*countable infinities only
greno at verizon.net
Thu May 31 16:49:53 UTC 2012
On 05/31/2012 12:46 PM, Peter Jones wrote:
> On 05/31/2012 12:16 PM, Gerry Reno wrote:
>> On 05/31/2012 12:13 PM, Miloslav Trmač wrote:
>>> On Thu, May 31, 2012 at 6:04 PM, Gerry Reno<greno at verizon.net> wrote:
>>>> SecureBoot is not about security. It is about restriction.
>>> That is just untrue. SecureBoot can be used to make sure you only run
>>> the software you intended to run, which is impossible without
>>> SecureBoot (e.g. this cannot be done with a TPM). The idea is solid,
>>> the technology is or can be made solid.
>> No. The user is not in control here. Microsoft is in control.
> That's what we said in the working group. I'm not able to expand on that,
> as working group conversations are under NDA, but suffice it to say that
> argument didn't get us anywhere.
The issue could be solved by having the SecureBoot default setting depend on the OS being booted:
SecureBoot should only be Default:ON for Microsoft OS's and any other OS's that want to deal with that
and should be Default:OFF for all others.
More information about the devel