User: Password:
|
|
Subscribe / Log in / New account

So why not get them the money?

So why not get them the money?

Posted Mar 6, 2013 8:47 UTC (Wed) by ortalo (subscriber, #4654)
In reply to: So why not get them the money? by raven667
Parent article: Loading keys from Microsoft PE binaries

Well, I do not understand your (technical) interrogations. M$ ensures that its version of Windows is executed (or, why do we bother at all with signing a linux-oriented boot loader?). Most recent versions of MS/Win phone home one way or another and check the number of running instances in their environnement very precisely. Everything is in place to compare with the actual bill sent every year...

Linux users in this game are just the troublemakers who made apparent that M$ was grabbing control of OS instances. I am speculating yes, but I suspect this is more due to licensing reasons and monetary interest rather than security reasons and moral issues...

The actual full details may not be perfect, but that would not be the first a commercial security mechanism has design vulnerabilities... Furthermore, the objective is to increase the bill, not block the customer system.
What I am questioning is the true objective of this thing. What I am questioning too is whether bills will increase or not btw... At least, we have an occasion to demonstrate that servers running linux do not pay... anything!


(Log in to post comments)

So why not get them the money?

Posted Mar 6, 2013 16:42 UTC (Wed) by mjg59 (subscriber, #23239) [Link]

"M$ ensures that its version of Windows is executed"

No, it doesn't. You're able to disable the signature checking and you're able to install your own keys. Having done that, you're then free to lie to the OS about whether or not it booted a signed binary.

So why not get them the money?

Posted Mar 6, 2013 18:42 UTC (Wed) by raven667 (subscriber, #5198) [Link]

Or maybe to put it another way, Windows itself can't "require" the signature checking because that happens at a layer below and previous to what the running OS kernel can control. There isn't a mechanism for a running system, doing licensing or validity checks, to verify that it was booted "securely", the verification is forward, not backwards.

Do I have that right, mjg59? 8-)

So why not get them the money?

Posted Mar 6, 2013 18:50 UTC (Wed) by mjg59 (subscriber, #23239) [Link]

Yes, that's correct.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds