Announcement

Collapse
No announcement yet.

The UEFI SecureBoot Saga For Linux Continues

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by garegin View Post
    i doubt piracy is such a problem. every computer comes with windows preinstalled. other than that, hackers will always find a way to crack it.
    If piracy wasn't a problem, then why would Microsoft invest millions in the various WGA / WPA / OGA programs, which even have the harmful side effect of annoying their honest customers?

    Yes, hackers will most probably crack the new model, too, but one thing is "double click an exe and you're done", and another one is "solder stuff to your dvd drive to hack its firmware, and hope that MS doesn't remotely blacklist you" (see Microsoft's gaming consoles). I'm not saying that this is happening now (secure boot CAN be disabled for now, after all), but the direction we're heading is clear. Moreover, starting with Windows 8 they're (optionally for now) binding your Windows login to your Microsoft Live account - if I were a pirate, I wouldn't want to get caught by Microsoft cracking Windows when they know everything about me.

    Normally, I'm happy when MS strengthens its copy protection schemes. I'll bet a lot of people in the "software is a tool" camp are actually pirates: I wouldn't otherwise understand how they shun, say, the Gimp for Adobe Photoshop, when the latter costs $700; is there somebody who actually spends that much to remove the red eyes from his holiday photos? So, having them actually pay for the software they use might make those people reconsider the actual value of "free" software.

    However, binding MS' software to everybody's hardware has the unfortunate side effect of subtly forcing people NOT to use free software. Or non-MS software in general. Which is the aspect of "secure" boot that I find unacceptable.

    Comment


    • #52
      Originally posted by diriel View Post
      My next system will either have Coreboot or a regular bios. Under no circumstance will it have UEFI because I simply dissagree with what it stands for. It is NOT secure!
      That will be hard.
      Soon most systems will be UEFI and soon all systems will be UEFI.
      Soon there will be no more systems using BIOS.

      Coreboot support is weak and is mostly limited to some embedded devices and servers. Not much for desktop computers and laptops.

      Originally posted by peppepz View Post
      If piracy wasn't a problem, then why would Microsoft invest millions in the various WGA / WPA / OGA programs, which even have the harmful side effect of annoying their honest customers?
      WGA, WPA, OGA are great.
      Windows is commercial and proprietary software. If people want Windows they should pay for it. If they don't want to pay, they should get a free operating system.
      If people don't like WGA, etc then they should switch operating system to one without it.
      I used to use Windows but got increasingly fed up with WGA and restrictive EULAs, so I switched to Ubuntu.
      Last edited by uid313; 04 June 2012, 04:33 AM.

      Comment


      • #53
        Bleh

        Yes, I am noting that.

        Comment


        • #54
          Originally posted by crazycheese View Post
          The best security ever at boot stage has already been invented several decades ago, it was called BIOS MBR protection.
          The BIOS can't protect Windows or linux applications from writing to the MBR, because they don't use the BIOS to do disk I/O.

          It worked to protect against (most) DOS malware though...

          Comment


          • #55
            Originally posted by JanC View Post
            The BIOS can't protect Windows or linux applications from writing to the MBR, because they don't use the BIOS to do disk I/O.

            It worked to protect against (most) DOS malware though...
            When you reboot hardware, who is called? It is very well possible to implement. Of course, "real-time" protection won't work anymore, but just comparing CRC and restoring on failure is sufficient enough.

            The thing that they are doing here is a lot bigger however - they are trying to create semi-HDCP, but for all middleware level. And because they are not giving users the control and understanding, that means they want to decide what is to be allowed all by themselves (corporations).

            Comment


            • #56
              Originally posted by uid313 View Post
              WGA, WPA, OGA are great.
              Windows is commercial and proprietary software. If people want Windows they should pay for it. If they don't want to pay, they should get a free operating system.
              If people don't like WGA, etc then they should switch operating system to one without it.
              I used to use Windows but got increasingly fed up with WGA and restrictive EULAs, so I switched to Ubuntu.
              Bullsh1t, fact is cracked versions pass checks, do not require revalidations, have no hardware bindings. Fact is - cracked systems are a lot easier to work with than with "legit". It is same as with DVD/BR - unskippable titles/ads, impossibility to backup, huge limitation of platforms. I don't use windows since 2007, but I do keep eye on whats happening there. Fact is: If people want Windows, they MUST pay and MUST endure all trash it throws at them. If people do not want Windows, they are seen as criminals. Like in DDR, the slaves are forced to move the wheel forward and all trespassers are shot on site. People who are using LIBRE operating systems are just FED UP with this BS; they are VERY WELL CAPABLE OF PAYING. They just smart enough not to pay for BS. Enjoy the fukts...

              Comment


              • #57
                +1 to what..

                Crazycheese said!

                Comment


                • #58
                  Linux Tovalds opinion on this:
                  [...]
                  ?I?m certainly not a huge UEFI fan, but at the same time I see why you might want to have signed bootup etc. And if it?s only $99 to get a key for Fedora, I don?t see what the huge deal is.?
                  [...]
                  ?The real problem, I feel, is that clever hackers will bypass the whole key issue either by getting a key of their own (how many of those private keys have stayed really private again? Oh, that?s right, pretty much none of them) or they?ll just take advantage of security bugs in signed software to bypass it without a key at all.?
                  [...]
                  Torvalds concluded, ?Signing is a tool in the tool-box, but it?s not solving all the security problems, and while I think some people are a bit too concerned about it, it?s true that it can be mis-used.?
                  [...]
                  the full article is here: Linus Torvalds on Windows 8, UEFI, and Fedora

                  And I also read that Red Hat actually pays the $99 to verisign (not Microsoft, see here).

                  Comment

                  Working...
                  X