*countable infinities only
seth.p.johnson at gmail.com
Sun Jun 17 23:54:17 UTC 2012
On Sat, Jun 16, 2012 at 7:26 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
> Am 17.06.2012 01:14, schrieb Chris Murphy:
>> Please provide an example of a better option, with sufficient detail as to constitute a successful relay of the baton.
>> The point of the thread from the outset was to explore alternatives, but so far those alternatives are vaporware.
Numerous non-vaporware recommendations follow, snipped directly from the thread:
I think my main point stands: talking with, say, Dell, and
Microsoft in private, without a serious legal and propaganda
push, makes Fedora's position weak in the private negotiations.
As soon as the other side made clear that their position was to
accept Microsoft's plan, Red Hat should have called a press
conference and explained the situation to reporters from the New
York Times, the Wall Street Journal, etc..
Please allow me a personal remark: I too have fought one part of
a big battle so hard and so long that it seemed to me that the
part I was engaged in must be the whole battle. I think that
perhaps the negotiators on the Fedora/Red Hat have mistaken one
part of the battle for the whole battle.
My posts argue that Fedora should neither accept, nor seem to
accept, Microsoft's having the Hardware Root Key. One reason not
to seem to accept Microsoft's having the Hardware Root Key is
that, when arguing for Examption 4, the Englobulators will answer
"Well, there is really no issue here. Why, Fedora accepts that
it is right and proper that Microsoft have the Hardware Root
Now, perhaps I misread, or misremember, but in this thread, I
think it was said that a home computer vendor has offered to
allow a key, authorized by what you distinguish as the "PK", to
be loaded into the UEFI, so that Fedora would stand equal to
Microsoft, though both, you now claim, would be equally junior to
the vendor (which claim is not right). And you refused. This is
ridiculous. If one more key can be loaded at point of sale, then
so can several more. And this is not the final step in the
remedy, but only an early step. We can do more. But, if Fedora
agrees that Microsoft gets to dictate what is loaded at point of
sale, well, that is an un-necessary loss. As your statement
shows, your team was not negotiating with Microsoft, nor with the
vendors of hardware, but with a non-existent being of irresistible
power. Of course that negotiation with an imaginary being is
much harder to win than the real negotiation.
RMS had no Red Hat backing him when he started Project GNU. Nor
did Linus when he started the Linux kernel. Nor did the founders
of Red Hat. But you have Red Hat, with a large income, and much
money. You also have many people who will help you, and help
ourselves, in this fight.
Suggestion 2: Have Red Hat buy a large quantity of standard home
machines, on condition that the UEFI not be locked at point of
delivery to Red Hat.
Suggestion 3: Do a better command and control screen for the
UEFI. There is enough room in the UEFI for a big, but very
simple, screen. There is even room for a proper manual. You
have written that there is nothing you can do about the bad
interface of the UEFI. But you can.
ad inability to manage keeping the private half of the Fedora key
private: This is absurd. I will be happy to explain methods
which, if Red Hat wanted, would meet all statutory, and real
security, and even all anti-FUD compliance, requirements. This
claimed inability is not reasonable. Why? Because your position
implies that you trust Microsoft and the hardware vendor more
than you trust yourselves in this. If that is your opinion,
well, why run Fedora ever? After all, in the world your propose
to create, Fedora depends for the security of its boot process,
on Microsoft and Microsoft's partner, the hardware vendor.
My sole comment here (Seth Johnson):
Please be real about the need to act in a manner that comports with
the threat. The course you must take does indeed require political
activities that are not in the normal mode for most people. Yet
that's what's needed, none of this other stuff attempting to finesse
the matter, or to say it's all about finesse. No, it is plain that
failing to take the matter to the political and public court of
opinion will not give you any margin of advantage against the moves
afoot here. You have to draw the line, and draw it correctly. Given
a clear acknowledgement of that, what needs to be done can certainly
be done with some grace. But it's not the finesse that's needed at
this juncture you are now sitting in the middle of. It's the fight.
More information about the devel