*countable infinities only

Gerry Reno greno at verizon.net
Fri Jun 1 16:48:55 UTC 2012

On 06/01/2012 12:45 PM, Matthew Garrett wrote:
> On Fri, Jun 01, 2012 at 06:16:37PM +0200, Kevin Kofler wrote:
>> Adam Jackson wrote:
>>> False.  Quoting from Matthew's original post:
>>> "A system in custom mode should allow you to delete all existing keys
>>> and replace them with your own. After that it's just a matter of
>>> re-signing the Fedora bootloader (like I said, we'll be providing tools
>>> and documentation for that) and you'll have a computer that will boot
>>> Fedora but which will refuse to boot any Microsoft code."
>> Removing the M$ key is not viable because the firmware on some peripheral 
>> hardware will be signed only with the M$ key.
> "It may be a little more awkward for desktops because you may have to 
> handle the Microsoft-signed UEFI drivers on your graphics and network 
> cards, but this is also solvable. I'm looking at ways to implement a 
> tool to allow you to automatically whitelist the installed drivers."

We are all, Microsoft included, headed for signature-HELL.

This is going to gum up the entire x86 hardware ecosystem to such a point and Microsoft will rue the day they ever
dreamt up this nonsense.


More information about the devel mailing list