Linked by Thom Holwerda on Thu 31st May 2012 11:11 UTC
Fedora Core "Fedora 18 will be released at around the same time as Windows 8, and as previously discussed all Windows 8 hardware will be shipping with secure boot enabled by default. [...] We've been working on a plan for dealing with this. It's not ideal, but of all the approaches we've examined we feel that this one offers the best balance between letting users install Fedora while still permitting user freedom." Wait for it... "Our first stage bootloader will be signed with a Microsoft key."
Thread beginning with comment 520107
To read all comments associated with this story, please click here.
Comment by Radio
by Radio on Thu 31st May 2012 12:30 UTC
Radio
Member since:
2009-06-20

Wait, wait, wait, it is even worse when you read it all:

Microsoft will be offering signing services through their sysdev portal. It's not entirely free (there's a one-off $99 fee to gain access), but it's cheaper than any realistic alternative would have been. It ensures compatibility with as wide a range of hardware as possible and it avoids Fedora having any special privileges over other Linux distributions. If there are better options then we haven't found them. So, in all probability, this is the approach we'll take. Our first stage bootloader will be signed with a Microsoft key.


WHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT

This, is a friggin' scam. It is "only" 99$, but 99$ is already 99$ too much in Microsoft's pocket. When is the limit when we can finally call it for what it is, "extortion", "racket"?

And that is just the beginning; everything else in this post is deeply, deeply infuriating.

See that, ilovebeer? That is the shitty world you let develop, because "Companies have the right to legally protect their investment and interests".

Edited 2012-05-31 12:31 UTC

Reply Score: 3

RE: Comment by Radio
by bouhko on Thu 31st May 2012 13:11 in reply to "Comment by Radio"
bouhko Member since:
2010-06-24

Although I think Fedora is doing the right thing (the other option being to let the user down - which won't do any good), I had the same reaction as you upon reading the article.

It's not even the 99$, it's the fact that in the future, alternative OS will have to be approved by Microsoft to be able to boot on hardware that people *bought*.

I sincerely hope the EU gets an investigation going about Microsoft on this topic. If this is not monopoly abuse, I don't know what this is.

Btw, I'm looking forward to the hacking conference following the Windows 8 release that will reveal that a way around this whole signing shit has been found.

Reply Parent Score: 8

RE[2]: Comment by Radio
by Doc Pain on Thu 31st May 2012 13:39 in reply to "RE: Comment by Radio"
Doc Pain Member since:
2006-10-08

It's not even the 99$, it's the fact that in the future, alternative OS will have to be approved by Microsoft to be able to boot on hardware that people *bought*.


That just sounds wrong, by two interpretations (maybe exaggerated, but potential future):

The first one being, a product in competition on a certain market needs the approval of the competitor. If the vendor of the concurrent product doesn't provide approval, the competing won't work.

Huh? Free market with competition anyone? Hello?

The second one may be similar to already established marketing and sales models. By purchasing something, you're not purchasing the thing physically in order to excercise your will on it (because it now belongs to you - you've paid for it). Instead, your payment allows you to exercise a limited set of rights on the device. The amount and kind of rights, as well as maybe their temporal availability, is controlled by the vendor of the product - the one you gave money to. This sounds a lot like a typical renting model for flats.

I sincerely hope the EU gets an investigation going about Microsoft on this topic. If this is not monopoly abuse, I don't know what this is.


We'll see. You know that a lot of governments depend on the good will of MICROS~1 to function. Never bite the hand that feeds you.

And don't rely on customers "waking up" and demanding a chance. They will always use what they are offered by a benevolent company that only wants their best.

Those who already denied following MICROS~1 will probably have a hard time finding hardware they can use in the future.

Btw, I'm looking forward to the hacking conference following the Windows 8 release that will reveal that a way around this whole signing shit has been found.


Soon, it won't be about hacking software, but hacking hardware to bring it back into "normal state".

Reply Parent Score: 6

RE: Comment by Radio
by ilovebeer on Thu 31st May 2012 17:15 in reply to "Comment by Radio"
ilovebeer Member since:
2011-08-08

WHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT

This, is a friggin' scam. It is "only" 99$, but 99$ is already 99$ too much in Microsoft's pocket. When is the limit when we can finally call it for what it is, "extortion", "racket"?

And that is just the beginning; everything else in this post is deeply, deeply infuriating.

See that, ilovebeer? That is the shitty world you let develop, because "Companies have the right to legally protect their investment and interests".

What exactly are you blowing holes in your underwear about? There's no extortion going on. Did you not get the memo that UEFI isn't even a vendor requirement?

The next time you want to yell "FIRE!" in a movie theater, ..make sure there's an actual fire.

Reply Parent Score: 3

RE: Comment by Radio
by Bill Shooter of Bul on Sat 2nd Jun 2012 19:16 in reply to "Comment by Radio"
Bill Shooter of Bul Member since:
2006-07-14

You suck at reading. The $99 isn't going to microsoft, its going to verisign. Not that verisign is a great company or anything, but please read before reacting.

Reply Parent Score: 2

RE[2]: Comment by Radio
by Alfman on Sat 2nd Jun 2012 20:35 in reply to "RE: Comment by Radio"
Alfman Member since:
2011-01-28

Bill Shooter of Bul,

"You suck at reading. The $99 isn't going to microsoft, its going to verisign. Not that verisign is a great company or anything, but please read before reacting."


I noticed the article was recently edited to say this, but the original article did not, so don't be too hard on the poster.


It's no secret that I oppose secure boot because it does more to promote corporate control than our security. However I do have some questions about the program:
Just who will be allowed to get a key, what are the qualifications?
Who is responsible for approving applicants?
Are any developers or end users going to be denied?
If noone is there to vet the software, then doesn't that undermine the entire "security model" behind secure boot?
Do we really know where the money goes? MS may be outsourcing this program to Verisign because they specialise in selling code certificates already, I kind of doubt the deal between MS and Verisign lets Verisign keep all the profits?

Reply Parent Score: 2