Red Hat Will Pay Microsoft To Get Past UEFI Restrictions
Kevin Fenzi
kevin at scrye.com
Tue Jun 5 02:47:19 UTC 2012
On Mon, 04 Jun 2012 18:06:24 -0700
JD <jd1008 at gmail.com> wrote:
> On 06/04/2012 05:03 PM, Sam Varshavchik wrote:
> >
> > This has been explained in this thread before.
> >
> > It is logically impossible to have a so-called "secure-boot" for
> > both a free OS and a non-free OS on the same platform. Since, by
> > definition, a free OS allows unrestricted access to the hardware, a
> > free OS can then be trivially used to bypass any secure boot
> > hardware restrictions for a non-free OS.
I'm not following your logic there...
> > Secure boot is worthless to Microsoft, if Linux is able to use it.
> > This is a provable fact. Therefore, no matter what the current
> > drivel in Microsoft's published literature says right now, Linux
> > will be denied access to "secure boot" hardware, in its final form.
> > Microsoft will make sure of that.
Can you tell me the winning lotto tickets next week too?
> OK, I see what you were driving at.
> Does this mean that there will be NO pc desktops and laptops
> that will still let people boot Linux or BSD and their various
> branches?
Not at all. In fact all the ones that support secure boot will also
allow you to disable it.
> So, I think this really makes the creation of a single Linux/BSD
> authority for providing secure boot HW to boot Linux, and which
> will NOT not boot MS, becomes more and more desire-able.
> Sort of like tit-for-tat.
No one has wanted to be this 'authority'. Perhaps someone will come out
appear now given all the press.
However, you should hopefully be able to just create and sign your own
keys if you like, so no need to have an authority for that unless you
want Microsoft to sign your bootloader shim so it works without any
firmware configuration.
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120604/9b8c9fa4/attachment.sig>
More information about the users
mailing list