Re: *countable infinities only
On Sat, Jun 02, 2012 at 04:57:20PM +0200, Kevin Kofler wrote: I didn't simply walk away either back in the day where RHL wouldn't boot without disabling the Plug and Play operating system option in the BIOS. You're a pretty atypical case. I found it perfectly normal that the firmware settings need to be adjusted based on the operating system(s) one wants to use. (Window$ worked just fine with the changed option, just as it reportedly will with Secure Boot disabled, see Matthew Garrett's posts about that subject.) Some Windows functionality will be disabled along with secure boot, but that's not really the point. We've done huge amounts of work to make Fedora (and Linux in general) work without requiring any firmware tweaking and people have recognised the value for that. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 12:04 PM, Chris Adams cmad...@hiwaay.net wrote: Once upon a time, Gregory Maxwell gmaxw...@gmail.com said: When I create a fork, respin, or remix of Fedora and distribute it to people it will not run for them like Fedora does without a level of fiddling which the people advocating this have made clear is entirely unacceptable. As I understand how this works, respins/remixes of Fedora that use the Fedora boot loader shim, Fedora grub, and Fedora kernel will still be signed and work with Secure Boot enabled. You can use the fedora signature as long as you don't modify the software (such as replace the kernel with a realtime kernel for multimedia use— which is actually the only reason I've ever had to distribute modified fedora kernel myself). (An interesting question there is will the signatures end up covering anything with fedora trademark branding) I don't like Secure Boot being forced upon us, but we don't have any real choice in the matter; vendors _are_ going to implement it. Fedora certainly doesn't have sufficient market share to get everybody to I wasn't making that argument there— though I think it's still a worthwhile one to have— only pointing out that this is a material loss of freedom. You can argue that there is an unavoidable compromise here and that this is the best option we have by far, and I won't feel like you are misunderstanding my position. On Sat, Jun 2, 2012 at 12:05 PM, Jesse Keating jkeat...@j2solutions.net wrote: You do realize that if you create a fork, respin, or remix that you will have packages on the system that are not signed by Fedora's GPG key, and your generated ISOs will not be signed by Fedora's GPG key? Worse, there is Which is irrelevant because there is no hardware that Fedora needs to used these keys to gain access to. (Users would have to disable yum's gpg checking in order to install your unsigned package, or they would have to install /your/ gpg key and trust it in order to install the package signed with your key). I distribute modified copies of Fedora's OpenSSL libraries, they're signed my by key not Fedora's. Users— even rather technically unsophisticated— install them without any difficulty. The install tools do not enforce that the files be signed, they do not have to install my key. Try for yourself, if you like: http://people.xiph.org/~greg/openssl/ You have as much equal footing as Fedora does to plunk down the $99 and play along in the PC sandbox. So if I were to take, say, a GPLed compositing window manager and then I paid $99 for a license to embed a copy of commercial opengl special effects— which prohibited modification, reverse engineering, redistribution by unlicensed parties, and commercial use— then I started distributing this modified version... and I gave it to you and told you that you were free to pay $99 to play in the graphically-enhanced distribution sandbox, you'd think that was okay? I'd like to now summon the folks arguing for this who earlier insisted that Fedora was being upfront about the tradeoffs here to come argue with people that there isn't a material loss of freedom. Being upfront means not only speaking up for points that support your position. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, 02 Jun 2012 16:57:20 +0200 Kevin Kofler kevin.kof...@chello.at wrote: Peter Jones wrote: But I also think it's important for our distro to work out of the box on new computers without having to do that. If we don't have that, people will simply walk away. And I don't think having to disable Secure Boot in the firmware is a hurdle which will make our users simply walk away. I didn't simply walk away either back in the day where RHL wouldn't boot without disabling the Plug and Play operating system option in the BIOS. I found it perfectly normal that the firmware settings need to be adjusted based on the operating system(s) one wants to use. (Window$ worked just fine with the changed option, just as it reportedly will with Secure Boot disabled, see Matthew Garrett's posts about that subject.) You're not a typical case as others have noted... and there's another issue: What happens if you try and boot an unsigned image? I assume the error you get is up to the BIOS folks? So, it could be misleading, confusing, depressing or all three. It may be that people will see just Failed to secure boot and think there's something wrong with Fedora. They may not even be looking for a bios option. They may burn or download multiple media in an attempt to get it working. All kinds of possible issues... ;( kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 12:24:51PM -0400, Gregory Maxwell wrote: I'd like to now summon the folks arguing for this who earlier insisted that Fedora was being upfront about the tradeoffs here to come argue with people that there isn't a material loss of freedom. Being upfront means not only speaking up for points that support your position. There's a material loss of freedom, just like there is with Fedora's trademark policy or our relationship with Mozilla. Sometimes we sacrifice some freedoms in return for something that we feel is more worthwhile. I can understand objecting to that from a philosophical perspective, but this is not an unprecedented decision. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 10:31:20AM -0600, Kevin Fenzi wrote: What happens if you try and boot an unsigned image? I assume the error you get is up to the BIOS folks? So, it could be misleading, confusing, depressing or all three. It may be that people will see just Failed to secure boot and think there's something wrong with Fedora. They may not even be looking for a bios option. They may burn or download multiple media in an attempt to get it working. All kinds of possible issues... ;( Per spec the machine simply falls back to attempting to execute the next entry in the boot list. An implementation may provide some feedback that that's the case, but there's no requirement for it to do so, so it's perfectly valid for it to just fall back to booting Windows with no notification. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 12:18:17PM -0400, Orcan Ogetbil wrote: Hmm, will the package maintainers have the freedom to not support users who have the secureboot enabled? How are we going to detect this? Any piece of userspace can read the SecureBoot and SetupMode variables and check that they're 1 and 0 respectively. But refusing to run in that scenario would provide no extra security, so the only reason to do so would be to warn the user that kernel functionality the application depends on may not be available. But if you mean I philosophically object to secure boot and want to prevent my packages from working on systems with it enabled then yes, that's clearly a thing you could do. I don't think it's worth discussing whether it's something that you should do or something that would be treated as a bug unless someone actually wants to do it. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 12:40 PM, Matthew Garrett wrote: On Sat, Jun 02, 2012 at 12:18:17PM -0400, Orcan Ogetbil wrote: Hmm, will the package maintainers have the freedom to not support users who have the secureboot enabled? How are we going to detect this? Any piece of userspace can read the SecureBoot and SetupMode variables and check that they're 1 and 0 respectively. But refusing to run in that scenario would provide no extra security, so the only reason to do so would be to warn the user that kernel functionality the application depends on may not be available. But if you mean I philosophically object to secure boot and want to prevent my packages from working on systems with it enabled then yes, that's clearly a thing you could do. I don't think it's worth discussing whether it's something that you should do or something that would be treated as a bug unless someone actually wants to do it. As a package maintainer and contributor, since I am not a worker with defined duties, I am free to draw my own circle of responsibility. Yes it was rather a freedom (i.e. could) question rather than a should question. Thank you for the clarification. Orcan -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 11:40 AM, Matthew Garrett mj...@srcf.ucam.org wrote: On Sat, Jun 02, 2012 at 12:18:17PM -0400, Orcan Ogetbil wrote: Hmm, will the package maintainers have the freedom to not support users who have the secureboot enabled? How are we going to detect this? Any piece of userspace can read the SecureBoot and SetupMode variables and check that they're 1 and 0 respectively. But refusing to run in that scenario would provide no extra security, so the only reason to do so would be to warn the user that kernel functionality the application depends on may not be available. But if you mean I philosophically object to secure boot and want to prevent my packages from working on systems with it enabled then yes, that's clearly a thing you could do. I don't think it's worth discussing whether it's something that you should do or something that would be treated as a bug unless someone actually wants to do it. Doing this in my mind should not be allowed as it discriminates against a subset of users. Whether this is legally allowed or not I hope no one would consider doing it. John -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/02/2012 09:24 AM, Gregory Maxwell wrote: (Users would have to disable yum's gpg checking in order to install your unsigned package, or they would have to install/your/ gpg key and trust it in order to install the package signed with your key). I distribute modified copies of Fedora's OpenSSL libraries, they're signed my by key not Fedora's. Users— even rather technically unsophisticated— install them without any difficulty. The install tools do not enforce that the files be signed, they do not have to install my key. Try for yourself, if you like:http://people.xiph.org/~greg/openssl/ My point here was that you don't enjoy equal footing with Fedora in this regard, today. User's have to do something /extra/ to get your software. They have to either disable GPG protection in yum, install your GPG key, or install the packages outside of yum. This is not unlike disabling Secure Boot or adding your key to Secure Boot. You have as much equal footing as Fedora does to plunk down the $99 and play along in the PC sandbox. So if I were to take, say, a GPLed compositing window manager and then I paid $99 for a license to embed a copy of commercial opengl special effects— which prohibited modification, reverse engineering, redistribution by unlicensed parties, and commercial use— then I started distributing this modified version... and I gave it to you and told you that you were free to pay $99 to play in the graphically-enhanced distribution sandbox, you'd think that was okay? That's a nice strawman you've built up there, however I'm quite unable to see what point you're trying to make here. -- Help me fight child abuse: http://tinyurl.com/jlkcourage - jlk -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Debarshi Ray wrote: It is not clear to me what base N stands for. As far as I can tell, it's baseball slang. Some people seem to think everyone in the world knows how baseball is played. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Kevin Fenzi wrote: What happens if you try and boot an unsigned image? I assume the error you get is up to the BIOS folks? So, it could be misleading, confusing, depressing or all three. It may be that people will see just Failed to secure boot and think there's something wrong with Fedora. They may not even be looking for a bios option. They may burn or download multiple media in an attempt to get it working. All kinds of possible issues... ;( The error message back in the day also didn't say disable Plug and Play in the BIOS, it said something like kernel panic: bad IRQ, I don't remember exactly, but it most definitely wasn't more helpful. Search engines are your friend. :-) Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, 2 Jun 2012 17:36:47 +0100 Matthew Garrett mj...@srcf.ucam.org wrote: On Sat, Jun 02, 2012 at 10:31:20AM -0600, Kevin Fenzi wrote: What happens if you try and boot an unsigned image? I assume the error you get is up to the BIOS folks? So, it could be misleading, confusing, depressing or all three. It may be that people will see just Failed to secure boot and think there's something wrong with Fedora. They may not even be looking for a bios option. They may burn or download multiple media in an attempt to get it working. All kinds of possible issues... ;( Per spec the machine simply falls back to attempting to execute the next entry in the boot list. An implementation may provide some feedback that that's the case, but there's no requirement for it to do so, so it's perfectly valid for it to just fall back to booting Windows with no notification. Right. so: Hey, my new Fedora 18 dvd doesn't boot. I guess I'll download it again. Huh. Still doesn't work. I've made 2 coasters, this Fedora thing sucks! goes on irc, searches google Oh? I have to _disable_ secure boot? I don't want my PC to boot insecurely. Forget it. On Sat, 02 Jun 2012 18:57:37 +0200 Kevin Kofler kevin.kof...@chello.at wrote: The error message back in the day also didn't say disable Plug and Play in the BIOS, it said something like kernel panic: bad IRQ, I don't remember exactly, but it most definitely wasn't more helpful. Search engines are your friend. :-) Yeah, I recall. I don't want those days back... kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
inode0 wrote: Doing this in my mind should not be allowed as it discriminates against a subset of users. Whether this is legally allowed or not I hope no one would consider doing it. I agree. Either Fedora supports Secure Boot or it doesn't, doing this per package is a very bad idea (unless there's a technical reason requiring it). Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Once upon a time, Kevin Kofler kevin.kof...@chello.at said: inode0 wrote: Doing this in my mind should not be allowed as it discriminates against a subset of users. Whether this is legally allowed or not I hope no one would consider doing it. I agree. Either Fedora supports Secure Boot or it doesn't, doing this per package is a very bad idea (unless there's a technical reason requiring it). The only time I think it would be appropriate may be for things that wouldn't work under the Secure Boot kernel. Somebody said that some proprietary modules might be restricted (I'm not sure if that's the case or not or which might be affected). If for example a video driver kernel module wouldn't load, it might be nice for the setup utility for the driver for it to note that Secure Boot needs to be disabled. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 1:18 PM, Kevin Kofler wrote: inode0 wrote: Doing this in my mind should not be allowed as it discriminates against a subset of users. Whether this is legally allowed or not I hope no one would consider doing it. I agree. Either Fedora supports Secure Boot or it doesn't, doing this per package is a very bad idea (unless there's a technical reason requiring it). I think doing this at the software level is to be left to the software developer's discretion. And the software developer has all the rights to do so, for either technical or philosophical reasons. I am more concerned about the package maintenance level. At the package maintenance level, it does not make sense to patch against the upstream decision. On the other hand, a package maintainer should have the right to not support users filing bugs that potentially originate from secure boot. This, I think, is equivalent to the fact that a provenpackager is not responsible for all the packages in the distribution, although he has the necessary permissions for modification. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/02/2012 11:05 PM, Orcan Ogetbil wrote: I am more concerned about the package maintenance level. At the package maintenance level, it does not make sense to patch against the upstream decision. On the other hand, a package maintainer should have the right to not support users filing bugs that potentially originate from secure boot. This, I think, is equivalent to the fact that a provenpackager is not responsible for all the packages in the distribution, although he has the necessary permissions for modification. Thats a poor analogy. Provenpackagers are not responsible for your packages. You are responsible as a package maintainer for bugs against the package. If you don't want to deal with it, give up the package or find a co-maintainer who will deal with such issues. When you work within a community, it is a project wide decision. Not just personal preference on which bugs you can reasonably ignore. Rahul -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 2:07 PM, Kevin Kofler kevin.kof...@chello.at wrote: drago01 wrote: You can even download the kernel source, study and modify it compile and resign it and use it just fine with secureboot. Either by using your own key or by using one from a CA (in this case MS) for 99$. The CA will only sign kernels meeting its arbitrary security requirements (and possibly additional even more arbitrary requirements). That is a restriction on the modifications you can do and thus non-Free. Even if this is the case you still have two other options 1) use your own key 2) disable secureboot. So in any case you can do your modification just fine = it is free software. Or you don't do the later and just disable secureboot. Right, and I don't see why we can't just require this in the first place. You seem to entirely miss the point here. One more time supporting secureboot does not limit what you can do in any way. It allows you to do more then without (out of the box support on newer hardware, secure boot process). You don't like it which is fine, but claiming that supporting secureboot will make fedora non free is just wrong PERIOD. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 1:53 PM, Rahul Sundaram wrote: You are responsible as a package maintainer for bugs against the package. If you don't want to deal with it, give up the package or find a co-maintainer who will deal with such issues. When you work within a community, it is a project wide decision. Not just personal preference on which bugs you can reasonably ignore. In which part of the agreement [1] that I signed is this stated? Thanks, Orcan [1] https://fedoraproject.org/wiki/Legal:Fedora_Project_Contributor_Agreement -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, 2012-06-02 at 14:02 -0400, Orcan Ogetbil wrote: On Sat, Jun 2, 2012 at 1:53 PM, Rahul Sundaram wrote: You are responsible as a package maintainer for bugs against the package. If you don't want to deal with it, give up the package or find a co-maintainer who will deal with such issues. When you work within a community, it is a project wide decision. Not just personal preference on which bugs you can reasonably ignore. In which part of the agreement [1] that I signed is this stated? Software components included in Fedora needs to be maintained actively and bugs, especially security issues needs to be fixed in a timely manner. As a Fedora package maintainer, it is your primary responsibility to ensure this. We encourage you to get co-maintainers and seek the help of the Fedora community via the development mailing list whenever needed. https://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Understand_your_responsibilities Pire -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 5:38 PM, Gregory Maxwell gmaxw...@gmail.com wrote: On Sat, Jun 2, 2012 at 5:32 AM, drago01 drag...@gmail.com wrote: Or you don't do the later and just disable secureboot. Your freedom is in *no way* limited by having secureboot support. Let me repeat it again supporting secureboot on x86 does *NOT* limit your freedom. After all this discussion you'll still make that claim? I feel insulted. Yes and I explained that (the intend was never to insult anyone you included). When I create a fork, respin, or remix of Fedora and distribute it to people it will not run for them like Fedora does without a level of fiddling which the people advocating this have made clear is entirely unacceptable. This is because Fedora will be cryptographically signing the distribution with keys these systems require and not sharing the keys with me. Fedora be doing this even with software that I wrote, enhancing it with a signing key only they have access too, making it much more useful on hardware where it is not otherwise, and not allowing me and or downstream recipients to enjoy the same improvements for their modified versions. What is unclear about this? That it isn't entirely correct. 1) Fedora still ships the source you can do whatever its license allows with it. 2) You are free to sign your respin with MS key for $99, your own key or no key at all. = Your freedom is in now way limited. OK the later two options will screw your users that don't understand / want to fiddle with firmware. You decide to just screw everyone instead. How is that better? Does Fedora have a competitive advantage over your respin (in case you decide not to sign with the MS key)? Yes but it always had by the trademarks and having way more money for marketing and infrastructure then you probably have. Free software never guaranteed that all redistributers have the same stand in the market. That's not the point of free software. What is unclear about this? Let me offer this in the form of a question: Why don't Fedora developers just disable SecureBoot on their own systems and not bother implementing anything with it in the distribution? Because it is unacceptable from a user's pov. For someone for whom changing firmware options is simple like you or me it does not matter. But think about other types of user that you limit from access to free operating systems. Unless you only deal with developers that point shouldn't be that hard to get really. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 2:12 PM, Pierre-Yves Chibon wrote: On Sat, 2012-06-02 at 14:02 -0400, Orcan Ogetbil wrote: On Sat, Jun 2, 2012 at 1:53 PM, Rahul Sundaram wrote: You are responsible as a package maintainer for bugs against the package. If you don't want to deal with it, give up the package or find a co-maintainer who will deal with such issues. When you work within a community, it is a project wide decision. Not just personal preference on which bugs you can reasonably ignore. In which part of the agreement [1] that I signed is this stated? Software components included in Fedora needs to be maintained actively and bugs, especially security issues needs to be fixed in a timely manner. As a Fedora package maintainer, it is your primary responsibility to ensure this. We encourage you to get co-maintainers and seek the help of the Fedora community via the development mailing list whenever needed. https://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Understand_your_responsibilities That is not the answer to my question (hint: read the question). Even if this paragraph were in the agreement, it would not apply directly to the case. In order to apply, the project has to accept that the secure boot feature is a bug by definition. Also Rahul's find a co-maintainer order is only at the encouragement level in the above paragraph. Best, Orcan -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 7:35 PM, Orcan Ogetbil oget.fed...@gmail.com wrote: On Sat, Jun 2, 2012 at 1:18 PM, Kevin Kofler wrote: inode0 wrote: Doing this in my mind should not be allowed as it discriminates against a subset of users. Whether this is legally allowed or not I hope no one would consider doing it. I agree. Either Fedora supports Secure Boot or it doesn't, doing this per package is a very bad idea (unless there's a technical reason requiring it). I think doing this at the software level is to be left to the software developer's discretion. And the software developer has all the rights to do so, for either technical or philosophical reasons. I am more concerned about the package maintenance level. At the package maintenance level, it does not make sense to patch against the upstream decision. On the other hand, a package maintainer should have the right to not support users filing bugs that potentially originate from secure boot. If that really happens (I doubt it but still) you are free to reassign the bug to the packages responsible for implementing secureboot. Simply refusing to run because secureboot is enabled (unless there are technical reasons) is simply limiting the users freedom in the name of freedom which is unacceptable. This, I think, is equivalent to the fact that a provenpackager is not responsible for all the packages in the distribution, although he has the necessary permissions for modification. That's nonsense. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 2:26 PM, drago01 wrote: Simply refusing to run because secureboot is enabled (unless there are technical reasons) is simply limiting the users freedom in the name of freedom which is unacceptable. I am making a clear distinction between simply refusing to run and simply refusing to provide support, which you conveniently ignore. This, I think, is equivalent to the fact that a provenpackager is not responsible for all the packages in the distribution, although he has the necessary permissions for modification. That's nonsense. It's perfect analogy to me. Thanks, Orcan -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, 2012-06-02 at 14:26 -0400, Orcan Ogetbil wrote: That is not the answer to my question (hint: read the question). Indeed, it is not, but do you really want to put in the CLA the responsibilities of every role past present and future available in the project ? Meaning that every time one is added, the CLA changes and thus that everyone has to re-sign it ? Pierre -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 2:31 PM, Pierre-Yves Chibon wrote: On Sat, 2012-06-02 at 14:26 -0400, Orcan Ogetbil wrote: That is not the answer to my question (hint: read the question). Indeed, it is not, but do you really want to put in the CLA the responsibilities of every role past present and future available in the project ? Meaning that every time one is added, the CLA changes and thus that everyone has to re-sign it ? Good questions. While I think the project could benefit from having at least the top level responsibilities listed in the agreement, this would end up burdening maintainers with legal responsibilities. I don't honestly know what is the best way out. At the same time I don't want to be obliged to support something I don't want to. There are many more important things to deal with in the distribution than a stupid secure boot feature. Thanks, Orcan -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Jun 2, 2012, at 5:56 AM, Pedro Lamarão wrote: Who exactly is this We person who cannot accomplish the goal of dealing with multiple vendors shipping multiple interfaces on different machines? The Free Software Movement certainly can. This is very naive, IMO. Where is the influence of free software movement in UEFI and the hardware vendors? As much as people want to ignore reality, and stand entirely on idealism, the reality is we're all sharing the same swimming pool whether we use Windows or not. We are affected by what Microsoft does. And if you want to consider the MS logo/certification requirement akin to pissing in the swimming pool, well you can complain about it, that's fair and all, but it doesn't actually produce any incentive whatsoever for the offending party to alter their behavior. Do nothing. Stand in the way. Wait patiently. Explain to those who ask, tolerate a little laughter, a little violence. Gandhi style. Doing nothing is the exact opposite of providing an incentive for MS to change their behavior voluntarily. This is not a case of a small number of British occupying the native land of others, while out manned 1:1 by the natives. This is a case of being minority in terms of numbers as well as power. Even if Red Hat went out on a limb and came up with their own hardware certification that exactly contradicts the negative parts of the Microsoft certification, I think we all know approximately what that would translate into. It may have an effect for some servers. It would likely have zero effect for the vastly larger desktop and laptop market, the market for Fedora. Chris Murphy -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Jun 1, 2012, at 12:50 PM, Peter Jones wrote: On 06/01/2012 01:22 PM, Chris Murphy wrote: Is UEFI Secure Boot really the only way to prevent the problem it attempts to solve, and if so, what about the plethora of BIOS hardware in the world today, still even shipping as new systems? They're all unacceptably exposed? Really? That's the position Microsoft has taken, yes. Do you share this position that Microsoft has taken? If not, why not? Do you think there are alternatives to UEFI Secure Boot - including a possible spec change? Chris Murphy -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 12:36 PM, Matthew Garrett mj...@srcf.ucam.org wrote: Per spec the machine simply falls back to attempting to execute the next entry in the boot list. An implementation may provide some feedback that that's the case, but there's no requirement for it to do so, so it's perfectly valid for it to just fall back to booting Windows with no notification. If the issue were just the opaque and unpredictable behavior on failure this could be addressed without signing any of the distribution proper. Create a pre-bootloder. If secureboot is enabled only permitting this boot because it's signed with the msft key, then display the most helpful instructions WRT secureboot we can display and then halt. If secureboot is not enabled, pass control to grub. This should meet the signing requirements and it removes the opacity without locking down any of Fedora. Such a bootloader should meet whatever requirements to get signed, since if secureboot is turned on it wont boot anything at all. I strongly encourage this mode to be created and included with Fedora even if goes down the route of locking down the operating system... so when people do replace their bootloaders/kernels they're not just stuck booting into windows or getting a black screen. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, 2 Jun 2012 15:28:03 -0400 Gregory Maxwell gmaxw...@gmail.com wrote: If the issue were just the opaque and unpredictable behavior on failure this could be addressed without signing any of the distribution proper. Create a pre-bootloder. If secureboot is enabled only permitting this boot because it's signed with the msft key, then display the most helpful instructions WRT secureboot we can display and then halt. If secureboot is not enabled, pass control to grub. Sure, this gets back to the what do we tell the user. Go into your EFI setup somehow (depends on vendor) and find something like secure boot (but it may be called something else) and find the thing that disables that (it may be called disable, or you may have to set 'custom mode' or you may have to remove all keys from it, then reboot I think we all agree this whole thing sucks, but I think the above is less than ideal for our users. This should meet the signing requirements and it removes the opacity without locking down any of Fedora. Such a bootloader should meet whatever requirements to get signed, since if secureboot is turned on it wont boot anything at all. I strongly encourage this mode to be created and included with Fedora even if goes down the route of locking down the operating system... so when people do replace their bootloaders/kernels they're not just stuck booting into windows or getting a black screen. Sure, this is a valid option... and presenting our users with the best info we can at any of these steps is good. kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 03:28:03PM -0400, Gregory Maxwell wrote: This should meet the signing requirements and it removes the opacity without locking down any of Fedora. Such a bootloader should meet whatever requirements to get signed, since if secureboot is turned on it wont boot anything at all. But you're happy to sacrifice the freedom for people to modify the error text that's provided? What's your threshold? -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 4:02 PM, Matthew Garrett mj...@srcf.ucam.org wrote: On Sat, Jun 02, 2012 at 03:28:03PM -0400, Gregory Maxwell wrote: This should meet the signing requirements and it removes the opacity without locking down any of Fedora. Such a bootloader should meet whatever requirements to get signed, since if secureboot is turned on it wont boot anything at all. But you're happy to sacrifice the freedom for people to modify the error text that's provided? What's your threshold? I'm not quite sure where my threshold is, I'd have to think really hard on that. But I don't have to think hard about this particular example, because wherever the threshold a program that just displays a help screen on how to disable the restriction is on the least troublesome extreme of the continuum. In particular, I can just conclude that this bootloader is not free software. And that including a small piece of non-free-software that simply serves the purpose of helping the user figure out how to permit installing free software is unfortunate but is strictly less bad than the blobby firmware Fedora already ships. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 04:08:45PM -0400, Gregory Maxwell wrote: On Sat, Jun 2, 2012 at 4:02 PM, Matthew Garrett mj...@srcf.ucam.org wrote: But you're happy to sacrifice the freedom for people to modify the error text that's provided? What's your threshold? I'm not quite sure where my threshold is, I'd have to think really hard on that. But I don't have to think hard about this particular example, because wherever the threshold a program that just displays a help screen on how to disable the restriction is on the least troublesome extreme of the continuum. That's fine as long as you speak English. Now how about if you want to release a localised translation? Your users get an error message in a language they don't speak. But you've arbitrarily decided that the freedom to do anything about that isn't one that you care about? There are no easy answers here. You've just drawn your This freedom is worthwhile line in a slightly different place to me. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 4:21 PM, Matthew Garrett mj...@srcf.ucam.org wrote: That's fine as long as you speak English. Come on now, you're building a strawman argument. I never said that it had to be in a single language—notice messages I _normally_ write get put into many languages. I don't see why the text of the screen couldn't be outside the signed area so people could continue to develop it in an efficient manner. But you've arbitrarily decided that the freedom to do anything about that isn't one that you care about? There are no easy answers here. You've just drawn your This freedom is worthwhile line in a slightly different place to me. There isn't an easy answer here because you've defined a higher goal then just getting information to people. The goal you've set—Fedora working out of the box on this hardware without user fuss—can't be accomplished via technical means, except by restricting the bootloader and kernel. There is no law of nature which says that this must be your goal, however. When it comes down to it, your drawing the line argument just doesn't make sense. There is always injustice in the world. If you want to be pedantic, anyone who ever seeks a more lawful or more ethical path is simply drawing a line, because there is always some more fundamental injustice they've left unsolved for the moment. We have an operating system where the users can modify it—top to bottom—and distribute the results, and have them just as able to be used as Fedora itself is, where they all stand sharing with each other as technological equals without having to ask permission. This freedom is both an ethical stance, embodied in the vision of the Fedora project and in the licenses of the many thousands of free software packages Fedora ships, and also a competitive advantage, because this kind of freedom is precluded by the the business models of Apple and Microsoft. This isn't just the practical advantage of being able to twiddle with our own machines, but also the advantage of having a cooperative ecosystem rather than a co-opting ecosystem. But with this change, for the majority of users, Fedora will become a lot more like Microsoft's offering—a locked kernel which you can load userspace apps on top of— which you can jailbreak to get more freedom. This is practically a twenty-year step backwards in software freedom, a loss of a practical advantage of our software, and an affront to the developers of copylefted software—some written as a direct attack on these kinds of restrictions. And it is the loss of a strong principled position which we have used to market free software: that the concept of jailbreaking is foreign to us because we don't, as a matter of principle and of license compliance, restrict our users. There are places where the freedoms provided by Fedora have practical limits—and in those places we find people arguing to advance those causes (such as preemptively renaming trademarked packages). But that in no way excuses a new loss of freedom; if it is to be justified, it must stand on its own merits. These merits must be judged not against the weakest strawmen, but against the best alternatives. A signed help screen is an alternative. Fedora installs are easier than they were ten years ago when you did have to frequently mess with the BIOS—and where the failures never had a nice help screen—but being realistic, our install instructions still have people raw-writing images to usb sticks, and it is still not that uncommon to have to muck around in the BIOS to get the boot order right. A totally clueless person with an install disk can easily wipe out a system full of their data. I think regressing to the installs being somewhat easier than ten yearsish ago is still a better place to be than the cryptographic lockdown. Why not try the half step— a restricted help screen display module— and only go the whole way if it proves inadequate? -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 11:14 PM, Gregory Maxwell gmaxw...@gmail.com wrote: I think regressing to the installs being somewhat easier than ten yearsish ago is still a better place to be than the cryptographic lockdown. I disagree and once again it is not a lockdown as people who care enough can disable it, while having it enabled by default makes things easier for a large set of (potential) users. And if we have the choice between make it easier to modify every part of the OS vs. make it easier to instal the OS in the first place ... no one thinking rationally would opt for the former. Besides installation and modification aside it does provide another additional value ... which is added security which is a welcome addition in some environments. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 5:26 PM, drago01 drag...@gmail.com wrote: On Sat, Jun 2, 2012 at 11:14 PM, Gregory Maxwell gmaxw...@gmail.com wrote: I think regressing to the installs being somewhat easier than ten yearsish ago is still a better place to be than the cryptographic lockdown. I disagree and once again it is not a lockdown as people who care enough can disable it, while having it enabled by default makes things easier for a large set of (potential) users. You can disable the lockdown on iOS devices too—and the lawfulness of this activity is well established in the US. I understand that when the Copyright Office hit its periodic review for that particular DMCA exemption Apple didn't even fight it this time. It is still a lockdown even if there is some complicated procedure to disable it—you can't argue this both ways. Either it's an inconsequential restriction because it's so easy to disable, or it's a practical problem for people installing the OS. And what happens when OEMs leave out the option, which isn't even required by the UEFI spec itself, and Microsoft fails to enforce that particular requirement? Not our fault? And if we have the choice between make it easier to modify every part of the OS vs. make it easier to instal the OS in the first place ... no one thinking rationally would opt for the former. If it were so simple we'd never have free software at all, because it was always easier to continue using whatever commercial offering came bundled with your system. In this case it's make it easier to install vs. preserve an ecosystem of cooperating publishers, keep software freedom as a top-line priority, keep it easy to modify every part, and don't put Red Hat in the business of defending semi-tivoization against license enforcement by free software authors. Besides installation and modification aside it does provide another additional value ... which is added security which is a welcome addition in some environments. There is no additional security provided by the feature as so far described—only security theater. So I can't modify the kernel or bootloader, great—but the kernel wouldn't have let me do that in the first place unless it had an exploit. So I just put my rootkit inside systemd so that it executes the kernel exploit right after reboot, and the exploited kernel now silently keeps updates from being applied. This has hardly made any attacks more difficult at all. You don't get security benefits from this without a much more elaborate and fragile system, or without mandating the signing of a much larger portion of the software stack so that updates can run before any unsigned code (and even then only after the horse has left the barn: the attacker has stolen your data and wiped the system before reboot). If you want to improve the security of Fedora, there are a great many things that can be done which don't have sticky compromises and which would provide greater actual security. Moreover, I can find no feature requests for this functionality. (Instead the internet is flooded by people asking how to turn off the security facilities Fedora already has, people on the IRC channel reflexively tell people to disable SELinux even when doing so isn't required, etc.) -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Le samedi 02 juin 2012 à 09:46 +0100, phantomjinx a écrit : Michael scherer m...@zarb.org wrote: On Sat, Jun 02, 2012 at 02:10:38AM +0200, Kevin Kofler wrote: Tomasz Torcz wrote: Documenting the procedure may be viable after all. Kevin, could you start writing such guides on Fedora wiki? I cannot start documenting this before the first Secure-Boot-enabled firmware actually ships. Sure you can, just send a email to OEMs to have access to engineering samples. You can also start to organize the effort to review UEFI interface, by creating a UEFI documenting SIG, and let all the people who want to document as a alternative to paying 99$ to Verisign take care of the logistics. -- Michael Scherer -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel While this reply is informative, it tends to imply that KK should do this without any support from those that disagree with his position. Well, from what I red from KK position, this seems to be not be a big problem to document, so does he really need support from others ? And there is enough people agreeing with him to be something that can be done fast, no ? Of course, if in the end, the solution requires a massive amount of work and no one is motivated enough to do it, then it may not workable, and then people who think the solution of getting a certificate from Verisign are right, and KK is wrong, but the only way to know is to try to do it. Having watched this thread over the last 24 hours I would like to understand where we are going with it. There are different positions with increasingly shrill talking at and talking past replies. The media has already posted articles on this as fedora selling out to Microsoft. This cannot be good long term for the reputation of the project. I think you underestimate the lack of long term memory of people, and the fact that most people do not really care. Yes, there is a few people that would remember that. But technically, they would factually wrong, since the money is paid to Verisign, not Microsoft ( cf update to the blog post of MG ). And I think no one would be happy if someone start to use some stuff like Bluepill ( http://en.wikipedia.org/wiki/Blue_Pill_%28software%29 ) to root them. Security researcher have found also some weird stuff ( like http://events.ccc.de/congress/2010/Fahrplan/events/4174.en.html ) on hardware, so that's at least something that can be done by people motivated enough. Maybe you would not be attacked, maybe that's pure paranoia. And maybe not. And I am pretty sure we would all hate seeing people saying that Linux is less secure than Windows due to such problem ( and in fact, people already imply that Bitlocker is safer because it use TPM : http://theinvisiblethings.blogspot.fr/2009/01/why-do-i-miss-microsoft-bitlocker.html, even if that something that can be done http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=%2Fliaai%2Fecrypts%2Fliaaiecryptfs.htm but not integrated for now ) Having a free BIOS/EFI would surely be a step toward a better solution, but frankly who here tried to use coreboot on real hardware ? I do not like the current situation, do not get me wrong. But yet, if people who say we should let people change their settings do not even know what a modern firmware interface does look like, I do not have much confidence in their capacity to fully see what is going on. UEFI was marketing as being a platform to add value, ie interface variation. A lot of work has been put into this by MG and his article seemed to imply almost a despairing resignation about the decision (if not the case then I misread it -sorry). Based on the comments of this thread can a working group or sig be set up to build on MG and Co's work to find the most workable solution that preserves the reputation of the project. Otherwise I fear the distro will gain zero new users but worse lose the ones it already has! I think most users would not see any difference at all, because cds would work without them seeing anything, that's the whole point of offering a seamless experience. And if people are following only Slashdot headlines ( who are quite often misleading IMHO ) without searching in depth what goes one to make their decision, I doubt they would be the one _I_ would try to get ( and I realize that rather elitist to say, yes, but I am speaking for myself ). There is never a shortage of people too quick to judge. If people do not care to even understand what goes behind a compromise, how would they care to contribute enough ? -- Michael Scherer -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 05:14:12PM -0400, Gregory Maxwell wrote: When it comes down to it, your drawing the line argument just doesn't make sense. There is always injustice in the world. If you want to be pedantic, anyone who ever seeks a more lawful or more ethical path is simply drawing a line, because there is always some more fundamental injustice they've left unsolved for the moment. There is always injustice. You're arguing that one level of injustice is acceptable and that another isn't, and you're justifying your distinction because you think the benefits of providing that information are greater than the costs of the loss of freedom. But there's no absolute rational measure of that, in the same way that there's no way to rationally say that the loss of freedom in terms of users not being able to produce their own signed bootloader or kernel for free is more or less significant than the benefit of having an operating system that users can install without firmware reconfiguration. You're fine with one level of injustice. I'm fine with another level of injustice. Both compromise the freedoms that Fedora currently gives you. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 5:57 PM, Matthew Garrett mj...@srcf.ucam.org wrote: You're fine with one level of injustice. I'm fine with another level of injustice. Both compromise the freedoms that Fedora currently gives you. I'm not fine with it. It's an unfortunate situation too. But producing a single special case trivial display program for users who couldn't run anything which was truly free at all is hardly comparable to cryptographically locking down the core of an OS— millions of lines of code written by other people, and missing an opportunity to help users regain their complete freedom at a time when they are most ready and willing to accept a little inconvenience. You've made the argument that we didn't choose the lockdown the systems— Microsoft and the OEMs have. Fine. But it is we who will be choosing to restrict Fedora in that environment rather than only a trivial help-text shim. I gave extensive argument on several aspect of the balance which I believe fall in favor not adopting cryptographic lockdown in Fedora. I'm not opposing cryptographically locking the kernel on a simple blind principle of software freedom, and so I do not reject the alternative of a help screen for equally weak reasons. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 06:09:15PM -0400, Gregory Maxwell wrote: I'm not fine with it. It's an unfortunate situation too. But producing a single special case trivial display program for users who couldn't run anything which was truly free at all is hardly comparable to cryptographically locking down the core of an OS— millions of lines of code written by other people, and missing an opportunity to help users regain their complete freedom at a time when they are most ready and willing to accept a little inconvenience. It's comparable in that you're willing to give up a freedom for some functionality. Personally I think the functionality you'd gain is small compared to the freedom you'd lose, and you obviously feel the same about my position. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 6:09 PM, Gregory Maxwell gmaxw...@gmail.com wrote: On Sat, Jun 2, 2012 at 5:57 PM, Matthew Garrett mj...@srcf.ucam.org wrote: You're fine with one level of injustice. I'm fine with another level of injustice. Both compromise the freedoms that Fedora currently gives you. I'm not fine with it. It's an unfortunate situation too. But producing a single special case trivial display program for users who couldn't run anything which was truly free at all is hardly comparable to cryptographically locking down the core of an OS— millions of lines of code written by other people, and missing an opportunity to help users Apologies for the double response— but it occurs to me that this may not be clear: My initial take— and still my preference— is to not participate at all: Any participation legitimizes this imposition, regardless of how I feel about the software freedom of a help-display ship. But people have provided excellent arguments that the silent failure would be especially confusing and disruptive to users. I agree with these concerns, so I offered the idea of a help shim which would completely address those specific problems while still preserving 99.% of user software freedom and while still being pretty similar to complete non-participation. I think it is poor form hold an effort to compromise and find something that will be acceptable to people who are primarily concerned with usability against me, or to suggest that I can't argue that software freedom is important because I'm unwilling to stoop to whatever fringe ethics you'd like me to uphold. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 11:47 PM, Gregory Maxwell gmaxw...@gmail.com wrote: On Sat, Jun 2, 2012 at 5:26 PM, drago01 drag...@gmail.com wrote: On Sat, Jun 2, 2012 at 11:14 PM, Gregory Maxwell gmaxw...@gmail.com wrote: I think regressing to the installs being somewhat easier than ten yearsish ago is still a better place to be than the cryptographic lockdown. I disagree and once again it is not a lockdown as people who care enough can disable it, while having it enabled by default makes things easier for a large set of (potential) users. You can disable the lockdown on iOS devices too—and the lawfulness of this activity is well established in the US. I understand that when the Copyright Office hit its periodic review for that particular DMCA exemption Apple didn't even fight it this time. Apples and Oranges unrelated and here disable is using an exploit not just flipping an option. It is still a lockdown even if there is some complicated procedure to disable it—you can't argue this both ways. Either it's an inconsequential restriction because it's so easy to disable, or it's a practical problem for people installing the OS. It can be argued both ways. Modifying software requires more skills and knowlegde anyway so it is more acceptable to accept that group of people to fiddle with the firmware then everyone including people that don't even know what a firmware is. Come on lets not discuss the obvious .. And what happens when OEMs leave out the option, which isn't even required by the UEFI spec itself, and Microsoft fails to enforce that particular requirement? Not our fault? In case we refuse to support secure boot at all users on this hardware won't have any option but to run a 100% proprietary OS. While if we ship signed bootloader and kernel they can enjoy the freedom to modiify everything else of their OS. In that case it is choosing the lesser evil option. Is this a good situation? Of chores not. But the all or nothing approach isn't what got us where we are now. And if we have the choice between make it easier to modify every part of the OS vs. make it easier to instal the OS in the first place ... no one thinking rationally would opt for the former. If it were so simple we'd never have free software at all, because it was always easier to continue using whatever commercial offering came bundled with your system. We have to make our software better then the competition being free by itself is not enough to gain market traction. Having a complicated installation procedure sure does not help this case. In this case it's make it easier to install vs. preserve an ecosystem of cooperating publishers, keep software freedom as a top-line priority, keep it easy to modify every part, and don't put Red Hat in the business of defending semi-tivoization against license enforcement by free software authors. Lets check this using the free software definition by the FSF: 1. The freedom to run the program, for any purpose (freedom 0). You are free to run fedora for any purpose even if we implement secure boot. 2. The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. The source code is available, you are free to study and change it. Running it on specific hardware might require an additional step but that does not contradict this. 3. The freedom to redistribute copies so you can help your neighbor (freedom 2). 4. The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this. You are free to do so as long as you comply with the trademark guidelines. You have to sign the kernel and bootloader (which costs money) to have an easy install routine. The later part sucks but does not restrict freedom 3 nor 4. And according to your other mails having the user i.e your neighbor disable secure boot is easy. (I disagree with the later but you obviosuly don't). So if you argue that it is fine for fedora to be shipped that way it is fine for your redistributed copy (even though some other OSes like Fedora, Windows, ...) are easier to install. Otherwise your whole point is hypocritical. So yes the situation kind of sucks but claiming that supporting secureboot will make fedora non free is just wrong. We can have a technical discussion in how to solve this better (having the user mess with the firmware isn't better) ... but the free vs. non free discussion does not make any sense because the software will remain free. So lets have a discussion on that basis. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sun, Jun 3, 2012 at 12:09 AM, Gregory Maxwell gmaxw...@gmail.com wrote: On Sat, Jun 2, 2012 at 5:57 PM, Matthew Garrett mj...@srcf.ucam.org wrote: You're fine with one level of injustice. I'm fine with another level of injustice. Both compromise the freedoms that Fedora currently gives you. I'm not fine with it. It's an unfortunate situation too. But producing a single special case trivial display program for users who couldn't run anything which was truly free at all is hardly comparable to cryptographically locking down the core of an OS— millions of lines of code written by other people, and missing an opportunity to help users regain their complete freedom at a time when they are most ready and willing to accept a little inconvenience. No one is preventing anyone from providing instructions on how to disable secure boot. We should definitely do that. But those are not mutually exclusive ... i.e we can have both documentation *and* an OS that just works. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 2, 2012 at 6:23 PM, drago01 drag...@gmail.com wrote: It can be argued both ways. Modifying software requires more skills and knowlegde anyway so it is more acceptable to accept that group of people to fiddle with the firmware then everyone including people that don't even know what a firmware is. Come on lets not discuss the obvious .. My personal ability to disable the cryptographic lockdown— or to choose hardware where isn't in question— it's the ability of people I redistribute the software to that is relevant. If it were not then I could simply answer your desire to ship signed binaries with Just disable that option on your computer, tada, no problems. If thats not a viable an option for Fedora as whole, it's not an option to someone who is executing the rights Fedora is required to pass on either. I don't personally think there is any ambiguity in this regard the social contract created via copyleft licenses, if people do then perhaps it's time to strike a new one. [No disrespect intended, but I'm not point by pointing the rest because I think the educated reader could easily enough anticipate my responses from the past thread, we're becoming circular again] -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sun, Jun 3, 2012 at 12:32 AM, Gregory Maxwell gmaxw...@gmail.com wrote: [No disrespect intended, but I'm not point by pointing the rest because I think the educated reader could easily enough anticipate my responses from the past thread, we're becoming circular again] Yeah that's fine we both have different opinions here and won't convince each other so lets just agree to disagree instead of going in circles. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/02/2012 11:27 AM, Chris Adams wrote: Once upon a time, Kevin Koflerkevin.kof...@chello.at said: And I don't think having to disable Secure Boot in the firmware is a hurdle which will make our users simply walk away. I didn't simply walk away either back in the day where RHL wouldn't boot without disabling the Plug and Play operating system option in the BIOS. You are far from an average user though. There are lots of users that Fedora would like to target that would flinch (at a minimum) when told they have to change their firmware settings first. Even more would be disturbed when you tell them that to run Fedora you have to disable an option called Secure Boot (but I want my system to be secure!). You can try to explain it all you want, but they'll latch on to the disable Secure Boot and glaze over any explanation. Developers will not have a big problem; they're used to having to enable special options and such for some development or testing work. Fedora isn't just supposed to be for developers though. Who are these users? I have been using Linux since 0.99 while working with many users of Windows,none of them expressed an interest in trying linux. -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/02/2012 05:26 PM, drago01 wrote: On Sat, Jun 2, 2012 at 11:14 PM, Gregory Maxwellgmaxw...@gmail.com wrote: I think regressing to the installs being somewhat easier than ten yearsish ago is still a better place to be than the cryptographic lockdown. I disagree and once again it is not a lockdown as people who care enough can disable it, while having it enabled by default makes things easier for a large set of (potential) users. Who are these potential users? How many people running windows have you convinced to also load Linux? I have been using Linux since 0.99 and have not been able to convince any to use Linux. And if we have the choice between make it easier to modify every part of the OS vs. make it easier to instal the OS in the first place ... no one thinking rationally would opt for the former. Besides installation and modification aside it does provide another additional value ... which is added security which is a welcome addition in some environments. -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Once upon a time, Steve Clark scl...@netwolves.com said: Who are these users? I have been using Linux since 0.99 while working with many users of Windows,none of them expressed an interest in trying linux. Well, we obviously have different friends. I've got lots of technical friends (and my father) that don't spend all day working on computers, just using them (telecom engineers, rocket scientists, etc.). A number of them have asked me about Linux over the years, and I've helped them get started and help with occasional problems. As for since 0.99: I remember when a friend told me about this post he saw in the Minix newsgroup. Unfortunately, I didn't have a 386 at the time. :) -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 07:51:52PM -0400, Steve Clark wrote: Who are these potential users? How many people running windows have you convinced to also load Linux? I have been using Linux since 0.99 and have not been able to convince any to use Linux. It's possible that this says more about you or the people you meet than anything else. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/02/2012 07:55 PM, Chris Adams wrote: Once upon a time, Steve Clarkscl...@netwolves.com said: Who are these users? I have been using Linux since 0.99 while working with many users of Windows,none of them expressed an interest in trying linux. Well, we obviously have different friends. I've got lots of technical friends (and my father) that don't spend all day working on computers, just using them (telecom engineers, rocket scientists, etc.). A number of them have asked me about Linux over the years, and I've helped them get started and help with occasional problems. As for since 0.99: I remember when a friend told me about this post he saw in the Minix newsgroup. Unfortunately, I didn't have a 386 at the time. :) I worked with developers where we were developing for Unix and they wanted to uses PC's running Windows and not FreeBSD or Linux, go figure. I would think your friends would be able to handle disabling secure boot to load fedora. -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/02/2012 08:20 PM, Matthew Garrett wrote: On Sat, Jun 02, 2012 at 07:51:52PM -0400, Steve Clark wrote: Who are these potential users? How many people running windows have you convinced to also load Linux? I have been using Linux since 0.99 and have not been able to convince any to use Linux. It's possible that this says more about you or the people you meet than anything else. So an ad hominem attack as opposed to facts to answer the question - nice. -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Sat, Jun 02, 2012 at 08:43:41PM -0400, Steve Clark wrote: On 06/02/2012 08:20 PM, Matthew Garrett wrote: On Sat, Jun 02, 2012 at 07:51:52PM -0400, Steve Clark wrote: Who are these potential users? How many people running windows have you convinced to also load Linux? I have been using Linux since 0.99 and have not been able to convince any to use Linux. It's possible that this says more about you or the people you meet than anything else. So an ad hominem attack as opposed to facts to answer the question - nice. No, I mean that your anecdote tells you nothing about the population, only about the people involved. Spend time in Bugzilla or on the forums and you'll find no shortage of people who have come to Linux from Windows. If you've never met these people then that just means that you haven't met them, not that they don't exist. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Michael Scherer wrote: And I think no one would be happy if someone start to use some stuff like Bluepill ( http://en.wikipedia.org/wiki/Blue_Pill_%28software%29 ) to root them. You can be blue-pilled purely from userspace, which Secure Boot does not protect at all. Ever heard of software emulation? It doesn't even need root access! It's several times slower (~50 times in my experience of running qemu-system-x86_64 on a 32-bit P4 to build packages), but some users are happily using spyware/virus/trojan-infected machines slowed down to a crawl. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/02/2012 08:56 PM, Matthew Garrett wrote: On Sat, Jun 02, 2012 at 08:43:41PM -0400, Steve Clark wrote: On 06/02/2012 08:20 PM, Matthew Garrett wrote: On Sat, Jun 02, 2012 at 07:51:52PM -0400, Steve Clark wrote: Who are these potential users? How many people running windows have you convinced to also load Linux? I have been using Linux since 0.99 and have not been able to convince any to use Linux. It's possible that this says more about you or the people you meet than anything else. So an ad hominem attack as opposed to facts to answer the question - nice. No, I mean that your anecdote tells you nothing about the population, only about the people involved. Spend time in Bugzilla or on the forums and you'll find no shortage of people who have come to Linux from Windows. If you've never met these people then that just means that you haven't met them, not that they don't exist. But don't you think that if they are determined enough to go to bugzilla and make an entry they are smart enough to turn off secure boot? I guess my feeling is that people that have the where withall to attempt to load another OS on their Windows box won't be afraid to disable secure boot especially if it is explained to them why they need to. -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 05/31/2012 05:13 PM, Chris Adams wrote: Please don't spread FUD like this. You are wrong for a couple of reasons: - Secure boot is required to be able to be disabled on x86 (the only platform Fedora will support it). - Users can generate their own keys, enroll them in the secure boot firmware, and use those keys to sign their kernels. I am not sure I fully understand the technical part about UEFI so please make it clear for me: I can generate my own keys, enroll them in the secure boot firmware and then *continue* using the machine in a *dual boot* with Windows 8? The presence on my own boot keys will make Windows 8 unbootable on that machine or not? -- nicu :: http://nicubunu.ro :: http://nicubunu.blogspot.com/ -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/31/2012 07:21 PM, Gerry Reno wrote: Not yet. But HDD technology is changing rapidly. Just look at hybrid drives, SSD. No reason they could not add this capability. Not really. Both of these have been in development for years and have only started to look mainstream fairly recently. Look at the time that passed between IDEMA standardising advanced (4KiB) sectoring and the time that that took to actually make it to the market (not to mention that most of those parts are running in compatibility mode today). ATA has some existing security extensions to allow a drive to be locked but these prevent any access until a correct password is presented (and don't appear to be that secure against a well resourced attacker). If read-only support was standardised tomorrow it'd still be a number of years before widespread support became available. About the best you could do today would be to use an external drive with a write-protect switch or to wire up the physical WP jumper on the drive to an external switch on the case (I wouldn't flick it while the system is running ;). Regards, Bryn. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/Ih3wACgkQ6YSQoMYUY96v7ACfUV2nSsW4iAQDwTXXWz75cpMb fN0AoKHV48bethNR/GKaUdNtnfeNMWlL =mZVJ -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/31/2012 08:03 PM, Gregory Maxwell wrote: I wasn't responding to MJG, I was responding to Peter— who said I was wrong in the message where I was stating that a freedom is being lost, and has subsequently spoken more clearly on the position— and Byrn. It seemed to me that they were arguing that the freedom of fedora wasn't being compromised here. My understanding has been refined by further discussion, though I'm still not completely sure if all people actually take the loss of freedom seriously, or if they do but just can't accept the idea that the alternative is actually an option. If you read my posts carefully you might have noticed that I have not actually taken a position on this feature. I was only responding to the tone and content of your message which I still feel was unnecessarily alarmist and not adding anything to the discussion. I am not working on this feature and I'm quite capable of telling my system's firmware to do what I want so there's little practical implication for me. I see the arguments on both sides and I regret that we appear to be between a rock and a hard place here. At the same time I have a lot of trust in the people who are working on this in Fedora and I have faith that the project will try to seek the best compromise between the freedoms we value and the realities of the market and environment we find ourselves in. Invoking the conspiracy card on these discussions and decisions really just takes us further into the mire. Regards, Bryn. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/IlYIACgkQ6YSQoMYUY95jdgCgtG2ZjWfbZ1eFbV7FJLlvvIrQ 6KcAoLY4Vfca42XC7eby578EOpENakaY =1HB5 -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Thu, May 31, 2012 at 01:55:35PM -0500, Chris Adams wrote: Once upon a time, Peter Jones pjo...@redhat.com said: That's why we didn't simply ask vendors to ship our key. That would be /less/ equitable to other distributions than the solution we're looking at right now. Has any thought been given to setting up group between various Open Source distributions (Linux, BSD) to be a Secure Boot signer (with security-oriented rules about what gets signed, probably similar to whatever Microsoft is using today) and then getting vendors to include the master key along site Microsoft's? The last attempt to do something similar I can think of would be cacert. Afaik, they are still being audited to be added to Firefox, and i think they would be happy to explain all the issues they faced on that road. -- Michael Scherer -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/31/2012 10:42 PM, Adam Williamson wrote: On Thu, 2012-05-31 at 15:07 -0400, Gerry Reno wrote: Yes, all these would currently support what I'm suggesting. Actually, if you're willing to flip a lot of switches, you could probably make your / a raid5 of floppies, but the performance would be suboptimal. -J Ok, now you're just being silly. Behold: http://www.wired.com/gadgetlab/2009/05/five-disk-floppy-raid-4mb-of-blistering-fast-storage/ Hey, you might be joking but I used to demo MD RAID in Red Hat classes using a dinky little 4-port USB1 hub (with a Shadowman logo) and four Red Hat branded USB keys. Worked great :-) Regards, Bryn. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/ImxUACgkQ6YSQoMYUY96GcgCg0Hl2mIPTJRx4wPUujN4fPVex fL8An1E/1Gd6DQwgzC36hXm2HFk6mCbX =xv75 -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 05/31/2012 09:14 PM, Kevin Kofler wrote: Chris Adams wrote: - Secure boot is required to be able to be disabled on x86 (the only platform Fedora will support it). And this is exactly why we should just require our users to disable it! I don't see any advantage at all from supporting this feature, just problems: * extra restrictions added to GRUB and the kernel to comply with the security (lockout) requirements. Even if they're all conditional on secure boot being enabled (are they really?), that still means extra code which can cause extra breakage even when running in normal mode (the one every Free Software user should be using). * possible GPL violation. Did Red Hat Legal have a look at the plans already? Are they sure they're compliant with the GPL, v2 when it comes to the kernel, v3 when it comes to GRUB 2? (What's sure is that they aren't compliant with the spirit of the GPL, whatever version!) * ineffectiveness of the added restrictions: Can't you still bring up a Blue Pill with a Window$ VM even with only unsigned userspace apps? And if we don't even allow those, where's the freedom? * exercising your freedom to change the kernel (or even just to load an out- of-tree module!) requires you to disable Secure (Restricted) Boot anyway, so why support the restricted mode? (As much as I hate proprietary drivers, you can definitely expect a horde of their users showing up at your door with a pitchfork...) * implicit endorsement of M$ and their signature racket (including a monetary payment to their racketing partner Veri$ign -- was that already made?). It might even lead M$ to drop the requirement to allow disabling Secure Boot (or even invert it into a prohibition as on ARM!), arguing that Linux (sic, should be GNU/Linux) supports it too anyway. * dependence on the racket, which can change its terms at any moment. Just saying disable 'Secure' Boot in the BIOS is the easiest solution to the problem. I remember the days where one had to disable PlugPlay Operating System in the BIOS to get GNU/Linux to boot at all on some machines, it didn't cause any real problems. Kevin Kofler +100 -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 12:58 PM, Steve Clark wrote: On 05/31/2012 09:14 PM, Kevin Kofler wrote: Chris Adams wrote: - Secure boot is required to be able to be disabled on x86 (the only platform Fedora will support it). And this is exactly why we should just require our users to disable it! I don't see any advantage at all from supporting this feature, just problems: * extra restrictions added to GRUB and the kernel to comply with the security (lockout) requirements. Even if they're all conditional on secure boot being enabled (are they really?), that still means extra code which can cause extra breakage even when running in normal mode (the one every Free Software user should be using). * possible GPL violation. Did Red Hat Legal have a look at the plans already? Are they sure they're compliant with the GPL, v2 when it comes to the kernel, v3 when it comes to GRUB 2? (What's sure is that they aren't compliant with the spirit of the GPL, whatever version!) * ineffectiveness of the added restrictions: Can't you still bring up a Blue Pill with a Window$ VM even with only unsigned userspace apps? And if we don't even allow those, where's the freedom? * exercising your freedom to change the kernel (or even just to load an out- of-tree module!) requires you to disable Secure (Restricted) Boot anyway, so why support the restricted mode? (As much as I hate proprietary drivers, you can definitely expect a horde of their users showing up at your door with a pitchfork…) * implicit endorsement of M$ and their signature racket (including a monetary payment to their racketing partner Veri$ign – was that already made?). It might even lead M$ to drop the requirement to allow disabling Secure Boot (or even invert it into a prohibition as on ARM!), arguing that Linux (sic, should be GNU/Linux) supports it too anyway. * dependence on the racket, which can change its terms at any moment. Just saying disable 'Secure' Boot in the BIOS is the easiest solution to the problem. I remember the days where one had to disable PlugPlay Operating System in the BIOS to get GNU/Linux to boot at all on some machines, it didn't cause any real problems. Kevin Kofler +100 -- Stephen Clark *NetWolves* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com N�n�r)em�h�yhiם�w^�� +100 -- Paul Richardson * p.g.richard...@phantomjinx.co.uk * pgrichard...@linux.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, Jun 1, 2012 at 5:36 AM, Bryn M. Reeves b...@redhat.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/31/2012 10:42 PM, Adam Williamson wrote: On Thu, 2012-05-31 at 15:07 -0400, Gerry Reno wrote: Yes, all these would currently support what I'm suggesting. Actually, if you're willing to flip a lot of switches, you could probably make your / a raid5 of floppies, but the performance would be suboptimal. -J Ok, now you're just being silly. Behold: http://www.wired.com/gadgetlab/2009/05/five-disk-floppy-raid-4mb-of-blistering-fast-storage/ Hey, you might be joking but I used to demo MD RAID in Red Hat classes using a dinky little 4-port USB1 hub (with a Shadowman logo) and four Red Hat branded USB keys. Worked great :-) Actually, with enough PCI USB port cards, USB hubs, and thumb drives, you could use MD RAID and possibly LVM to make a poor-person's SAN. Hot-swappable drives and all. -J Regards, Bryn. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/ImxUACgkQ6YSQoMYUY96GcgCg0Hl2mIPTJRx4wPUujN4fPVex fL8An1E/1Gd6DQwgzC36hXm2HFk6mCbX =xv75 -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel -- http://cecinestpasunefromage.wordpress.com/ in your fear, seek only peace in your fear, seek only love -d. bowie -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/01/2012 01:51 PM, Jon Ciesla wrote: Actually, with enough PCI USB port cards, USB hubs, and thumb drives, you could use MD RAID and possibly LVM to make a poor-person's SAN. Hot-swappable drives and all. And with LIO in the kernel you can even export it over fibre channel or FCoE! Happy days! :) Bryn. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/IvrEACgkQ6YSQoMYUY94nOACgszBwn4D4EHl3oWakWXx/XOMH RpMAn2RKxav49G3/pnXx3UqK7rmcaFV8 =ndBc -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
drago01 wrote: The advantages is that things just work (tm). They just work as long as you don't try to actually exercise one of the freedoms we stand for. Or even just install an out-of-tree kernel module such as the ones from RPM Fusion. I don't think this is something we should endorse, also because our endorsement may entice M$ to change away from the current situation (Secure Boot optional) which is certainly a compromise in their eyes. No one will stop you (or anyone else) from disabling it. It's as easy as setting an option in the firmware (BIOS) setup, so I don't see why we can't just require it from everyone. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, 1 Jun 2012 12:21:36 +0200 Michael scherer m...@zarb.org wrote: On Thu, May 31, 2012 at 01:55:35PM -0500, Chris Adams wrote: Once upon a time, Peter Jones pjo...@redhat.com said: That's why we didn't simply ask vendors to ship our key. That would be /less/ equitable to other distributions than the solution we're looking at right now. Has any thought been given to setting up group between various Open Source distributions (Linux, BSD) to be a Secure Boot signer (with security-oriented rules about what gets signed, probably similar to whatever Microsoft is using today) and then getting vendors to include the master key along site Microsoft's? The last attempt to do something similar I can think of would be cacert. Afaik, they are still being audited to be added to Firefox, and i think they would be happy to explain all the issues they faced on that road. Well, I'm a bit skeptical there, since they can't even license their ca stuff such that Fedora can actually distribute it. ;( kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, 2012-06-01 at 03:14 +0200, Kevin Kofler wrote: Chris Adams wrote: - Secure boot is required to be able to be disabled on x86 (the only platform Fedora will support it). And this is exactly why we should just require our users to disable it! I don't want to jump in the technicality of this discussion, but I can only hope any solution that *requires* users to fiddle with BIOS settings in order to install Fedora won't be seriously considered as viable. Regards, Cosimo -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 11:18 AM, Cosimo Cecchi wrote: On Fri, 2012-06-01 at 03:14 +0200, Kevin Kofler wrote: Chris Adams wrote: - Secure boot is required to be able to be disabled on x86 (the only platform Fedora will support it). And this is exactly why we should just require our users to disable it! I don't want to jump in the technicality of this discussion, but I can only hope any solution that *requires* users to fiddle with BIOS settings in order to install Fedora won't be seriously considered as viable. Regards, Cosimo The better solution would be for users for want SecureBoot to have to set it in the BIOS. It should be disabled by default. Windows is the OS with all the attack vectors open. Users of every other OS should not be hostage to this SecureBoot by default. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 08:30 AM, Gerry Reno wrote: The better solution would be for users for want SecureBoot to have to set it in the BIOS. It should be disabled by default. Windows is the OS with all the attack vectors open. Users of every other OS should not be hostage to this SecureBoot by default. You say this as if we have any control over this, whatsoever. The vast majority of PCs on the market are designed to run Windows. They come with Windows pre-installed. In order to come with Windows 8 pre-installed, they will have to enable secure boot at the factory. There is no stopping this. -- Jesse Keating Fedora -- Freedom² is a feature! -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Cosimo Cecchi wrote: I don't want to jump in the technicality of this discussion, but I can only hope any solution that requires users to fiddle with BIOS settings in order to install Fedora won't be seriously considered as viable. Sorry, but it's the ONLY viable solution. Any solution that removes users' freedom (and that's the case of ANY solution which leaves Secure Boot enabled) cannot be seriously considered as viable. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Once upon a time, Gerry Reno gr...@verizon.net said: The better solution would be for users for want SecureBoot to have to set it in the BIOS. It should be disabled by default. Windows is the OS with all the attack vectors open. Users of every other OS should not be hostage to this SecureBoot by default. As has been repeatedly shown, Windows is the common attack vector in large part because it is the widest deployed system, and users (of any OS) are idiots that will click Ok if you give them a pop-up that says I'm going to delete all your files right now. Linux gets a high number of attacks as well, but mostly in the server space today (password scanning on SSH, POP3, IMAP, SMTP AUTH, and common web hosting control panels such as Plesk and cPanel). PHP and common PHP packages (such as phpBB) have had vulnerabilities that get leveraged to attack the underlying OS. There's a reason Fedora has things like chkrootkit and rkhunter. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Gerry Reno wrote: The better solution would be for users for want SecureBoot to have to set it in the BIOS. It should be disabled by default. Windows is the OS with all the attack vectors open. Users of every other OS should not be hostage to this SecureBoot by default. While I couldn't agree more, unfortunately, that isn't up to us to decide. The decision is theoretically up to the hardware vendors, and in practice their hands are tied by M$'s logo requirements. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, Jun 1, 2012 at 3:30 PM, Kevin Kofler kevin.kof...@chello.at wrote: drago01 wrote: The advantages is that things just work (tm). They just work as long as you don't try to actually exercise one of the freedoms we stand for. Which one? Or even just install an out-of-tree kernel module such as the ones from RPM Fusion. You can disable secure boot (unless we find a better solution) ... adding secure boot support won't make this any harder. I don't think this is something we should endorse, also because our endorsement may entice M$ to change away from the current situation (Secure Boot optional) which is certainly a compromise in their eyes. I doubt that but well we both can't know that beforehand so this point is moot. No one will stop you (or anyone else) from disabling it. It's as easy as setting an option in the firmware (BIOS) setup, so I don't see why we can't just require it from everyone. It is easy for you, for me, for pretty much everyone on this mailing list but there are different types of users out there. And you effectively want to limit those users to a proprietary OS (they cannot even try our live images anymore). -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, Jun 1, 2012 at 5:40 PM, Kevin Kofler kevin.kof...@chello.at wrote: Cosimo Cecchi wrote: I don't want to jump in the technicality of this discussion, but I can only hope any solution that requires users to fiddle with BIOS settings in order to install Fedora won't be seriously considered as viable. Sorry, but it's the ONLY viable solution. Any solution that removes users' freedom (and that's the case of ANY solution which leaves Secure Boot enabled) cannot be seriously considered as viable. Secureboot support does *NOT* limit your freedom as long as it is optional (the default setting does not matter). You are either making more complex for everyone or for those that want do develop kernel development, run out of tree drivers etc. In case enabled secureboot is the only option (i.e we somehow refuse to boot with it disabled) then (and only then) you can talk about removed freedom otherwise this is just FUD. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Gregory Maxwell wrote: My understanding is that some of the relevant legal minds believe that Microsoft's you can disable it concession forecloses the possibility of a successful legal attack on this— the law may care about the anti-competativeness of this stuff, but not so much as to care about a $99 signing key or some minor install time hurdle. (and the fact that fedora is willing to plan this probably justifies this position). It was arguably a strategic error to blow the whistle in advance and give Microsoft time to compromise. Their first attempt was much more likely to have created a civil cause of action as well as to have run afoul on antitrust grounds. But I can hardly blame anyone for trying. Hindsight 20/20 and all that. If having the option to disable the crap even if it's enabled by default is sufficient to not be anti-competitive, then they would have done just that after being sued. So I don't think letting them go the most restrictive possible way and then sueing would have been any more effective than what actually happened. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, 2012-06-01 at 17:54 +0200, drago01 wrote: On Fri, Jun 1, 2012 at 5:40 PM, Kevin Kofler kevin.kof...@chello.at wrote: Cosimo Cecchi wrote: I don't want to jump in the technicality of this discussion, but I can only hope any solution that requires users to fiddle with BIOS settings in order to install Fedora won't be seriously considered as viable. Sorry, but it's the ONLY viable solution. Any solution that removes users' freedom (and that's the case of ANY solution which leaves Secure Boot enabled) cannot be seriously considered as viable. Secureboot support does *NOT* limit your freedom as long as it is optional (the default setting does not matter). The point I'm trying to make is the default setting might actually be the most important thing that matters when it comes to new users that want to install Fedora. - You need to disable SecureBoot in the BIOS settings in order to install Fedora - BIOS settings? What's that? Oh a blueish DOS-like command-line thing? Freaky. Disable SecureBoot? Why on earth would I want to make my system less secure? *screw this Linux thing* Cosimo -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Peter Jones wrote: Next year if we don't implement some form of Secure Boot support, the majority of Fedora users will not be able to install Fedora on new machines. Nonsense. They will be able to install it very easily, they just need to set a single boolean in their BIOS setup from Enabled to Disabled. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Peter Jones wrote: Nothing is being swept under the rug here. You have the same access to the mailing list as I do. We're looking for ideas, and we're putting forth a plan that we're willing to implement. If you can come up with a better idea, that would be wonderful. The better idea is the obvious one: Just have your users disable the crappy feature in their firmware. (It's required to be optional even my M$.) Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 11:30 AM, Gerry Reno wrote: The better solution would be for users for want SecureBoot to have to set it in the BIOS. It should be disabled by default. I do not disagree with you. Microsoft does. They have the influence over the hardware OEMs. We do not. They are forcing the OEMs to enable it by default. Feel free to tell your OEM vendor to disable it by default. They will not get that hardware Windows 8 Certified, won't be able to OEM preload Windows 8 on it, if they disable it by default. Who do you think they are going to go with at the end of the day? Now, let us operate on the assumption that SecureBoot is enabled by default, and that the majority of PCs are going to come with Windows 8 pre-installed. Do we want to support dual-booting with Windows 8? Microsoft describes SecureBoot enablement as Required for Windows 8 client [1]? What does that mean? We're not sure. At best, it means that BitLocker isn't going to work, at worst, big chunks of Windows 8 functionality will simply refuse to function until you turn SecureBoot back on. Microsoft isn't even planning on supporting dual-booting of Windows 7 and Windows 8: If you are dual booting, it depends on whether you are booting into another trusted operating system, van der Hoeven said. One discussion we are having is…[with] this first firmware OK boot manager OK handshake, you can't have a version of that that works with Windows 7. Windows 7 doesn't have the ability to check firmware. The firmware can check and make sure it is assigned a Windows 7 boot loader. Truly, right now today, if you want to have secure boot and you want to dual boot Windows 8 and Windows 7, you need to turn secure boot off in firmware. We are thinking about having a way that you can go ahead and make that work, but that's not POR [plan of record] today. [2] So, if we want to be able to provide a dual-boot configuration with Windows 8 (fully functional) and Fedora, how do we do it? Matthew has come up with a way. And if you don't care about dual-booting or SecureBoot, turn it off in the UEFI Firmware, and Fedora continues to work just as it did before. It's not an all-or-nothing approach. But I think it is short-sighted (and arrogant of us) to simply say to people who have no idea what UEFI stands for, Hey, this Fedora isn't for you, go find someone smart enough to help you. We include wireless device firmware even though it isn't free. And we don't like doing that, but it is the only way to get wireless support out of the box in Fedora. We're proposing providing a signed bootloader to enable Fedora to run in SecureBoot environments, even though it is immensely distasteful and questionably non-free. And we don't like doing that, but it is the only way we've come up with to get Fedora support out of the box on the next generation of hardware. If you can come up with a better way to boot Fedora on SecureBoot enabled hardware, we're all listening. ~tom == Fedora Project [1]: http://video.ch9.ms/build/2011/slides/HW-457T_van_der_Hoeven.pptx [2]: http://redmondmag.com/articles/2011/09/23/windows-8-dual-boot-possible-if-secure-boot-disabled.aspx -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 12:07 PM, Kevin Kofler wrote: Peter Jones wrote: Next year if we don't implement some form of Secure Boot support, the majority of Fedora users will not be able to install Fedora on new machines. Nonsense. They will be able to install it very easily, they just need to set a single boolean in their BIOS setup from Enabled to Disabled. Kevin Kofler And what happens to all the people who now dual-boot both Linux and Windows. How can you boot Windows w/SecureBoot and Linux w/o SecureBoot? . -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Peter Jones wrote: On 05/31/2012 11:47 AM, Gregory Maxwell wrote: Is this all set in stone? No. We've spent some time thinking about all of this and are happy that we can implement it in the Fedora 18 timescale, but there's always the possibility that we've missed something or that a new idea will come up. If we can increase user freedom without making awful compromises somewhere else then we'll do it. This, I believe, is Matthew's way of saying that this is not all set in stone, and that we'd encourage you to come up with better ideas because we don't like this all that much. But why are you making this decision in the first place? This: 1. is a technical decision which affects the entirety of Fedora, and thus MUST go through a FESCo vote to be implemented, AND 2. affects the core values of Fedora, and thus MUST go through a Board vote to be implemented. It is not acceptable that the kernel and GRUB maintainers are trying to sneak this in through the backdoor with no mandate whatsoever from our governance structure. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Adam Jackson wrote: False. Quoting from Matthew's original post: A system in custom mode should allow you to delete all existing keys and replace them with your own. After that it's just a matter of re-signing the Fedora bootloader (like I said, we'll be providing tools and documentation for that) and you'll have a computer that will boot Fedora but which will refuse to boot any Microsoft code. Removing the M$ key is not viable because the firmware on some peripheral hardware will be signed only with the M$ key. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, 01 Jun 2012 18:13:32 +0200 Kevin Kofler kevin.kof...@chello.at wrote: But why are you making this decision in the first place? What decision ? They explained the issues and problem and came up with what they would recommend we do. No decision has been made. This: 1. is a technical decision which affects the entirety of Fedora, and thus MUST go through a FESCo vote to be implemented, AND 2. affects the core values of Fedora, and thus MUST go through a Board vote to be implemented. It is not acceptable that the kernel and GRUB maintainers are trying to sneak this in through the backdoor with no mandate whatsoever from our governance structure. I honestly don't know what to say to you here... did you bother to actually read the post? There's no sneaking, no decision, this is just bringing the issue up for feedback. There will be a feature for FESCo, there will be voting, all that stuff. Perhaps someone will come up with a better solution by then. Attacking them for this as sneak this in through the backdoor is insulting. kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Debarshi Ray wrote: By the way, I am assuming that you know that one can't modify Firefox and redistribute it as Firefox without certification. I've been pointing out this issue in several threads. That's exactly why Fedora should finally follow Debian's lead and just rename Firefox. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 12:10 PM, Gerry Reno wrote: On 06/01/2012 12:07 PM, Kevin Kofler wrote: Peter Jones wrote: Next year if we don't implement some form of Secure Boot support, the majority of Fedora users will not be able to install Fedora on new machines. Nonsense. They will be able to install it very easily, they just need to set a single boolean in their BIOS setup from Enabled to Disabled. Kevin Kofler And what happens to all the people who now dual-boot both Linux and Windows. How can you boot Windows w/SecureBoot and Linux w/o SecureBoot? . How are you going to dual-boot: Windows-8 and Windows-7 Windows-8 and Windows-XP Windows-8 and Windows 2008 Server Windows-8 and Fedora 16 Windows-8 and Fedora 17 Windows-8 and Fedora 18 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 12:30 PM, Kevin Kofler wrote: Debarshi Ray wrote: By the way, I am assuming that you know that one can't modify Firefox and redistribute it as Firefox without certification. I've been pointing out this issue in several threads. That's exactly why Fedora should finally follow Debian's lead and just rename Firefox. Kevin Kofler It's not going to matter b/c Chrome is eating Firefox lunch as far as market share. . -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Peter Jones wrote: I can see the loss of freedom, and I find it unfortunate, but despite what you've said above, you *are* distorting it. There's nothing you won't be able to do that you could do before. Doing it the same way will be harder than it was. Then why are we not just requiring those steps from everyone? Steps: 1. Disable Secure Boot (link to FSF explanation on what it really is) 2. Install Fedora Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 12:10 PM, Gerry Reno wrote: On 06/01/2012 12:07 PM, Kevin Kofler wrote: Peter Jones wrote: Next year if we don't implement some form of Secure Boot support, the majority of Fedora users will not be able to install Fedora on new machines. Nonsense. They will be able to install it very easily, they just need to set a single boolean in their BIOS setup from Enabled to Disabled. Kevin Kofler And what happens to all the people who now dual-boot both Linux and Windows. How can you boot Windows w/SecureBoot and Linux w/o SecureBoot? . How are you going to dual-boot: Windows-8 and Windows-7 Windows-8 and Windows-XP Windows-8 and Windows 2008 Server Windows-8 and Fedora 16 Windows-8 and Fedora 17 Windows-8 and Fedora 18 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
By the way, I am assuming that you know that one can't modify Firefox and redistribute it as Firefox without certification. I've been pointing out this issue in several threads. That's exactly why Fedora should finally follow Debian's lead and just rename Firefox. Cool. Why not? But then, you also know that trademarks have no bearing on software freedom. Right? ;-) Happy hacking, Debarshi -- KR is like the Bible. The fervent read it from end to end, the religious keep a copy. -- Arjun Shankar pgpXt4GEE8zCj.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Gerry Reno wrote: How are you going to dual-boot: Windows-8 and Windows-7 Windows-8 and Windows-XP Windows-8 and Windows 2008 Server Windows-8 and Fedora 16 Windows-8 and Fedora 17 Windows-8 and Fedora 18 You can't without changing the settings each time (or cracking Window$ 8 to remove the Secure Boot requirement, if such a patch comes out). But that's M$'s fault. As you already pointed out, it also affects multi-boots of different versions of their own OS. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, Jun 01, 2012 at 06:16:37PM +0200, Kevin Kofler wrote: Adam Jackson wrote: False. Quoting from Matthew's original post: A system in custom mode should allow you to delete all existing keys and replace them with your own. After that it's just a matter of re-signing the Fedora bootloader (like I said, we'll be providing tools and documentation for that) and you'll have a computer that will boot Fedora but which will refuse to boot any Microsoft code. Removing the M$ key is not viable because the firmware on some peripheral hardware will be signed only with the M$ key. It may be a little more awkward for desktops because you may have to handle the Microsoft-signed UEFI drivers on your graphics and network cards, but this is also solvable. I'm looking at ways to implement a tool to allow you to automatically whitelist the installed drivers. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 12:45 PM, Matthew Garrett wrote: On Fri, Jun 01, 2012 at 06:16:37PM +0200, Kevin Kofler wrote: Adam Jackson wrote: False. Quoting from Matthew's original post: A system in custom mode should allow you to delete all existing keys and replace them with your own. After that it's just a matter of re-signing the Fedora bootloader (like I said, we'll be providing tools and documentation for that) and you'll have a computer that will boot Fedora but which will refuse to boot any Microsoft code. Removing the M$ key is not viable because the firmware on some peripheral hardware will be signed only with the M$ key. It may be a little more awkward for desktops because you may have to handle the Microsoft-signed UEFI drivers on your graphics and network cards, but this is also solvable. I'm looking at ways to implement a tool to allow you to automatically whitelist the installed drivers. We are all, Microsoft included, headed for signature-HELL. This is going to gum up the entire x86 hardware ecosystem to such a point and Microsoft will rue the day they ever dreamt up this nonsense. . -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
drago01 wrote: On Fri, Jun 1, 2012 at 3:30 PM, Kevin Kofler wrote: They just work as long as you don't try to actually exercise one of the freedoms we stand for. Which one? The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). The freedom to distribute copies of your modified versions to others (freedom 3). http://www.gnu.org/philosophy/free-sw.en.html It's as easy as setting an option in the firmware (BIOS) setup, so I don't see why we can't just require it from everyone. It is easy for you, for me, for pretty much everyone on this mailing list but there are different types of users out there. And you effectively want to limit those users to a proprietary OS (they cannot even try our live images anymore). Just include instructions on how to disable Secure Boot on the common firmware types (on the website, and on the cover of the DVDs we hand out at events). There are only a handful BIOS vendors, I don't expect this to change much with UEFI. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Tom Callaway wrote: Do we want to support dual-booting with Windows 8? Microsoft describes SecureBoot enablement as Required for Windows 8 client [1]? What does that mean? We're not sure. At best, it means that BitLocker isn't going to work, at worst, big chunks of Windows 8 functionality will simply refuse to function until you turn SecureBoot back on. You are assuming here that there will not be some cracker (or even just some frustrated dual boot user) patching this requirement out of Window$ 8 (no matter whether doing that is legal or not). (See what has been done to OS X and its restriction to Apple hardware only.) The problem there is clearly on the Window$ side, nothing we can or should do about it. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On 06/01/2012 12:55 PM, Kevin Kofler wrote: Tom Callaway wrote: Do we want to support dual-booting with Windows 8? Microsoft describes SecureBoot enablement as Required for Windows 8 client [1]? What does that mean? We're not sure. At best, it means that BitLocker isn't going to work, at worst, big chunks of Windows 8 functionality will simply refuse to function until you turn SecureBoot back on. You are assuming here that there will not be some cracker (or even just some frustrated dual boot user) patching this requirement out of Window$ 8 (no matter whether doing that is legal or not). (See what has been done to OS X and its restriction to Apple hardware only.) wHackindows-8 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
drago01 wrote: Secureboot support does *NOT* limit your freedom as long as it is optional (the default setting does not matter). Then why are we bothering to support it in the first place? Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, Jun 01, 2012 at 06:32:25PM +0200, Kevin Kofler wrote: Peter Jones wrote: I can see the loss of freedom, and I find it unfortunate, but despite what you've said above, you *are* distorting it. There's nothing you won't be able to do that you could do before. Doing it the same way will be harder than it was. Then why are we not just requiring those steps from everyone? Steps: 1. Disable Secure Boot (link to FSF explanation on what it really is) 2. Install Fedora Because the entire excercise is to allow Fedora install without tinkering with firmware settings. It had to just work, even for people who never ever pressed F2/Del during POST in their entire life. -- Tomasz Torcz RIP is irrevelant. Spoofing is futile. xmpp: zdzich...@chrome.pl Your routes will be aggreggated. -- Alex Yuriev -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Cosimo Cecchi wrote: The point I'm trying to make is the default setting might actually be the most important thing that matters when it comes to new users that want to install Fedora. - You need to disable SecureBoot in the BIOS settings in order to install Fedora - BIOS settings? What's that? Oh a blueish DOS-like command-line thing? Freaky. We just need to provide a step-by-step guide for fixing your firmware settings. Disable SecureBoot? Why on earth would I want to make my system less secure? *screw this Linux thing* We just need to link to the FSF's explanation of what Secure Boot is really about, and/or write up our own. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, 2012-06-01 at 12:10 -0400, Tom Callaway wrote: We include wireless device firmware even though it isn't free. And we don't like doing that, but it is the only way to get wireless support out of the box in Fedora. Tiny nit: no, it isn't. We could always write free firmware. This isn't impossible, as openfwwf shows. I think the drawing of some kind of comparison between wireless firmware and secure boot is one of the weaker strands of argument the Pro Faction is coming up with, to be honest. It seems to entirely ignore our justification for why non-free firmware is 'okay' - that it's not executed on the host processor. Last I checked, SecureBoot is. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
On Fri, Jun 1, 2012 at 11:58 AM, Kevin Kofler kevin.kof...@chello.at wrote: Cosimo Cecchi wrote: The point I'm trying to make is the default setting might actually be the most important thing that matters when it comes to new users that want to install Fedora. - You need to disable SecureBoot in the BIOS settings in order to install Fedora - BIOS settings? What's that? Oh a blueish DOS-like command-line thing? Freaky. We just need to provide a step-by-step guide for fixing your firmware settings. For all available firmware vendors and models? -J Disable SecureBoot? Why on earth would I want to make my system less secure? *screw this Linux thing* We just need to link to the FSF's explanation of what Secure Boot is really about, and/or write up our own. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel -- http://cecinestpasunefromage.wordpress.com/ in your fear, seek only peace in your fear, seek only love -d. bowie -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
It will be interesting to see how Apple implements Secure Boot on their hardware. Historically their firmwares are not user configurable at all. I will be supremely shocked if they allow user or 3rd party installable keys, rather than only Apple and Microsoft keys, let alone the ability for the user to disable Secure Boot. iOS devices presently use a form of secure boot. There's every reason to believe Apple will eventually do this on their Mac OS devices. Is UEFI Secure Boot really the only way to prevent the problem it attempts to solve, and if so, what about the plethora of BIOS hardware in the world today, still even shipping as new systems? They're all unacceptably exposed? Really? Chris Murphy -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: *countable infinities only
Tomasz Torcz wrote: Because the entire excercise is to allow Fedora install without tinkering with firmware settings. And my whole point is that our core freedoms are much more important than this extremely minor convenience. (The required tinkering is trivial.) It had to just work, even for people who never ever pressed F2/Del during POST in their entire life. Says who? And there's always a first time. :-) Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel