Linked by Thom Holwerda on Fri 22nd Jun 2012 23:17 UTC
Ubuntu, Kubuntu, Xubuntu After Fedora, Ubuntu has now also announced how it's going to handle the nonsense called "Secure" Boot. The gist: they'll use the same key as Fedora, but they claim they can't use GRUB2. "In the event that a manufacturer makes a mistake and delivers a locked-down system with a GRUB 2 image signed by the Ubuntu key, we have not been able to find legal guidance that we wouldn't then be required by the terms of the GPLv3 to disclose our private key in order that users can install a modified boot loader. At that point our certificates would of course be revoked and everyone would end up worse off." So, they're going to use the more liberally licensed efilinux loader from Intel. Only the bootloader will be signed; the kernel will not.
Thread beginning with comment 523458
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Comment by NuxRo
by NuxRo on Sat 23rd Jun 2012 11:32 UTC in reply to "RE: Comment by NuxRo"
NuxRo
Member since:
2010-09-25

"I can't remember when was the last time I heard about a "boot" infection (I'm not saying it doesn't happen).


Just a sidenote: Maybe you're intrested in reading this article regarding boot infections:

Marco Giuliani:
Mebromi: the first BIOS rootkit in the wild
http://blog.webroot.com/2011/09/13/mebromi-the-first-bios-rootkit-i...

But even with SecureBoot seen in all its glory and wonderfulness, there are many other attack vectors remaining. Security theatre as usual.
"

Thanks for the link. As I said I'm aware this kind of threats exist, but as someone said earlier, it's just like killing a mosquito with a pick-hammer. It is unreasonable.
http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/stateme... sign it people!

It's the Nth time recently that this quote comes to mind:
"He who sacrifices freedom for security deserves neither."

Reply Parent Score: 3

RE[3]: Comment by NuxRo
by darknexus on Sat 23rd Jun 2012 14:22 in reply to "RE[2]: Comment by NuxRo"
darknexus Member since:
2008-07-15



I have, but exactly what do you think that will accomplish? Microsoft doesn't give a shit how many signatures are on a stupid petition. It does not matter. Even if they get a million signatures, that's a million out of a potential customer base of several billion. Do you honestly think Microsoft's fat cats are going to lose a single bit of sleep over FSF's petition? Some better questions are, where is the EFF? Where is the SFLC? How about the rest of FSF's lawyers? Why aren't they combating this in a way that might, however unlikely, actually work? Petitions have no teeth, and we're going to need to bite hard to even have a chance at stopping this before it spirals out of control. It's probably already too late.

Reply Parent Score: 2

RE[4]: Comment by NuxRo
by Gone fishing on Sun 24th Jun 2012 05:50 in reply to "RE[3]: Comment by NuxRo"
Gone fishing Member since:
2006-02-22

I have, but exactly what do you think that will accomplish? Microsoft doesn't give a shit how many signatures are on a stupid petition. It does not matter. Even if they get a million signatures,


http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/stateme...

A million signatures will carry weight in the EU and an EU antitrust lawsuit MS will care about. In fact politicians in general care about organized groups of voters.

Of course if your considering direct action and whacking some MS top brass that might work - I'll enjoy reading about it in the papers.

Edited 2012-06-24 06:01 UTC

Reply Parent Score: 4