Red Hat Will Pay Microsoft To Get Past UEFI Restrictions

Sam Varshavchik mrsam at courier-mta.com
Tue Jun 5 01:53:54 UTC 2012 

JD writes:

> On 06/04/2012 05:03 PM, Sam Varshavchik wrote:
>> JD writes:
>>
>>> I lost you guy!
>>> I mean I do not understand how the creation of a single linux distro
>>> signature authority for all linuxes, undermines whatever MS does to secure  
>>> it's OS.
>>> Are the two necessarily mutually exclusive (i.e. they cannot both be used on
>>> dual or milti-boot systems?
>>
>> This has been explained in this thread before.
>>
>> It is logically impossible to have a so-called "secure-boot" for both a free  
>> OS and a non-free OS on the same platform. Since, by definition, a free OS  
>> allows unrestricted access to the hardware, a free OS can then be trivially  
>> used to bypass any secure boot hardware restrictions for a non-free OS.
>>
>> Secure boot is worthless to Microsoft, if Linux is able to use it. This is a  
>> provable fact. Therefore, no matter what the current drivel in Microsoft's  
>> published literature says right now, Linux will be denied access to "secure  
>> boot" hardware, in its final form. Microsoft will make sure of that.
>>
>>
> OK, I see what you were driving at.
> Does this mean that there will be NO pc desktops and laptops
> that will still let people boot Linux or BSD and their various
> branches?

Microsoft will certainly want to do everything to make that happen, of  
course. That's a no brainer.

But, whether or not this will happen, remains to be seen.

> So, I think this really makes the creation of a single Linux/BSD
> authority for providing secure boot HW to boot Linux, and which
> will NOT not boot MS, becomes more and more desire-able.
> Sort of like tit-for-tat.

There's certainly a lot of money in server-level hardware that runs Linux. I  
don't see anything that Microsoft could possibly do about it.

Possibly, in the worst case, in a distant future it will be a little bit  
difficult to find consumer-grade hardware, like laptops, which have the  
necessary bits – either a switch to disable secure boot, or an easy way to  
install the right keys – to run Linux. That's the worst possible outcome  
that I could see. But, that's not a given, and there's no guarantee that  
Microsoft will succeed in locking down the consumer hardware platform.

It goes without saying that everything must be done to thwart this thread of  
free and open hardware. But paying someone $99 for a certificate is not how  
you go about fighting this thing.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120604/5aeed82d/attachment.sig>

More information about the users mailing list