
> Phone: 813-579-3200
> Fax: 813-882-0209
> Email: steve.clark at netwolves.com
* p.g.richardson at phantomjinx.co.uk
* pgrichardson at linux.com
More information about the devel