Announcement

Collapse
No announcement yet.

The State Of Linux Distributions Handling SecureBoot

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by mjg59 View Post
    Under which law?
    Antitrust law.

    Comment


    • #17
      Originally posted by crazycheese View Post
      Antitrust law.
      Unlike the forced bundling of IE and Windows, Microsoft aren't actually forcing anyone to do anything here.

      Comment


      • #18
        According to another thread in this forum, there already are some boards with UEFI firmware that don't allow turning off secure boot. That would be lawsuit-worthy, it looks like.

        Comment


        • #19
          Originally posted by GreatEmerald View Post
          According to another thread in this forum, there already are some boards with UEFI firmware that don't allow turning off secure boot. That would be lawsuit-worthy, it looks like.
          If they've got Windows 8 stickers then please let me know the manufacturer and model. If they don't, then you're probably limited to arguing with the manufacturer over whether or not they were correctly advertised - Microsoft didn't force them to do that, so it's unclear how you'd be able to sue them.

          Comment


          • #20
            MS essentially said... "Lets make up some imaginary boot loader virus so we can fuck linux!"

            Windows 8 is still gonna get just as comprimised as every other windows has ever been. And booting linux doesnt have a single damn thing to do with that.

            Comment


            • #21
              Originally posted by duby229 View Post
              MS essentially said... "Lets make up some imaginary boot loader virus so we can fuck linux!"

              Windows 8 is still gonna get just as comprimised as every other windows has ever been. And booting linux doesnt have a single damn thing to do with that.
              Repeating the same thing over and over doesn't make it true. I've explained why and how this improves security.

              Comment


              • #22
                Originally posted by mjg59 View Post

                Yeah, we're so fucked that there's already mainstream Linux distributions that boot out of the box on Secure Boot systems.
                With MS's blessing.... What about every other linux configuration that is otherwise perfectly valid? You dont get it. If a virus invects MS's bootloader it doesnt mean shit for linux. It's MS's problem.

                Comment


                • #23
                  Originally posted by mjg59 View Post
                  Repeating the same thing over and over doesn't make it true. I've explained why and how this improves security.
                  Visa-versa... You repeating the same crap over and over still doesnt make MS's security flaws a problem that linux has to deal with. It DOESNT improve security for LINUX. It just prevents linux from booting. Period. Which I believe full heartedly that was the entire intention in the first place...
                  Last edited by duby229; 12-28-2012, 03:10 PM.

                  Comment


                  • #24
                    Originally posted by duby229 View Post
                    Visa-versa... You repeating the same crap over and over still doesnt make MS's security flaws a problem that linux has to deal with. It DOESNT improve security for LINUX. It just prevents linux from booting. Period. Which I believe full heartedly that was the entire intention in the first place...
                    Why do you think these attacks are any less plausible on Linux?

                    Comment


                    • #25
                      Originally posted by mjg59 View Post
                      Why do you think these attacks are any less plausible on Linux?

                      It doesnt matter. Its not MS's place to decide for linux. period.

                      If the linux community wants to take the time to derive a solution of there own, they will. If it becomes a large enough problem that action needs taken, it will be taken
                      Last edited by duby229; 12-28-2012, 03:20 PM.

                      Comment


                      • #26
                        I just want to know if there is a signed shim out there that does not check for a 2nd stage bootloader signature, that would kill all security

                        Comment


                        • #27
                          Originally posted by duby229 View Post
                          It doesnt matter. Its not MS's place to decide for linux. period.
                          They didn't. They decided for Microsoft. But, as I explained, there's no way for them to implement this security mechanism without also placing certain requirements on any other trusted binaries that those machines will boot out of the box.

                          Comment


                          • #28
                            Originally posted by Kano View Post
                            I just want to know if there is a signed shim out there that does not check for a 2nd stage bootloader signature, that would kill all security
                            Which is why one doesn't exist.

                            Comment


                            • #29
                              Originally posted by mjg59 View Post
                              They didn't. They decided for Microsoft. But, as I explained, there's no way for them to implement this security mechanism without also placing certain requirements on any other trusted binaries that those machines will boot out of the box.
                              An imaginary boot loader virus didnt decide nothing.

                              "Oh my imaginary friend told me I had to do it occifer! STOP IT YOUR STANDING ON HIM!!!"

                              Comment


                              • #30
                                Originally posted by duby229 View Post
                                An imaginary boot loader virus didnt decide nothing.
                                https://support.kaspersky.com/viruse...?qid=208280748 - they're not imaginary.
                                http://www.securelist.com/en/analysi...ws_x64_Bootkit describes one in detail.

                                Comment

                                Working...
                                X