On Fri 18/01/13 16:24 , Sam Liddicott <[email protected]> wrote:

> Without intended to promote dissent, 

Alas ! the law of unintended consequences... 

> I like UEFI with secure boot when I
> can upload the signing keys and there is a physical switch on such key
> storage.

I don't. The current stage is still early. In the future we'll be denied access 
to content, 
networks and services (publics services, banking services, whatever) when 
the devices we try to connect to are unable to proof that we run the software 
they (not us)
trust. I think it's called Remote Attestation. The only way out is not buying 
our own shackles 
and ensuring DRM enabling hardware fails in the market (I'm not saying the only 
way out is likely). 
I'm not sure I'll stick to my own advice forever, but at least I'll try to hold 
for as long as I can 
and if I ever buy shackles just buy the cheapest or something . 

It's difficult to buy computers nowadays, because all implement DRM provisions 
in one way 
or other. Modern intel processors check signatures on propietary initialization 
code before they even 
configure RAM. Is that a computer ? AMD at least contributes to coreboot and 
documents processors, but 
they do implement the basic remote management infraestructure, and tie their 
CPUs to GPUs
or APUs with propietary AtomBIOS, possibly to keep secrecy on DRM measures. ARM 
is 
deploying Trust Zone (or True Zone, forgot the name) functionality of similar 
kind. 

Closed hardware nowadays is not something I recognize as a computer any more, a 
general 
purpose mathematical machine. 

Open hardware is ok, but still not fit for some purposes and not easy to buy. 

> That way I can secure my own machine and retain my own freedom. 
> I acknowledge that UEFI + secure boot generally refers to something more
> restrictive
> 

I'm no security expert, but I don't think it buys much security either. How do 
you 
know your signed software is safe ? If enough of your software is really safe, 
then it wouldn't have let anyone 
modify itself or bootloaders even without secure boot. If some of it isn't then 
it may be compromised and 
maybe coerced into breaking security even with secure boot. Our current 
functionality 
is too complex to have simple enough software to be completely validated. 
Signature checks are
just a way to shove security worries under the carpet. Secure boot with user 
controlled 
trust and maybe microkernels with small trusted baselines may bring some 
measure of security but that's just theory. In practice you don't audit all 
your 
software, and even with the huge help of a free software community you can't
be all that sure that software is safe. You'll always be as safe as the society 
you 
live with accepts because you can't write all the code you run, you can't even 
read it all, 
and your society will move your requirements fast enough for a minority of 
secure minded
auditors to be outpaced. And in exchage for that you're throwing a 
computer away and replacing it with a special purpose machine running a 
finite set of trusted software. Bad bargain I say. 

For more information look at the coreboot mailing list archives. It's been 
discussed a little. 
Btw, one of the coreboot developers recomended chromebooks (and another laptop 
I think 
too heavy) because (some?) come
with coreboot, which is free firmware (may require blobs depending on the 
hardware), and 
locks can be disabled by the user. I insist that I don't like todays hardware 
in general, 
but thought it might be worth noting since discussion is a little centered on 
the operating
system and drivers, and even laptops sold without OS (when you can find one), 
or with FreeDOS 
or fully free OSes (is there any?) have closed hardware and 
propietary firmware. So since we have to either refrain from buying or make 
freedom tradeoffs,
it is not so unwise to pick free firmware if available and replace propietary 
OS or applications
that may ship with it.  

http://www.mail-archive.com/[email protected]/msg38732.html

http://www.coreboot.org/pipermail/coreboot/2012-April/069598.html

Maybe the best advice is not buying anything, otherwise wait for Rhombus-tech 
(but there's 
secrecy in ARM chips too, it's more to try to help a path to more open hardware 
that in the 
future may bring more worthwhile stuff). Otherwise either AMD or ARM or if you 
go for intel,
a chromebook to get free firmware (with blobs). I don't know. 

Btw, be sure to understand everything if you ever try to install coreboot (or 
any firmware) 
yourself in your device (more so in a laptop). 
If you don't have proper knowledge and equipment you may render it unbootable 
(brick it).

_______________________________________________
Discussion mailing list
[email protected]
https://mail.fsfeurope.org/mailman/listinfo/discussion

Reply via email to