Re: Is this something we (as consumers of FreeBSD) need to be aware of?
UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. simply do not support it. As long as they are users of Fedora (as well as FreeBSD and other FREE software) there will be hardware available. Possibly the right time for non-wintel hardware to emerge. it isn't already better and cheaper only because of economy of scale - PCs are still produced by millions. But less and less, PC market is already falling. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
If you read Fedora's page they were planning to tighten their boot sequence to then only boot their approved binary kernels. Save your old copies of lilo and grub. You're gonna need them if you want to stay on Intel Mafioso hardware. Risk of key revocation later If hardware manufacturer ships new bios or uefi, or user upgrades to new UEFI (eg I as a user must upgrade a uefi soon as a laptop overheats). + if MS get away with this intrusion, next they'll consider requiring a Call Home demon No, this doesn't run on the OS. It runs from UEFI in the BIOS. Internet connectivity is already part of the UEFI spec. Your box doesn't even to have to be running. As long as it's plugged in, you're at their beck and call. Say NO to the WinTel Mafia! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, Jun 5, 2012 at 8:19 PM, Kurt Buff kurt.b...@gmail.com wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. Kurt I'm not sure I understand the issue, but this is my take on it so far: 1. What's preventing the makers of boot loaders like GRUB (which can also boot FreeBSD) from getting a certificate ONCE? And if they have one, what's preventing them from loading ANY kernel at all? It is only the first stage boot loader that needs to be signed, or not? 2. What's preventing anyone of us in the EU from stepping up efforts with the EU Commission and the EU Parliament to stop Microsoft from monopolizing the ARM (and later x86) platforms, i.e. by becoming the only gatekeepers? After all, EU sovereign states and their economies can't depend on a US corporation having a global kill switch to their whole infrastructure. We're not just talking about Windows dominance here, but a lot more: dominance on the whole hardware segment. I'm pretty sure this scheme is highly anti-competitive, and I guess it runs afoul of a lot of already existing EU regulations. -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Hi, Reference: From: C. P. Ghost cpgh...@cordula.ws Date: Thu, 14 Jun 2012 09:51:46 +0200 Message-id: CADGWnjW2LnrtOiXFzWFk9btMaeJhmOTxdZ7ScymY=qgme_c...@mail.gmail.com C. P. Ghost wrote: On Tue, Jun 5, 2012 at 8:19 PM, Kurt Buff kurt.b...@gmail.com wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. Kurt I'm not sure I understand the issue, but this is my take on it so far: 1. What's preventing the makers of boot loaders like GRUB (which can also boot FreeBSD) from getting a certificate ONCE? And if they have one, what's preventing them from loading ANY kernel at all? If you read Fedora's page they were planning to tighten their boot sequence to then only boot their approved binary kernels. Not that others ( eg us) would have to, presumably we could leave it wide open (aside of terms of purchase see discussion earlier in thread), (aside of risk of key revocation on some hardware manufacturers) Risk of key revocation later If hardware manufacturer ships new bios or uefi, or user upgrades to new UEFI (eg I as a user must upgrade a uefi soon as a laptop overheats). + if MS get away with this intrusion, next they'll consider requiring a Call Home demon (that could also run on *UX, I guess they'd be pleased to provide source free of charge for that next stage entrapment ! ;-) that all PC users must run periodicaly, to update UEFI table with new revised list of authorised keys. It is only the first stage boot loader that needs to be signed, or not? Far as I've read, yes. I wasn't sure about AMD so I looked here: /usr/ports/sysutils/grub/Makefile ONLY_FOR_ARCHS= i386 http://www.gnu.org/software/grub/grub-faq.html (Re Grub 2) The current release is working on Intel/AMD PCs, OpenFirmware-based PowerPC machines (PowerMac and Pegasos), EFI-based PC (IntelMac) and coreboot (formerly, LinuxBIOS), and is being ported to UltraSparc. 2. What's preventing anyone of us in the EU from stepping up efforts with the EU Commission and the EU Parliament to stop Microsoft from monopolizing the ARM (and later x86) platforms, i.e. by becoming the only gatekeepers? After all, EU sovereign states and their economies can't depend on a US corporation having a global kill switch to their whole infrastructure. We're not just talking about Windows dominance here, but a lot more: dominance on the whole hardware segment. I'm pretty sure this scheme is highly anti-competitive, and I guess it runs afoul of a lot of already existing EU regulations. I think we will need to contact the EU, hence assembling URLs first: http://berklix.org/uefi/ Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, indent with . Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
If you read Fedora's page they were planning to tighten their boot sequence to then only boot their approved binary kernels. Save your old copies of lilo and grub. You're gonna need them if you want to stay on Intel Mafioso hardware. Risk of key revocation later If hardware manufacturer ships new bios or uefi, or user upgrades to new UEFI (eg I as a user must upgrade a uefi soon as a laptop overheats). + if MS get away with this intrusion, next they'll consider requiring a Call Home demon No, this doesn't run on the OS. It runs from UEFI in the BIOS. Internet connectivity is already part of the UEFI spec. Your box doesn't even to have to be running. As long as it's plugged in, you're at their beck and call. Say NO to the WinTel Mafia! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
In freebsd-questions Digest, Vol 418, Issue 19, Message: 23 On Sun, 10 Jun 2012 16:56:49 -0400 Jerry je...@seibercom.net wrote: On Sun, 10 Jun 2012 22:06:26 +0200 Julian H. Stacey articulated: [..] As a start here's : http://berklix.org/uefi/ URLs welcome. Contact names welcome. Volunteers welcome. It is posts like this that basically turn my stomach. A product, any product, should succeed or fail based on its own merits and not because some government agency aided or thwarted it. Most, it not nearly all PC manufacturers exist solely because of Microsoft. The PC market balloons every time Microsoft releases a new version of Windows. Seriously now, how many PC were sold because FreeBSD released version 9 of its OS? If you want to beat someone, you make a better product. You don't go running to your mamma asking for protection. That stinks of socialism/fascism. The UEFI specification has existed for years. Supposedly, Linux has been capable of using it for 8+ years. I have no idea if FreeBSD is even capable of handling it. It wouldn't surprise me it if couldn't though. What this really tells me is that there has been way to much procrastination by the FOSS. Microsoft simply took advantage of an existing standard (remember standards something the FOSS is always crying about) and now FOSS is begging for mercy. This is more than just slightly funny, it is pathetic. If 1% of the effort of spreading this BS over UEFI had gone into working on a solution for UEFI two years ago, we wouldn't be having this discussion at all. I'vw been wondering when this topic would summon our longest-serving resident troll for Microsoft out of the woodwork for a proper full-tilt rant, replete with inimitable socialism/fascism jibe. Gotta love it! Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote: It is fairly easy to understand both sides in this discussion. When Microsoft supporters refer to open-source software as open-sore or socialist-software the FOSS community becomes enraged. However, when the open-source community retaliates it is considered acceptable. Quite frankly I read far more Microsoft based forums than open-source based ones and I can say without a doubt, at least in my experience, Microsoft proponents never attack open-source with the venomous hatred that open-source attacks Microsoft. In fact, the majority of Microsoft users that I know could not care less about what they consider an overly burdensome (geeky) open-source operating system. The whole argument can probably be boiled do to this: Disparaging other operating systems (Microsoft) and pointing out its failures is beneficial, constructive and therapeutic. Pointing out problems and failures regarding your own OS is destructive and flame bait. Perhaps you're spending too much time in the community venues of open source software projects. In communities devoted to use of software peddled by Microsoft, the reverse would be true, and this seems to me not the least bit surprising, or even particularly inappropriate. When you stroll into a venue where it can reasonably be assumed there is a general consensus position of favoring one thing over another (such as a sports bar in Colorado, which would likely favor the Broncos over the Raiders), then start loudly proclaiming the evils of the favored thing relative to the unfavored (such as talking about how much better the Raiders are than the Broncos, and how the Broncos fans are all a bunch of pansy whiners, as you tend to do about open source software users and advocates while you're hanging out here on a FreeBSD mailing list), what you are contributing to the discussion may quite understandably be called flamebait. Expressing surprise that someone would apply such a label in these circumstances is, in my estimation, at least disingenuous if not wholly ludicrous, directly deceptive, and/or frankly dumb. I, for one, generally try to avoid saying nonfactually disparaging things about Microsoft or (especially) users of software peddled by Microsoft in venues like this mailing list, in part because it's a bit unsportsmanlike, and in part because it doesn't really contribute anything positive. It's kind of mind-boggling that people like you make no evident effort to avoid saying disparaging things about FreeBSD and its users in venues like this mailing list, where it's trollish, does not contribute anything positive, and directly offends large numbers of people subscribed to the list. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Mon, 11 Jun 2012 10:11:11 -0600 Chad Perrin articulated: On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote: It is fairly easy to understand both sides in this discussion. When Microsoft supporters refer to open-source software as open-sore or socialist-software the FOSS community becomes enraged. However, when the open-source community retaliates it is considered acceptable. Quite frankly I read far more Microsoft based forums than open-source based ones and I can say without a doubt, at least in my experience, Microsoft proponents never attack open-source with the venomous hatred that open-source attacks Microsoft. In fact, the majority of Microsoft users that I know could not care less about what they consider an overly burdensome (geeky) open-source operating system. The whole argument can probably be boiled do to this: Disparaging other operating systems (Microsoft) and pointing out its failures is beneficial, constructive and therapeutic. Pointing out problems and failures regarding your own OS is destructive and flame bait. Perhaps you're spending too much time in the community venues of open source software projects. In communities devoted to use of software peddled by Microsoft, the reverse would be true, and this seems to me not the least bit surprising, or even particularly inappropriate. When you stroll into a venue where it can reasonably be assumed there is a general consensus position of favoring one thing over another (such as a sports bar in Colorado, which would likely favor the Broncos over the Raiders), then start loudly proclaiming the evils of the favored thing relative to the unfavored (such as talking about how much better the Raiders are than the Broncos, and how the Broncos fans are all a bunch of pansy whiners, as you tend to do about open source software users and advocates while you're hanging out here on a FreeBSD mailing list), what you are contributing to the discussion may quite understandably be called flamebait. Expressing surprise that someone would apply such a label in these circumstances is, in my estimation, at least disingenuous if not wholly ludicrous, directly deceptive, and/or frankly dumb. Your paranoia is kicking in again isn't it Chad. Anyway, to address your sports analogy, if I walk into a NY City bar and enter into a discussion regarding the pros and cons of the Jets VS Giants, which in itself is ridiculous since neither is actually located in NY, and blatantly scream out that the (Jets of Giants -- you pick) are a bunch of mother-fucking, wife beating pedophiles, I think you would agree, unless you happen to belong to that group, that I have gone way over the top in my team assessment. There is a major difference between criticizing and defamation. Perhaps someday you will learn the difference. For the record, I have never heard of anyone using the term mafia while referring to the FOSS. Then again, the Mafia is a highly organized operation. I might also add that many people of Italian descent consider the term mafia offensive. I, for one, generally try to avoid saying nonfactually disparaging things about Microsoft or (especially) users of software peddled by Microsoft in venues like this mailing list, in part because it's a bit unsportsmanlike, and in part because it doesn't really contribute anything positive. It's kind of mind-boggling that people like you make no evident effort to avoid saying disparaging things about FreeBSD and its users in venues like this mailing list, where it's trollish, does not contribute anything positive, and directly offends large numbers of people subscribed to the list. When was this election held Chad? I am referring to the one that appointed you list spokesperson. In any case, you make an interesting statement without offering any documentation. Are you a politician Chad? I was inquiring because you seem to like making sound bites sans substance. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Mon, Jun 11, 2012 at 12:59:46PM -0400, Jerry wrote: On Mon, 11 Jun 2012 10:11:11 -0600 Chad Perrin articulated: On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote: It is fairly easy to understand both sides in this discussion. When Microsoft supporters refer to open-source software as open-sore or socialist-software the FOSS community becomes enraged. However, when the open-source community retaliates it is considered acceptable. Quite frankly I read far more Microsoft based forums than open-source based ones and I can say without a doubt, at least in my experience, Microsoft proponents never attack open-source with the venomous hatred that open-source attacks Microsoft. In fact, the majority of Microsoft users that I know could not care less about what they consider an overly burdensome (geeky) open-source operating system. The whole argument can probably be boiled do to this: Disparaging other operating systems (Microsoft) and