Announcement

Collapse
No announcement yet.

The State Of Linux Distributions Handling SecureBoot

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Not a problem that linux needs to deal with. It's MS security flaw. period. Imagining that these flaws happen because you boot linux is the farse.

    Comment


    • #32
      If security was my primary objective, then I promise you, I would not choose windows.

      Comment


      • #33
        Originally posted by duby229 View Post
        Not a problem that linux needs to deal with. It's MS security flaw. period. Imagining that these flaws happen because you boot linux is the farse.
        How would Microsoft prevent the booting of bootkits without also preventing the booting of Linux?

        Comment


        • #34
          I don't know how many more times this needs said. It doesnt matter. It's MS's problem.

          The obvious first answer though is, don't get infected in the first place. But that isnt going to happen. Windows 8 --WILL-- get just a infected as every other windows has ever been. And secureboot isnt going to do shit to prevent that. But thats their problem. Not ours.

          Comment


          • #35
            Originally posted by mjg59 View Post
            Unlike the forced bundling of IE and Windows, Microsoft aren't actually forcing anyone to do anything here.
            Right. So forced bundling of browser and forced bundling of OS are not ok, but forced bundling of own closed signature in order to start are ok. Of course. Yes.

            But there is even better way, which is probably not seen yet. To spin off own Linux/BSD-only hardware.

            An OEM distributor, that is greedy enough to take market share of personal computing needs only to risk making an NDA with one of top motherboard producer brands in order for them to deliver Coreboot friendly logic.
            The hardware can be 86-based, granted the order is large enough. Several parties are already in position to do this.

            Two attack vectors. We are just waiting for MS to make a SECURE step into own grave - all by itself. The end will be the beginning.

            Comment


            • #36
              Originally posted by duby229 View Post
              I don't know how many more times this needs said. It doesnt matter. It's MS's problem.
              And, like I said before, Microsoft have solved the problem. You dislike the solution they've picked. Come up with a better one that offers the same level of protection.

              Comment


              • #37
                Originally posted by mjg59 View Post
                And, like I said before, Microsoft have solved the problem. You dislike the solution they've picked. Come up with a better one that offers the same level of protection.
                duby229, if you come up with own hardware, I will support you.

                Comment


                • #38
                  Originally posted by crazycheese View Post
                  Right. So forced bundling of browser and forced bundling of OS are not ok, but forced bundling of own closed signature in order to start are ok. Of course. Yes.
                  No, that wouldn't be OK. But Microsoft haven't forced anyone to. You can sell a computer with Windows 8 without implementing Secure Boot, it just means that Microsoft won't give you marketing money. Your choice.

                  An OEM distributor, that is greedy enough to take market share of personal computing needs only to risk making an NDA with one of top motherboard producer brands in order for them to deliver Coreboot friendly logic.
                  The hardware can be 86-based, granted the order is large enough. Several parties are already in position to do this.
                  Why use Coreboot? AMI, Phoenix and Insyde will all sell you a UEFI implementation without Secure Boot, and your hardware would still boot Windows. No need to sign any NDAs with any vendors. Why artificially limit your potential customer base?

                  Comment


                  • #39
                    There is coreboot as an alternative to uefi. If I find myself fucked someday because of secureboot, I'll be sure to jump on the coreboot wagon. Matter of fact I might just jump on it as a pre-emptive strike.

                    Comment


                    • #40
                      Originally posted by mjg59 View Post
                      No, that wouldn't be OK. But Microsoft haven't forced anyone to. You can sell a computer with Windows 8 without implementing Secure Boot, it just means that Microsoft won't give you marketing money. Your choice.



                      Why use Coreboot? AMI, Phoenix and Insyde will all sell you a UEFI implementation without Secure Boot, and your hardware would still boot Windows. No need to sign any NDAs with any vendors. Why artificially limit your potential customer base?
                      Why are you even posting here? Defending secureboot? Dissing coreboot? What is wrong with you? You've got some serious issues man.

                      Comment


                      • #41
                        Originally posted by duby229 View Post
                        Why are you even posting here? Defending secureboot? Dissing coreboot? What is wrong with you? You've got some serious issues man.
                        Discussions tend to be more useful if they're based on reality. There are plenty of reasons to object to the implementation of Secure Boot, but arguing that it does nothing for security is just asinine, as is the assertion that Microsoft's behaviour here is obviously anticompetitive. Coreboot doesn't miraculously solve any of these problems, either.

                        Comment


                        • #42
                          It does nothing for Linux. NOTHING. While linux does have its security issues... It doesnt need to worry about MS's security issues.

                          Well I take that back... It does do something.... It prevents it from booting if MS doesnt like it. THATS what it does..... How is that -NOT- anti-competitive?

                          It does --NOT-- I repeat -----NOT----- check for boot viruses. It checks for a signature that MS provides. It is ---------NOT-------- a method of preventing boot viruses. It doesnt even check for them. It ---------IS-------- a method of preventing unwanted OS's from booting.
                          Last edited by duby229; 12-28-2012, 04:53 PM.

                          Comment


                          • #43
                            Originally posted by duby229 View Post
                            It does nothing for Linux. NOTHING. While linux does have its security issues... It doesnt need to worry about MS's security issues.
                            So, again, suggest a solution that solves the problem that Microsoft are trying to solve without preventing the booting of unsigned code.

                            Well I take that back... It does do something.... It prevents it from booting if MS doesnt like it. THATS what it does..... How is that -NOT- anti-competitive?
                            Because nobody's forced to do it?

                            Comment


                            • #44
                              Originally posted by mjg59 View Post
                              So, again, suggest a solution that solves the problem that Microsoft are trying to solve without preventing the booting of unsigned code.



                              Because nobody's forced to do it?
                              If you boot Windows 8, You must use secureboot. How is that not forced?

                              If it really was a mechanism to protect against boot viruses.... Shouldnt it look for boot viruses?

                              Comment


                              • #45
                                Originally posted by duby229 View Post
                                If you boot Windows 8, You must use secureboot. How is that not forced?
                                What? Windows 8 boots fine without Secure Boot. You're free to sell it installed on computers that don't even support it, you just don't get Microsoft certification.

                                If it really was a mechanism to protect against boot viruses.... Shouldnt it look for boot viruses?
                                It looks for anything that it knows isn't a trusted boot loader and prevents it from running. So, it does?

                                Comment

                                Working...
                                X