*countable infinities only

Gregory Maxwell gmaxwell at gmail.com
Sun Jun 17 00:36:05 UTC 2012

On Sat, Jun 16, 2012 at 8:16 PM, Chris Murphy <lists at colorremedies.com> wrote:
> Calls for speculation. We know what the certification policy used to be. We also know how long DOJ takes to do anything, let alone politicking behind the scenes to arrive at compromise, let alone its day in court. Years. Generations of computers without a disable feature.

Good job selectively quoting the part of my message where I was saying
that it was a call for speculation either way.

> This handful are the people who use adversarial words like: fight, war, battle, attack, surrender, engagement, tactical, etc. to describe this topic. This verbiage is the hallmark of propaganda, designed to cause emotive reactions in people, so they don't consider inconvenient things like facts.

I certainly have not done this and by using this argument against me I
feel you're guilty of the same:  It appears to me that you're
suggesting that I'm somehow asscoiated with "propaganda" (an
emotionally laden word too) and that people should not bother with an
inconvenient thing like contemplating my position.

> Oh, the same people who must think boot loader malware is somewhere in the continuum of people's imaginations to being exclusively a Windows threat.

Except, as I argued early in these thread, for Fedora the
cryptographic lockdown will not meaningfully inhibit boot _time_
malware.  If malware can exploit your kernel to infect the bootloader
so that the kernel rootkit is reinstalled at every boot to prevent
updates from removing it then it can just as well infect systemd to
the exact same end.  It only helps if the whole system runs no
unsigned code at least upto the point where it connects to the
internet and gets updates.

There are a great many things Fedora could do which would have clear
security benefit without the compromises. Where is the effort to fully
seccomp-2 restrict and/or SELinux lockdown every use app that handles
hostile network input, for example.   Closing the door on botnet
software long after the machine is compromised is a pretty weak
security feature and thats the most the signed bootloader/kernel can
offer, and even that requires signing up half the userspace too.

> The Windows 8 certification is the most significant change in Microsoft's hardware requirements ever, as far as I can tell. It's a significant departure from their "support legacy at most any cost" position prior to this. Clearly they are more than a bit concerned about boot loader malware than they are gaining, what, 1%, by obliterating the entirety of desktop Linux with this conspiracy.

Old hardware will continue to run Windows 8. I don't see that I've
seen any evidence of Microsoft adopting policy to ensure that new
hardware would continue to run Windows, are you saying they have?

More information about the devel mailing list