| |||||||||||||
Fedora, secure boot, and an insecure futureFedora, secure boot, and an insecure futurePosted Jun 5, 2012 22:45 UTC (Tue) by neilbrown (subscriber, #359)Parent article: Fedora, secure boot, and an insecure future
Maybe there is an upside to MS mandating secure boot.
It means that Linux users cannot use MS-Windows-8 certified hardware, so instead of just grumbling about paying a "windows tax" they will be more motivated to petition vendors to provide MS-Windows-free systems.
Presumably a vendor could easily sell two versions on the one hardware, one with an MS-Windows sticker and secure boot enabled, one with no sticker (or maybe a "Your Freedom Respected" sticker) and secure boot disabled. They would just need a modest probability of sales to justify the small effort.
I'm sure we have the buying power to support vendors who agree to support our freedom, but as yet the motivation to use it hasn't been strong enough. Maybe secure-boot will change that.
(Log in to post comments)
Fedora, secure boot, and an insecure future Posted Jun 5, 2012 23:07 UTC (Tue) by russell (subscriber, #10458) [Link]
I like your thinking. Perhaps this could also spur free software companies to develop and freely distribute a UEFI implementation that makes managing these issues ( plus UEFI bugs ) easy. Hardware vendors love free, just look at android.
Fedora, secure boot, and an insecure future Posted Jun 6, 2012 4:55 UTC (Wed) by misc (subscriber, #73730) [Link]
You mean something based on http://www.coreboot.org/TianoCore as a payload of coreboot ?
Fedora, secure boot, and an insecure future Posted Jun 5, 2012 23:41 UTC (Tue) by faramir (subscriber, #2327) [Link]
I wish Linux desktop users had ANY market power at all. (I'm assuming that it is desktop users that matter here. Server admins are quite capable of setting their BIOS appropriately.)
Picking some random source (statcounter.com) seems to show the number of "other" web browsing OSes out there to be less then 3%. Even if Linux was all of that "other", it would still be less then half the number of MacOS X users. Your "modest probability of sales" is never going to capture that entire 3% and would require the vendor to double the number of types of physical products that they stocked. I'm pretty sure that any MBA worth his salt would laugh at us if we suggested it.
Fedora, secure boot, and an insecure future Posted Jun 14, 2012 13:51 UTC (Thu) by JanC_ (guest, #34940) [Link]
Canonical mentioned recently that they know about something between 8-10 million computers being sold with Ubuntu pre-installed by OEMs. That's already more than the number of PCs sold with Mac OS X pre-installed, and I'm sure it's more than enough for MBAs not to laugh at it...
Fedora, secure boot, and an insecure future Posted Jun 14, 2012 13:52 UTC (Thu) by JanC_ (guest, #34940) [Link]
Those numbers were for sales last year BTW.
Fedora, secure boot, and an insecure future Posted Jun 6, 2012 1:52 UTC (Wed) by csamuel (✭ supporter ✭, #2624) [Link]
There are already companies out there making hardware (desktops, laptops, etc) for Linux and it'd be a pretty safe bet they won't be shipping anything with secure boot enabled by default, so go support them.
Fedora, secure boot, and an insecure future Posted Jun 11, 2012 11:37 UTC (Mon) by nix (subscriber, #2304) [Link]
I'd have assumed that... but the company I bought Linux hardware from last is now selling machines advertised as 'Linux-friendly', every one of which requires a binary-only module for its network card and another binary-only module for its graphics. So allowing user recompilation of kernels doesn't seem to be a long way up vendors' priority lists :(
Fedora, secure boot, and an insecure future Posted Jun 11, 2012 11:50 UTC (Mon) by cortana (subscriber, #24596) [Link]
I've come to begrudgingly accept that proprietary graphics drivers are a fact of life, but I really don't understand the recent (or so it seems to be) fetish with proprietary ethernet drivers! A decade ago any cheap PC had an onboard VIA or Realtek ethernet interface that worked fine with open drivers... what has changed?
Fedora, secure boot, and an insecure future Posted Jun 12, 2012 1:37 UTC (Tue) by bronson (subscriber, #4806) [Link]
Complex, proprietary wireless stacks covered by tenuous patents.
Turn off security Posted Jun 6, 2012 8:07 UTC (Wed) by rvfh (subscriber, #31018) [Link]
Many people run pirated copies of Windows and Office [1]. I think that if people start to have to actually pay for MS software, they might quickly start looking for alternatives and thus unlocked hardware. That's been the hope for quite some time, and it might finally come true.
What is more, I wonder how having a 'secure boot' will prevent Windows system from being infected by viruses.
Also, from what I can see on forums, people do as they are told, even if you tell them to run 'sudo rm -rf /'
This leads me to think that many people might actually "turn off security" on their machines:
[1] http://www.tomshardware.com/news/China-Piracy-steve-ballm...
Lets win the language war this time Posted Jun 8, 2012 0:58 UTC (Fri) by jmorris42 (subscriber, #2203) [Link]
> or maybe a "Your Freedom Respected" sticker
No, stop this line of thought. Won't work. If one option is "Secure Boot" and another is something like that we lose. We have to try like heck to influence what phrases the average tech journalist ends up using.
"Vendor Locked" for "Secure Boot" is a phrase we would win on and it just happens to be a lot more accurage. After all it isn't likely to be all that secure but it will tend to act as a way to lock any hardware with the Windows 8 logo to Microsoft.
And we want a nice suit friendly phrase for us to all get behind for the open option. "Vendor Neutral" perhaps? Or just "Unlocked" and an opened padlock logo? Or springboard off the phone/tablet wars and use "jailbroken" with an open cell door. If phone makers are seeing the wisdom as pitching it as a feature it is a pretty good bet motherboard makers would.
Or if the product includes the ability to install our own keys we get even better options to win the idea war. Imagine a logo of a closed lock with a key in the lock and another dangling on a ring like a brand new padlock. And something like "User keyable" under it. Carries all the warm fuzzies of security (such as it actually is) while also giving that user empowerment vibe.
But I'll say it again. If we can't raise enough of a ruckus to get seamless keying built in as an expected feature we are going to eventually lose. What I'm talking about here is that a new machine boots with NO keys. You pop in the Windows 8 media and pick "Install a new OS" from the BIOS and it grabs a keyring off the install media from a standardized location, adds (not replaces) those keys to it's store and boots the media. Later you stick in Fedora and do the same thing. OR if no keys are on the media you get a scary warning about it and are offered the option to install an 'insecure' legacy operating system.
|
|||||||||||||