User: Password:
|
|
Subscribe / Log in / New account

Playing a game that cannot be won?

Playing a game that cannot be won?

Posted Jan 18, 2013 20:36 UTC (Fri) by nevets (subscriber, #11875)
In reply to: Playing a game that cannot be won? by proski
Parent article: Signing ELF binaries

As the developers are aggressively pushing the secure boot features, it seems to be a way to prove they are doing their "best effort" against a security compromise. We probably couldn't win against MS if we just abandoned their whole secure boot, and force the vendors to keep secure boot off. Although with Windows 8 not doing so hot, maybe we could.

Now if MS were to revoke a Linux key, then we can show the courts that we did everything and then some to not be a source of compromise. Even if Linux ends up being a source of a security breach, the fact that we did so much to avoid it, will at least demonstrate that it was not due to neglect on our part.


(Log in to post comments)

Playing the game automatically concedes defeat

Posted Jan 26, 2013 1:49 UTC (Sat) by cas (subscriber, #52554) [Link]

Now if MS were to revoke a Linux key, then we can show the courts that we did everything and then some to not be a source of compromise. Even if Linux ends up being a source of a security breach, the fact that we did so much to avoid it, will at least demonstrate that it was not due to neglect on our part.

Actually, it would work in exactly the opposite way - by attempting to implement Microsoft's secure boot and failing, they are legitimising Microsoft's demands and providing justification for Microsoft to revoke linux keys for failure to comply or for any reason at all.

i.e. by attempting to implement, they are undermining their best argument (in court and in the outside world), that Microsoft has no legal right to unilaterally grant itself the power to decide what is allowed to boot, and that their attempt to do so is an illegal abuse of a monopoly.

These attempts to appease Microsoft are short-sighted and we will all come to regret them bitterly - even if they succeed (unlikely), the absolute best we can hope for is centralised control over official bootable linux kernels. say goodbye to small and non-commercial distros, say goodbye to experimentation. and say goodbye to the right to run whatever the hell you want on your own hardware. And that's the best. The actual result is likely to be far worse.

Playing the game automatically concedes defeat

Posted Jan 26, 2013 5:40 UTC (Sat) by mjg59 (subscriber, #23239) [Link]

"Actually, it would work in exactly the opposite way"

You have the background to provide a legal justification for that?

Playing the game automatically concedes defeat

Posted Jan 26, 2013 6:15 UTC (Sat) by cas (subscriber, #52554) [Link]

No, do i need a legal background to hold or express an opinion? Do you have one?

What I do have is a functioning memory and a reasonable ability to extrapolate from similar concepts.

By playing Microsoft's game you are implicitly accepting their terms and conditions, or as i said the first time around, legitimising Microsoft's *right* to terminate your boot key according to whatever rules they choose.

Actually, it's worse than that - to get a key signed by MS you have to *explicitly* accept their terms and conditions (BTW, do they have a clause saying they can unilaterally change them at any time?). It would be extremely unlikely for a court to invalidate such a consciously chosen and legal agreement.

Appeasement on the secureboot issue may be good, cheap, and convenient policy for RH and other corporate linux vendors. Not for anyone else.

Playing the game automatically concedes defeat

Posted Jan 26, 2013 6:24 UTC (Sat) by mjg59 (subscriber, #23239) [Link]

"No, do i need a legal background to hold or express an opinion?"

No, but having some ability to actually support contentions like "By playing Microsoft's game you are implicitly accepting their terms and conditions" is pretty important if you want anyone to pay any attention to what you're saying.

"Do you have one?"

No, but I've spent a significant amount of time speaking to lawyers about Secure Boot over the past 18 months, which is more than you seem to have done.

Playing the game automatically concedes defeat

Posted Jan 26, 2013 6:36 UTC (Sat) by cas (subscriber, #52554) [Link]

Appeal to Authority is a very popular logical fallacy, and you manage to improve upon it by adding the marvellous twist of second-hand, indirect authority.

Well done!

BTW, I note that you didn't comment on my "to get a key signed by MS you have to *explicitly* accept their terms and conditions" paragraph. I take it you have no glib logical fallacy at hand to distract from that so settled on the Ignore It And It Might Go Away technique?

Playing the game automatically concedes defeat

Posted Jan 26, 2013 6:45 UTC (Sat) by raven667 (subscriber, #5198) [Link]

Actually knowing something about what you are talking about isn't a logical fallacy "appeal to authority", it's actually knowing something about what you are talking about.

Playing the game automatically concedes defeat

Posted Jan 26, 2013 8:29 UTC (Sat) by cas (subscriber, #52554) [Link]

Entirely true. Also irrelevant. mj59 doesn't have any more valid an opinion about legal matters than I do.

I expect that any lawyers he has spoken to about secureboot would have been Redhat's lawyers, and their angle on the problem would have been entirely on the topic of Redhat's corporate needs, and how to solve the problem for RH in the most efficiently pragmatic way possible.

Pragmatism doesn't always conflict with idealism but this is one case where it definitely does.

Playing the game automatically concedes defeat

Posted Jan 26, 2013 11:48 UTC (Sat) by paulj (subscriber, #341) [Link]

Also, short-term pragmatism can conflict with long-term pragmatism. Idealism may sometimes be long-term pragmatism.

Playing the game automatically concedes defeat

Posted Jan 27, 2013 16:18 UTC (Sun) by mathstuf (subscriber, #69389) [Link]

Red Hat has not always acted only for its own purposes. Take the patent settling cases where Red Hat got all of FOSS a license for the patents in question. So they do have a record for going beyond the (typical) call of duty.

That said, it would be nice to have some clarification of what they think the fallout of Microsoft revoking a Linux key (both for "but h4x" and "because market share[holders]" scenarios) would likely be.

Playing the game automatically concedes defeat

Posted Jan 27, 2013 16:38 UTC (Sun) by mjg59 (subscriber, #23239) [Link]

I can't speak for Red Hat, but the expected outcome of a revoked signature due to security issues is a staged update of new binaries followed by a blacklist update, with the only user-visible inconvenience being that old media will stop working. The expected outcome of a revoked signature due to any other issue is a series of lawsuits.

Playing the game automatically concedes defeat

Posted Jan 26, 2013 6:52 UTC (Sat) by mjg59 (subscriber, #23239) [Link]

Of course, we should ignore informed discussion in favour of handwaving because the alternative might possibly be something that could be construed as falling under something in Wikipedia's List Of Logical Fallacies. Good point. Let's move on to arguing about whether heliocentrism is relevant in modern life, because how many of us have actually observed the Earth's motion directly?

"to get a key signed by MS you have to *explicitly* accept their terms and conditions"

Have you read those terms and conditions? Have you consulted a lawyer to determine precisely which rights you're giving up? Or are you just asserting that they're unreasonable without any justification at all?

Playing the game automatically concedes defeat

Posted Jan 26, 2013 8:18 UTC (Sat) by cas (subscriber, #52554) [Link]

How exciting, another transparent attempt to evade any actual consideration of the issue - far easier to attempt to arrograntly dismiss it with a wikipedia slur. Too bad, i'm not so easily distracted with irrelevance.

My point is that it is entirely unreasonable to have to beg Microsoft's permission to run anything. So unreasonable that the only reasonable response is to refuse to have anything to do with it.

By agreeing to *ANY* conditions, no matter how benign or light-weight they might be, you are conceding that Microsoft does indeed have a right to grant or deny such permission.

You mean well and have good intentions, but you are enabling Microsoft in their aim to be gatekeeper of what software is permitted to execute. Aside from the old adage about the road to hell, the trouble with your work is that it is short-sighted and short-term pragmatism (you have what appears to be a technical problem and want to solve it now) with no regard for the long-term consequences. One day you will realise exactly what you have enabled and come to bitterly regret it. Unfortunately, you won't be the only one to suffer the consequences.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds