Hello Taiidan, taii...@gmx.com: > On 04/12/2018 11:43 AM, Peter Stuge wrote: >> taii...@gmx.com wrote: >>>> 3. Support for Secure Boot - would one approach be simpler than another? >>> SB was invented by MS for DRM, it serves no real security purpose IMO >> I'd like to ask you to reconsider that opinion. >> > It is a fact not an opinion.
This is certainly an opinion. There are multiple reasons why Secure Boot came about, some of which were bad; others were not bad - Microsoft has improved the security of their operating system quite a lot since the days of Windows XP. And in any case, it is better than before from the perspective of an end user. > > SB was invented for DRM - to prevent people from using linux or god > forbid doing something that hollywood doesn't like. > "embrace, extend, extinguish" > > Good things don't have to be forced on people, but the SB 2.0 specs have > quietly left out the owner control mandate after the attention has died > down. >> Secure Boot is mandated by Microsoft to provide Microsoft and >> Microsoft's customers (OEMs) security, and I think it's pretty >> effective. >> >> But Secure Boot is also related to the security of individual computers >> and computer users, because it enables Microsoft and OEMs to establish >> a controllable, reliable and thus trustable chain of software from reset >> to desktop. > So microsoft should control the whole computing ecosystem? They are an > obsolete relic that should not be permitted to strangle the competition > in the crib. >> Most people who buy computers are happy, because controlling the computer >> isn't as important as using the desktop > Why can't they simply provide people a choice? (ie: flip this switch to > disable code signing enforcement) > > Freedom is too dangerous? Hackers could turn their computer in to a bomb > without secure boot? >> which I think is fine. >> > I am surprised someone here would think that, moreso you of all people. > > There will not be another future steve jobs or bill gates game changer > decades from now just more mark zuckerberg's only allowed to make > useless web apps. Are developers not allowed to produce web applications? This makes no sense. > > Even wealthy families won't think to purchase their children a developer > computer by default and when a kid sees a "you are not allowed to > install this" message he/she will simply give up and go on to something > else like be a lawyer instead of a computer engineer; although even that > developer model won't allow someone true access they will only be > allowed to create surface level programs not low level programs, > kernels, or firmware. > > I believe one day even you the expert will not be allowed to run the > code you please at least not without buying a very expensive "developer > edition" laptop. > > People think that phones were always a walled garden but I am old enough > to remember when programs were installed on a palm treo similarly to the > win32 model where you download a file from a website and double click > without requiring permission to install something on *your phone*. > It is still possible to side-load applications on mobile phones - Android still gives users this option. So do smaller mobile operating systems, even Windows 10 Mobile (not Apple, though, sadly). Palm OS was wholly proprietary; Android at least has its base system as open source, and Google make large contributions to open source projects. The situation is somewhat better now, and there is a stronger open source software library behind Android than there ever was behind Palm OS. Yet it's also a distraction, as it wasn't your actual point. The meat of your actual email seems to be as follows: > Let us hope the leaders of the future do not share your complacency or > we are truly done for. > This is perhaps somewhat eloquent. However, saying people on the list are "complacent" strikes me as somewhat childish. I don't understand why you said this - are we not allowed to disagree without attacking other people's character? Yet I don't think this email is unique. I have seen other examples on this list. A good motto is, if you wouldn't say it to yourself without taking offense, consider not saying it to others - when most people start to follow this motto, we can have more civil discussion together. All the best, - Duncan -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot