LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

'You have to divulge your private key' meme

'You have to divulge your private key' meme

Posted Jul 6, 2012 17:28 UTC (Fri) by davidescott (guest, #58580)
In reply to: 'You have to divulge your private key' meme by mjg59
Parent article: The FSF's advice to distributors on UEFI secure boot

Also there probably aren't any legal requirements to follow (a) unless they want to sell a Dual Boot OEM/Windows sticker-ed system. Most probably want to meet (a) and would find it easy enough to do so, but some might choose to skip that step and could have trouble meeting (d). So (a) should probably be struck from the list.

(Log in to post comments)

'You have to divulge your private key' meme

Posted Jul 6, 2012 17:42 UTC (Fri) by mjg59 (subscriber, #23239) [Link]

So ensuring that you haven't removed the "Disable secure boot" option from your firmware is a reasonable requirement for OEMs that want to ship Windows, but not a reasonable requirement for OEMs that want to ship Ubuntu?

'You have to divulge your private key' meme

Posted Jul 6, 2012 17:59 UTC (Fri) by davidescott (guest, #58580) [Link]

I certainly understand and agree from the perspective of what we would like. I would like a system that allows me to trust the keys of people I trust (like one mjg59) and secure my systems to only boot things he signs -- but from a practical matter:

Yes, I think it is reasonable that Canonical would want to allow its distributors to make a product based on open source software that is in fact more restricted than what one would get by purchasing an MSFT product.

If a distributor told Canonical "we will use Ubuntu only if we get to completely lock it down," I would understand that Canonical would say we discourage that, but won't stop you. I don't like those kinds of products, and I wouldn't buy such a product, and would discourage others from buying it, but I don't think Canonical should say no and don't think worse of them for saying yes. Their bug #1 is that Linux is not the most used operating system on the desktop, anything to get desktop linux (ie gnome/kde instead of android) into the hands of end users is in the interest of closing their bug #1.

In many ways this is just the Android debate all over again, but on the desktop. I'm not thrilled with Android, but I don't think its been bad for software freedom in general, as its a heck of a lot better than the iOS everything road we were down. Maybe I'll eat those words in 10 years, but at the moment that is how I feel.

'You have to divulge your private key' meme

Posted Jul 10, 2012 3:12 UTC (Tue) by raven667 (subscriber, #5198) [Link]

They don't own the copyright for everything (or even a majority) of the software they ship so they aren't in a position to OK any lockdown with any vendors.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds