*countable infinities only
greno at verizon.net
Fri Jun 1 16:48:55 UTC 2012
On 06/01/2012 12:45 PM, Matthew Garrett wrote:
> On Fri, Jun 01, 2012 at 06:16:37PM +0200, Kevin Kofler wrote:
>> Adam Jackson wrote:
>>> False. Quoting from Matthew's original post:
>>> "A system in custom mode should allow you to delete all existing keys
>>> and replace them with your own. After that it's just a matter of
>>> re-signing the Fedora bootloader (like I said, we'll be providing tools
>>> and documentation for that) and you'll have a computer that will boot
>>> Fedora but which will refuse to boot any Microsoft code."
>> Removing the M$ key is not viable because the firmware on some peripheral
>> hardware will be signed only with the M$ key.
> "It may be a little more awkward for desktops because you may have to
> handle the Microsoft-signed UEFI drivers on your graphics and network
> cards, but this is also solvable. I'm looking at ways to implement a
> tool to allow you to automatically whitelist the installed drivers."
We are all, Microsoft included, headed for signature-HELL.
This is going to gum up the entire x86 hardware ecosystem to such a point and Microsoft will rue the day they ever
dreamt up this nonsense.
More information about the devel