As it was too late to edit my post, here is the rest of it:
"We want our images to be trustable (i.e. signed). In fact we want a fully trustable OS, with images that can be verified by a full trust chain from the firmware (EFI SecureBoot!), through the boot loader, through the kernel, and initrd. Cryptographically secure verification of the code we execute is relevant on the desktop (like ChromeOS does), but also for apps, for embedded devices and even on servers (in a post-Snowden world, in particular)." (http://0pointer.net/blog/revisiting-...x-systems.html)
With this, we will no longer have linux. We'll have a tivo, that only runs something mandated by the hardware seller, and that the user can't change. Right now, I can replace the firmware on my routers with DD-WRT, or Tomato, or whatever else. I can install plain linux on a chromebook. I can install linux on a laptop. With this? Possibly the only linux allowed will redhat, and all ARM devices will become non-upgradeable/customisable appliances, to throw away every year as they become "obsolete".
Am I the only one who is scared of this "tivoisation" by design? Apparently for the lennart-fans here, this is a "good thing"(tm).
"We want our images to be trustable (i.e. signed). In fact we want a fully trustable OS, with images that can be verified by a full trust chain from the firmware (EFI SecureBoot!), through the boot loader, through the kernel, and initrd. Cryptographically secure verification of the code we execute is relevant on the desktop (like ChromeOS does), but also for apps, for embedded devices and even on servers (in a post-Snowden world, in particular)." (http://0pointer.net/blog/revisiting-...x-systems.html)
With this, we will no longer have linux. We'll have a tivo, that only runs something mandated by the hardware seller, and that the user can't change. Right now, I can replace the firmware on my routers with DD-WRT, or Tomato, or whatever else. I can install plain linux on a chromebook. I can install linux on a laptop. With this? Possibly the only linux allowed will redhat, and all ARM devices will become non-upgradeable/customisable appliances, to throw away every year as they become "obsolete".
Am I the only one who is scared of this "tivoisation" by design? Apparently for the lennart-fans here, this is a "good thing"(tm).
Comment