*countable infinities only

Gerry Reno greno at verizon.net
Thu May 31 16:49:53 UTC 2012

On 05/31/2012 12:46 PM, Peter Jones wrote:
> On 05/31/2012 12:16 PM, Gerry Reno wrote:
>> On 05/31/2012 12:13 PM, Miloslav Trma─Ź wrote:
>>> On Thu, May 31, 2012 at 6:04 PM, Gerry Reno<greno at verizon.net>  wrote:
>>>>     http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/statement
>>>> SecureBoot is not about security.  It is about restriction.
>>> That is just untrue.  SecureBoot can be used to make sure you only run
>>> the software you intended to run, which is impossible without
>>> SecureBoot (e.g. this cannot be done with a TPM).  The idea is solid,
>>> the technology is or can be made solid.
>> No.  The user is not in control here.  Microsoft is in control.
> That's what we said in the working group. I'm not able to expand on that,
> as working group conversations are under NDA, but suffice it to say that
> argument didn't get us anywhere.

The issue could be solved by having the SecureBoot default setting depend on the OS being booted:

SecureBoot should only be Default:ON for Microsoft OS's and any other OS's that want to deal with that

and should be Default:OFF for all others.


More information about the devel mailing list