pointing out its failures is beneficial, constructive and therapeutic. Pointing out problems and failures regarding your own OS is destructive and flame bait. Perhaps you're spending too much time in the community venues of open source software projects. In communities devoted to use of software peddled by Microsoft, the reverse would be true, and this seems to me not the least bit surprising, or even particularly inappropriate. When you stroll into a venue where it can reasonably be assumed there is a general consensus position of favoring one thing over another (such as a sports bar in Colorado, which would likely favor the Broncos over the Raiders), then start loudly proclaiming the evils of the favored thing relative to the unfavored (such as talking about how much better the Raiders are than the Broncos, and how the Broncos fans are all a bunch of pansy whiners, as you tend to do about open source software users and advocates while you're hanging out here on a FreeBSD mailing list), what you are contributing to the discussion may quite understandably be called flamebait. Expressing surprise that someone would apply such a label in these circumstances is, in my estimation, at least disingenuous if not wholly ludicrous, directly deceptive, and/or frankly dumb. Your paranoia is kicking in again isn't it Chad. Anyway, to address your sports analogy, if I walk into a NY City bar and enter into a discussion regarding the pros and cons of the Jets VS Giants, which in itself is ridiculous since neither is actually located in NY, and blatantly scream out that the (Jets of Giants -- you pick) are a bunch of mother-fucking, wife beating pedophiles, I think you would agree, unless you happen to belong to that group, that I have gone way over the top in my team assessment. There is a major difference between criticizing and defamation. Perhaps someday you will learn the difference. For the record, I have never heard of anyone using the term mafia while referring to the FOSS. Then again, the Mafia is a highly organized operation. I might also add that many people of Italian descent consider the term mafia offensive. I'm going to actually ignore your completely irrelevant and hilariously unfounded attempt at psychiatric diagnosis beyond this sentence, and get to the point: Ignoring for the moment http://linuxmafia.com it is true that I have generally not heard of open source software or its community referred to as mafia, but I have heard of such things referred to as being socialist, fascist, or otherwise pejoratively accused of inapplicable political, criminal, or generally objectionable (in at least someone's eyes) character. Three guesses who comes first to mind as having made such statements, and the first two guesses don't count. I, for one, generally try to avoid saying nonfactually disparaging things about Microsoft or (especially) users of software peddled by Microsoft in venues like this mailing list, in part because it's a bit unsportsmanlike, and in part because it doesn't really contribute anything positive. It's kind of mind-boggling that people like you make no evident effort to avoid saying disparaging things about FreeBSD and its users in venues like this mailing list, where it's trollish, does not contribute anything positive, and directly offends large numbers of people subscribed to the list. When was this election held Chad? I am referring to the one that appointed you list spokesperson. In any case, you make an interesting statement without offering any documentation. Are you a politician Chad? I was inquiring because you seem to like making sound bites sans substance. I referred to no election. I am not list spokesperson, nor do I pretend to be or act as one, any more than you are the spokesperson for capitalism. I'm simply pointing out that you are an insufferable, trollish jackass, initially in a polite manner. The fact you avoid actually engaging my
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Mon, 11 Jun 2012 11:44:11 -0600 Chad Perrin articulated: On Mon, Jun 11, 2012 at 12:59:46PM -0400, Jerry wrote: On Mon, 11 Jun 2012 10:11:11 -0600 Chad Perrin articulated: On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote: It is fairly easy to understand both sides in this discussion. When Microsoft supporters refer to open-source software as open-sore or socialist-software the FOSS community becomes enraged. However, when the open-source community retaliates it is considered acceptable. Quite frankly I read far more Microsoft based forums than open-source based ones and I can say without a doubt, at least in my experience, Microsoft proponents never attack open-source with the venomous hatred that open-source attacks Microsoft. In fact, the majority of Microsoft users that I know could not care less about what they consider an overly burdensome (geeky) open-source operating system. The whole argument can probably be boiled do to this: Disparaging other operating systems (Microsoft) and pointing out its failures is beneficial, constructive and therapeutic. Pointing out problems and failures regarding your own OS is destructive and flame bait. Perhaps you're spending too much time in the community venues of open source software projects. In communities devoted to use of software peddled by Microsoft, the reverse would be true, and this seems to me not the least bit surprising, or even particularly inappropriate. When you stroll into a venue where it can reasonably be assumed there is a general consensus position of favoring one thing over another (such as a sports bar in Colorado, which would likely favor the Broncos over the Raiders), then start loudly proclaiming the evils of the favored thing relative to the unfavored (such as talking about how much better the Raiders are than the Broncos, and how the Broncos fans are all a bunch of pansy whiners, as you tend to do about open source software users and advocates while you're hanging out here on a FreeBSD mailing list), what you are contributing to the discussion may quite understandably be called flamebait. Expressing surprise that someone would apply such a label in these circumstances is, in my estimation, at least disingenuous if not wholly ludicrous, directly deceptive, and/or frankly dumb. Your paranoia is kicking in again isn't it Chad. Anyway, to address your sports analogy, if I walk into a NY City bar and enter into a discussion regarding the pros and cons of the Jets VS Giants, which in itself is ridiculous since neither is actually located in NY, and blatantly scream out that the (Jets of Giants -- you pick) are a bunch of mother-fucking, wife beating pedophiles, I think you would agree, unless you happen to belong to that group, that I have gone way over the top in my team assessment. There is a major difference between criticizing and defamation. Perhaps someday you will learn the difference. For the record, I have never heard of anyone using the term mafia while referring to the FOSS. Then again, the Mafia is a highly organized operation. I might also add that many people of Italian descent consider the term mafia offensive. I'm going to actually ignore your completely irrelevant and hilariously unfounded attempt at psychiatric diagnosis beyond this sentence, and get to the point: Ignoring for the moment http://linuxmafia.com it is true that I have generally not heard of open source software or its community referred to as mafia, but I have heard of such things referred to as being socialist, fascist, or otherwise pejoratively accused of inapplicable political, criminal, or generally objectionable (in at least someone's eyes) character. Three guesses who comes first to mind as having made such statements, and the first two guesses don't count. I love the way you make a statement, then add a qualifier to the statement making it virtually impossible to attack as well as giving yourself a way out. I'll explain further in my reply near the end of this post. I, for one, generally try to avoid saying nonfactually disparaging things about Microsoft or (especially) users of software peddled by Microsoft in venues like this mailing list, in part because it's a bit unsportsmanlike, and in part because it doesn't really contribute anything positive. It's kind of mind-boggling that people like you make no evident effort to avoid saying disparaging things about FreeBSD and its users in venues like this mailing list, where it's trollish, does not contribute anything positive, and directly offends large numbers of people subscribed to the list. When was this election held Chad? I am referring to the one that appointed you list spokesperson. In any case, you make an interesting statement without offering any documentation. Are you a politician Chad? I was inquiring because you seem to like making sound bites sans substance. I referred to no
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Mon, Jun 11, 2012 at 02:46:49PM -0400, Jerry wrote: On Mon, 11 Jun 2012 11:44:11 -0600 Chad Perrin articulated: On Mon, Jun 11, 2012 at 12:59:46PM -0400, Jerry wrote: Your paranoia is kicking in again isn't it Chad. Anyway, to address your sports analogy, if I walk into a NY City bar and enter into a discussion regarding the pros and cons of the Jets VS Giants, which in itself is ridiculous since neither is actually located in NY, and blatantly scream out that the (Jets of Giants -- you pick) are a bunch of mother-fucking, wife beating pedophiles, I think you would agree, unless you happen to belong to that group, that I have gone way over the top in my team assessment. There is a major difference between criticizing and defamation. Perhaps someday you will learn the difference. For the record, I have never heard of anyone using the term mafia while referring to the FOSS. Then again, the Mafia is a highly organized operation. I might also add that many people of Italian descent consider the term mafia offensive. I'm going to actually ignore your completely irrelevant and hilariously unfounded attempt at psychiatric diagnosis beyond this sentence, and get to the point: Ignoring for the moment http://linuxmafia.com it is true that I have generally not heard of open source software or its community referred to as mafia, but I have heard of such things referred to as being socialist, fascist, or otherwise pejoratively accused of inapplicable political, criminal, or generally objectionable (in at least someone's eyes) character. Three guesses who comes first to mind as having made such statements, and the first two guesses don't count. I love the way you make a statement, then add a qualifier to the statement making it virtually impossible to attack as well as giving yourself a way out. I'll explain further in my reply near the end of this post. This is interesting coming from someone whose immediately preceding comment was an Internet diagnosis of paranoia coupled with a hypocritical accusation of inappropriate phrasing directed at a third party. I, for one, generally try to avoid saying nonfactually disparaging things about Microsoft or (especially) users of software peddled by Microsoft in venues like this mailing list, in part because it's a bit unsportsmanlike, and in part because it doesn't really contribute anything positive. It's kind of mind-boggling that people like you make no evident effort to avoid saying disparaging things about FreeBSD and its users in venues like this mailing list, where it's trollish, does not contribute anything positive, and directly offends large numbers of people subscribed to the list. When was this election held Chad? I am referring to the one that appointed you list spokesperson. In any case, you make an interesting statement without offering any documentation. Are you a politician Chad? I was inquiring because you seem to like making sound bites sans substance. I referred to no election. I am not list spokesperson, nor do I pretend to be or act as one, any more than you are the spokesperson for capitalism. I'm simply pointing out that you are an insufferable, trollish jackass, initially in a polite manner. The fact you avoid actually engaging my points, in favor of simply bleating about transgressions I haven't even made, does a fairly good job of supporting my statements. As stated above in my latest response, it is difficult to counter a statement by you since you don't really state anything. You say, I have heard of such things referred to as being socialist, fascist, ... (truncated by me) etcetera. Well who the hell hasn't. News flash -- that isn't one. Then you add the (in at least someone's eyes) qualifier making it impossible to argue with. A good politician's trick by the way. Are you sure you are not into politics? If it were not for your paranoia, you could probably be a good one. You say nothing and speak volumes. Seriously, look over your postings for the past year. Your transgressions I haven't even made and similar statements are reproduced in an alarming number of them. The obvious implication here is that you are one of those people who makes comments insinuating (or outright claiming) socialist or fascist ethics dominating open source communities. I make no bones about the fact I made implicative reference to you in that statement, so you don't need to play dumb and pretend you don't know I was pointing out your own hypocrisies. The at least in someone's eyes parenthetical remark was in reference to the presumably pejorative character of some remarks people like you often make. Nice job pretending I meant something else with that parenthetical remark, though. Your tendency to (intentionally, I think) misrepresent the context of my statements when you fail to find a concrete argument to present proves you're a real class act. What
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Mon, 11 Jun 2012 13:44:36 -0600 Chad Perrin articulated: As stated above in my latest response, it is difficult to counter a statement by you since you don't really state anything. You say, I have heard of such things referred to as being socialist, fascist, ... (truncated by me) etcetera. Well who the hell hasn't. News flash -- that isn't one. Then you add the (in at least someone's eyes) qualifier making it impossible to argue with. A good politician's trick by the way. Are you sure you are not into politics? If it were not for your paranoia, you could probably be a good one. You say nothing and speak volumes. Seriously, look over your postings for the past year. Your transgressions I haven't even made and similar statements are reproduced in an alarming number of them. The obvious implication here is that you are one of those people who makes comments insinuating (or outright claiming) socialist or fascist ethics dominating open source communities. I make no bones about the fact I made implicative reference to you in that statement, so you don't need to play dumb and pretend you don't know I was pointing out your own hypocrisies. The at least in someone's eyes parenthetical remark was in reference to the presumably pejorative character of some remarks people like you often make. Nice job pretending I meant something else with that parenthetical remark, though. Your tendency to (intentionally, I think) misrepresent the context of my statements when you fail to find a concrete argument to present proves you're a real class act. What class that is, I leave as an inference for the reader. Your paranoia is working overtime now. I'm not sure what you're talking about with regard to the transgressions I haven't made. I did not refer to anyone as mafia in this list, to my recollection, and I would be quite interested in seeing verifiable quotes of me saying such a thing. I similarly do not recall expressing a pathological fear of persecution here. I pointed out that one person (not you) failed to say something worthwhile in an earlier email, and that another person (you) have unreasonable expectations if you really think that you have given nobody any reason to call you a troll or refer to what you do as flamebaiting when you show up in a FreeBSD community mailing list and accuse open source software users and advocates of pejoratively socialist, fascist, and otherwise reprehensible behavior in your eyes just because they prefer something other than MS Windows, often lumping an entire community in with a single noisy individual. Oh, poor Chad. His feelings are hurt. Chad, for some reason that totally escapes me at the moment, you feel as if you are important enough for me to really care what you think. News flash -- you aren't. I think of you as nothing more than an incorrigible bore with an inflated ego. Your attempts to portray yourself as an cognoscente while your persecution complex has pervaded numerous posts you have responded to has become laughable. Perhaps you are experiencing hypnagogic hallucinations. You really should consult an expert in the field although I fear that you would be recalcitrant to the idea. It must be sad going through life feeling that everyone is casting aspersions and heaping maledictions upon you. It is really sad. Personally, I would much rather have a discussion with Poly. I respect him, although I don't often agree with him. At least he discusses facts and doesn't spend his time trying to defend himself against non existent attacks. If you want to reply back with actual facts pertinent to the subject of this post, fine. Otherwise you are only wasting your time since I will not play your sad woe is me game. -- Jerry ♔ {This author has been Chad Perrin approved} Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Jerry, Chad: please unsubscribe me from your mailing list. Thanks!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Mon, Jun 11, 2012 at 04:53:11PM -0400, Jerry wrote: . . . You obviously aren't serious. I can't believe I let you string me along with this fantasy for so long. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
This thread has united the open source community into doing something useful and constructive. Thanks guys. You really showed 'em. -Modulok- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Sun, 10 Jun 2012 03:27:25 +0200 Damien Fleuriot articulated: On 9 Jun 2012, at 18:48, Chad Perrin per...@apotheon.com wrote: On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote: On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net wrote: Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware and run a free (or in the case of Linux apparently free) OS on free hardware. There are increasing numbers of SBCs and plenty of used servers on Ebay. They're all built better than commodity Intel mafiaware. Good riddance! You have no idea what you're talking about. This kind of religious propaganda post is neither constructive nor helpful. It should be noted that your tone is neither constructive nor helpful, to say nothing of your contentless response. Do you have anything useful to say in response to what Dave U. Random contributed -- perhaps a thoughtful refutation of some specific point(s)? I hope you have more of value to contribute than your obvious disdain for people who disagree with you about something (without even specifying on what points you disagree). If you had bothered to read all the other mails I've posted on this very specific thread, you wouldn't need to ask the question. If you're going to participate in the Linux zealots' propaganda that makes OSS defenders sound so ridiculous and delusional, so be it. Fact is, if Microsoft didn't deliver acceptable products, people wouldn't use them. Calling them a mafia is neither constructive (I invite you to look up the word mafia in a thesaurus), nor backed up by actual facts. OP is just going on a rampage about MS and intel. You want to follow his advice and advocate the exclusive use of alpha machines ? I guess we'll have to agree to disagree here. No, I'm not gonna use alphas. And no, I'm not going to let a random person (hey, choice words !) call intel or MS a mafia just because he's on a zealot crusade. You might want to take a minute to consider the contributions of both to computing. Without MS (and IBM amongst others) it's possible that computing would never have reached such an audience as it has. So I'm going with the (possibly false) assumption that without MS and other major actors, not many people would use computers nowadays. All this magnificent OSS wouldn't be of much use then. After all, who would need FreeBSD servers to host web sites that had neither visitors nor purpose ? One might see MS as the ultimate evil, yet they're strongly implemented in corporate IT. One might wonder why, before engaging in a crusade, and brandishing empty words as their weapons. I invite you to re-read OP's post and highlight what in mafiaware, wintel and microshaft you find constructive. I also invite you to read all his points about why exactly intel is an overgrown ugly mess. I regret to report I have found none, might you point them out for me ? Now, I shall leave you to read my other posts on this secure boot topic, that you might quit claiming I have nothing to contribute.