[arch-general] Campaign against Secure Boot

Karol Babioch karol at babioch.de
Tue Jun 26 06:12:47 EDT 2012


Am 26.06.2012 04:29, schrieb Manolo Martínez:
> Just for clarification: you seem to be endorsing a model in which
> organizations (linux distros?) pay Microsoft for the right to install
> non-Microsoft software in PCs. Is that correct?
Yeah, I see that this creeps the shit out of some of you. However can
anybody come up with a better model? Again, I can't. And I definitely
want to take advantage of Secure boot, so only signed code is run at
some point in the future.

Maybe for the sake of objectiveness we would be better of when some
neutral organization would take care of that, but for the time being I
can live with the fact that Microsoft is doing it. I don't expect them
to be too unfair here. And I don't think that they will make that much
money out of it. Furthermore they probably will have to invest some
serious amount of money in order to build a robust infrastructure for this.

Just compare the situation with SSL/TLS. Here you also have to invest
some money (which can cost up to a couple of thousand USD when dealing
with EV certificates) in order to provide your users/customers with
"basic" security. Archlinux sets a good example here.

Remember: You can always (by specification) turn off Secure boot, so
even "small" distributions won't be ruled out. As these "small"
distributions are probably used mainly by advanced users anyway, I don't
see much trouble here.

Personally I can totally live with the solution, which is proposed right
now. I'm also willing to donate some money to Arch, when they will have
struggle to come up with 100 USD for their certificate, if they choose
to get one in the future.

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20120626/99008fa4/attachment.asc>

More information about the arch-general mailing list