|
|
Subscribe / Log in / New account

LSS: Secure Boot

LSS: Secure Boot

Posted Sep 14, 2012 11:14 UTC (Fri) by hummassa (subscriber, #307)
In reply to: LSS: Secure Boot by mjg59
Parent article: LSS: Secure Boot

> ... which is, as mentioned, not the attack that we're especially worried about.

Yea, what people implementing "Secure" Boot &c seem to be especially worried about is to enable exactly the opposite to what Corbet described in this week's LWN first article:

> It is time to pay more attention to the copyright maximalist agenda and push back. Fair use rights must be asserted where they exist and created where they don't. The business concerns of the entertainment industry should not drive the design of our systems, our networks, and our international agreements.

...

> the system we use to ensure the freedom of our software can also take away our freedom on other fronts if we do not pay attention. A world where our right to express ourselves is moderated by somebody else's software — usually very proprietary software — is not what we have been working for.

Enough said.

Boot signing -- "secure" boot -- has a deep flaw: that (practically) all software is exploitable to do something it was not meant to do, and that it will be exploited by people with enough to gain by it.

to post comments

LSS: Secure Boot

Posted Sep 14, 2012 13:07 UTC (Fri) by corbet (editor, #1) [Link] (4 responses)

Hmm... secure boot-like technologies certainly can play into the copyright maximalist agenda. It's not really a DRM technology, though, it's more of a general control technology — who has control over the systems we think we own? I believe the folks working on making Linux work in the secure environment are doing their best to ensure that the owners have control over their own systems. Secure boot can be used to do unpleasant things; it can also (at least try to) protect your system against the next Sony-style rootkit.

What everyone needs to know

Posted Sep 15, 2012 22:57 UTC (Sat) by CChittleborough (subscriber, #60775) [Link]

To understand the whole Secure-Boot-and-Linux kerfuffle at a high level, all you need to do is read the previous comment carefully.

(Notice that secure boot is an attempt to solve a real problem, not some dastardly plot by mustache-twirling villains, and has real advantages as well as real disadvantages.)

Changing topic: let's all try to avoid making Matthew Garrett's life any harder. Let's all be grateful he's working on this stuff, because we need his work.

LSS: Secure Boot

Posted Sep 22, 2012 23:15 UTC (Sat) by ballombe (subscriber, #9523) [Link] (2 responses)

Unless Sony get its virus signed with the microsoft key.

LSS: Secure Boot

Posted Sep 23, 2012 12:05 UTC (Sun) by raven667 (subscriber, #5198) [Link]

I don't think there is an incentive for them to do that, the money isn't any where near good enough.

LSS: Secure Boot

Posted Sep 23, 2012 14:16 UTC (Sun) by mjg59 (subscriber, #23239) [Link]

I don't understand what you're suggesting. Any binary can be revoked, regardless of who signed it.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds