[arch-general] Campaign against Secure Boot

Lars Madson rwx700 at gmail.com
Tue Jun 26 06:46:35 EDT 2012


Karol ... don't ever accept the unacceptable because it's shaped as the
best proposition ever. Make your own. Microsoft should not ask people to
pay anything for a technology they impose, the new economy is about giving
what you produce, I guess we'll receive a lot and lower down the quantity
of shit productions. How have we done without secure boot until now ? So
you fix the hole at the begining of the process, but when does the process
really begin ? Did you install some malware yourself ? Ho, god, maybe we
should pay microsoft so they disable the ignorants neurones in our brains.
Karol please think a bit deeper and longer.

Future is beautiful
Laurent

2012/6/26 Karol Babioch <karol at babioch.de>

> Hi,
>
> Am 26.06.2012 04:29, schrieb Manolo Martínez:
> > Just for clarification: you seem to be endorsing a model in which
> > organizations (linux distros?) pay Microsoft for the right to install
> > non-Microsoft software in PCs. Is that correct?
> Yeah, I see that this creeps the shit out of some of you. However can
> anybody come up with a better model? Again, I can't. And I definitely
> want to take advantage of Secure boot, so only signed code is run at
> some point in the future.
>
> Maybe for the sake of objectiveness we would be better of when some
> neutral organization would take care of that, but for the time being I
> can live with the fact that Microsoft is doing it. I don't expect them
> to be too unfair here. And I don't think that they will make that much
> money out of it. Furthermore they probably will have to invest some
> serious amount of money in order to build a robust infrastructure for this.
>
> Just compare the situation with SSL/TLS. Here you also have to invest
> some money (which can cost up to a couple of thousand USD when dealing
> with EV certificates) in order to provide your users/customers with
> "basic" security. Archlinux sets a good example here.
>
> Remember: You can always (by specification) turn off Secure boot, so
> even "small" distributions won't be ruled out. As these "small"
> distributions are probably used mainly by advanced users anyway, I don't
> see much trouble here.
>
> Personally I can totally live with the solution, which is proposed right
> now. I'm also willing to donate some money to Arch, when they will have
> struggle to come up with 100 USD for their certificate, if they choose
> to get one in the future.
>
> Best regards,
> Karol Babioch
>
>


More information about the arch-general mailing list