[...]
?I?m certainly not a huge UEFI fan, but at the same time I see why you might want to have signed bootup etc. And if it?s only $99 to get a key for Fedora, I don?t see what the huge deal is.?
[...]
?The real problem, I feel, is that clever hackers will bypass the whole key issue either by getting a key of their own (how many of those private keys have stayed really private again? Oh, that?s right, pretty much none of them) or they?ll just take advantage of security bugs in signed software to bypass it without a key at all.?
[...]
Torvalds concluded, ?Signing is a tool in the tool-box, but it?s not solving all the security problems, and while I think some people are a bit too concerned about it, it?s true that it can be mis-used.?
[...]
?I?m certainly not a huge UEFI fan, but at the same time I see why you might want to have signed bootup etc. And if it?s only $99 to get a key for Fedora, I don?t see what the huge deal is.?
[...]
?The real problem, I feel, is that clever hackers will bypass the whole key issue either by getting a key of their own (how many of those private keys have stayed really private again? Oh, that?s right, pretty much none of them) or they?ll just take advantage of security bugs in signed software to bypass it without a key at all.?
[...]
Torvalds concluded, ?Signing is a tool in the tool-box, but it?s not solving all the security problems, and while I think some people are a bit too concerned about it, it?s true that it can be mis-used.?
[...]
And I also read that Red Hat actually pays the $99 to verisign (not Microsoft, see here).
Leave a comment: