news at 11.
Posted Apr 24, 2003 14:43 UTC (Thu) by coriordan
Parent article: Linus on digital rights management
I don't see why Linus made such a big deal about this announcment. From reading the thread on lkml.org, it seems like the linux-hackers don't really care. I'm guessing this was brought up by talk of Treacherous Computing but I don't think kernel-signing is the same thing.
There are three reasons for it's non-importance:
1) signed-kernels (and other pieces of software) can be a good thing. Wouldn't you like to be sure that the server you log into to check your mail isn't secretly monitoring you? check the signatures of the shell/kernel/mta/mua/etc/etc/... (this could be moot due to reason 2:)
2) A work around is possible. The users only needs to have a copy of a signed kernel on their system, they *don't* have to be running it.
3) The only threat to the user is that certain apps will be programmed to only run if the users system is running a kernel from a particular vendor. This can not possibly ever be a problem to people who use only Free Software.
anyway: people don't care on lkml, I don't see the deal at all.
to post comments)