Announcement

Collapse
No announcement yet.

Torvalds Expresses Concerns Over Current "Kernel Lockdown" Approach

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Originally posted by flux242 View Post

    there would be pottering and friends there backed by NSA people. And kdbus would be just the beginning...
    You need to see a doctor, your tinfoil had is blocking blood circulation to your brain and making you ramble incoherently

    Comment


    • #32
      Originally posted by carewolf View Post

      You need to see a doctor, your tinfoil had is blocking blood circulation to your brain and making you ramble incoherently
      I don't understand the toxic bashing of an honest opinion. I see the day coming where flux242 posts a message with only two words:

      Told ya!

      Comment


      • #33
        Originally posted by leipero View Post
        If SecureBoot can be disabled in options I do it (so far all PC's I used have that option), if it can't (in future) = not going to buy, simple.
        Cool. But what to do if in some 10-20 years all PCs come with SecureBoot without an option to disable it?

        Comment


        • #34
          Originally posted by makam View Post

          Cool. But what to do if in some 10-20 years all PCs come with SecureBoot without an option to disable it?
          I don't know, maybe use open firmware or something, I'm sure there will always be some alternative (not buying part of my comment is to make sure that happens).

          Comment


          • #35
            Originally posted by lowflyer View Post

            I don't understand the toxic bashing of an honest opinion. I see the day coming where flux242 posts a message with only two words:

            Told ya!
            Honest opinion? The person I was replying to stated a silly toxic attack, my reply was perhaps not tonal superior as it should have been, but it was not out of order considering the context.

            Comment


            • #36
              Garrett seems to believe Lockdown without Secure Boot is a "security theater". I would have LOVED if they dragged the OpenBSD security team along with Theo De Raadt in that discussion to comment on that stance; since OpenBSD has securelevel(7) which is similar to this Lockdown. The thing is that there is zero need of having Secure Boot on in OpenBSD's case.

              Comment


              • #37
                Originally posted by makam View Post

                Cool. But what to do if in some 10-20 years all PCs come with SecureBoot without an option to disable it?
                I remember people being up in arms about Intel CPUs getting a serial number that can be queried from the OS. I also 'member the fight against Trusted Computing. Nowadays not enough people care to make a dent.

                Comment


                • #38
                  Originally posted by greyseek3r View Post
                  Garrett seems to believe Lockdown without Secure Boot is a "security theater".
                  i believe he believes the other way around(secure boot without lockdown)

                  Comment


                  • #39
                    Originally posted by nils_ View Post

                    I remember people being up in arms about Intel CPUs getting a serial number that can be queried from the OS. I also 'member the fight against Trusted Computing. Nowadays not enough people care to make a dent.
                    Exactly my point. For us that do care it's hell. And I bet that ARM etc will be no different.

                    Comment


                    • #40
                      Originally posted by Uqbar View Post
                      Linus ain't a "normal"™ Linux Kernel Dev community member. Is he?
                      Effectively he is, and that's really the secret of Linux's success. Linus is obviously a great software developer but he's firstly an absolutely outstanding project manager and leader. You have companies that are very acrimonious competitors (IBM vs Oracle vs Microsoft...), companies that have very different objectives (Intel vs AMD vs ARM), people with diametrally opposed views on what Linux should be (basically the VUAs vs the "post-UNIX" crowd vs Linux-is-a-server-OS vs Linux-should-replace-Windows-on-the-Desktop), the embedded world, the hobbyists and independent contributors with their egos etc.... Yet Linus has somehow managed to get all those people to bear with each other, work together and collectively build something that suits everyone - or at least that suits the involved sufficiently with downsides and unavoidable tradeoffs small enough so that it's not worth bothering seeking alternatives.

                      The reason it works is that everyone respects Linus because everyone trusts him. He's sometimes very blunt and occasionally offensive, but that's what has saved Linux from being "designed by committee". Linus has never dismissed ideas outright, he has sought to understand why someone wants something, even if he may reject it or, more often, say why not, but it should be done differently. For contributors and developers, the worst possible answer from Linus has always been "I'm not merging this into *my* repo. If you insist on it, fork the tree and have it your way".
                      Last edited by jacob; 04-09-2018, 02:59 AM.

                      Comment

                      Working...
                      X