I think it is a given that companies which sell products, are going to place profits above the data security of their users. Therefore, what matters is not whether secure boot works, but whether it can be perceived as working by customers. It only becomes critical for the company whether it works or not, when the successful implementation of the technology enables them to secure and hold captive their market (ie, Apple). Given that secure boot doesn't really do this (though it is a side effect), having it work properly won't be a priority so I wouldn't be surprised if it ends up like DRM, an inconvenience. People are talking about the death of the PC, maybe secure boot will hasten the demise? It certainly seems to me that the American corporate model is hell bent on self destruction. Wait till China or India or another nation which doesn't so much care about this provide better freer alternatives. Not hard to do given the shoddy treatment that users are given from current IT providers. Then the US computer hardware industry will become what their car industry has become, an expensive, anachronistic, uncompetitive drain. On 06/07/2012 12:35 PM, Martin Ebourne wrote:
On Thu, 2012-05-31 at 22:55 +1000, Matt Giuca wrote:
Please don't blame the fedora people for this. They are doing what they need to, it's not their fault. They have to do this if they want to offer mostly free software within the reach of people without specialist knowledge. It's really unfortunate that this is the best solution.
Yeah I know.
I said on my Google Plus post<https://plus.google.com/108688191891412975833/posts/Ty72kHyT9KV>: "Did Fedora make the right choice? I honestly don't know, but it's disgraceful that it has come to this."
I just don't know what to think about this, but I can't help feeling that getting into bed with Microsoft can't end well.
Unfortunately it seems even the most basic link in this system - the security of Microsoft code signing - cannot be trusted as evidenced with windows update, and so secure boot will probably not be secure at all:
http://www.symantec.com/connect/blogs/w32flamer-microsoft-windows-update-man...
Meanwhile although x86 PCs are expected to have the ability to disable secure boot MS have decreed that in order to be certified for Windows 8 then ARM based systems *must not* have the ability to disable secure boot, thus completely blocking out all competitive platforms and ensuring a monopoly. With the huge growth in ARM based devices in recent years this is a disaster in progress.
IMO this is just another DRM scheme (albeit one restricting the hardware rather than software or media) and like all DRM schemes it will provide minimal security against the people that matter while massively inconveniencing the users and denying them fair usage rights over the product they have purchased.
Cheers, Martin
_______________________________________________ Free-software-melb mailing list Free-software-melb@lists.softwarefreedom.com.au http://lists.softwarefreedom.com.au/mailman/listinfo/free-software-melb