___ It is fairly easy to understand both sides in this discussion. When Microsoft supporters refer to open-source software as open-sore or socialist-software the FOSS community becomes enraged. However, when the open-source community retaliates it is considered acceptable. Quite frankly I read far more Microsoft based forums than open-source based ones and I can say without a doubt, at least in my experience, Microsoft proponents never attack open-source with the venomous hatred that open-source attacks Microsoft. In fact, the majority of Microsoft users that I know could not care less about what they consider an overly burdensome (geeky) open-source operating system. The whole argument can probably be boiled do to this: Disparaging other operating systems (Microsoft) and pointing out its failures is beneficial, constructive and therapeutic. Pointing out problems and failures regarding your own OS is destructive and flame bait. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
This is really missing the point. The issue is not open source vs. proprietary although many people seem to try to steer everything into that meaningless conflict. The point is the WinTel Mafia's many years of collusion and screwing over the customer. Try to buy a commodity PC in any major store and it will come with Windows, and you have to pay for it. Now the WinTel Mafia got many companies onboard with their system to lock you out from the box you just bought. Bad enough it comes with Windows and you had to pay for it, and you don't even get an install disk. But the WinTel Mafia adds insult to injury and stops you from installing whatever software you want on it. What does this have to do with OSS v. proprietary source? Nothing! It is just about the WinTel Mafia's illegal, abuse trade practices. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/10/2012 08:09 AM, Nomen Nescio wrote: This is really missing the point. The issue is not open source vs. proprietary although many people seem to try to steer everything into that meaningless conflict. The point is the WinTel Mafia's many years of collusion and screwing over the customer. Try to buy a commodity PC in any major store and it will come with Windows, and you have to pay for it. Now the WinTel Mafia got many companies onboard with their system to lock you out from the box you just bought. Bad enough it comes with Windows and you had to pay for it, and you don't even get an install disk. But the WinTel Mafia adds insult to injury and stops you from installing whatever software you want on it. What does this have to do with OSS v. proprietary source? Nothing! It is just about the WinTel Mafia's illegal, abuse trade practices. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Need to have that congitiive distortion ckecked out because it makes it difficult to bring a logical conclusion, and creates an ill perspective on reality and keeps the person with a child like mentality; which makes the person to excerise worlds like wintel mafia,etc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 10/06/2012 16:09, Nomen Nescio wrote: The point is the WinTel Mafia's many years of collusion and screwing over the customer. Try to buy a commodity PC in any major store and it will come with Windows, and you have to pay for it. Does Intel control AMD too? Last I checked there are plenty of AMD machines in major stores and they come with Windows too. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Sun, Jun 10, 2012 at 9:31 AM, Bruce Cran br...@cran.org.uk wrote: Does Intel control AMD too? Last I checked there are plenty of AMD machines in major stores and they come with Windows too. So... attempting to bring reason into the argument? That won't do, I'm afraid. ;-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Too much hot air preaching to the choir is counter productive would die away after internal argument. Better be active Externaly. Defend our future by alerting governments there is an upcoming issue. (eg EU has mega fined MS before for monopoly abuse, EU etc could warn off MS if we alert governments there's something to monitor). Free source OSs, ie inc *BSD *Linux etc, need to co-ordinate with eg - A few short anodyne sentences summarising the MS Win8 UEFI problem, (better too little text than too much, to reduce work, avoid risk of discredit from getting anything wrong). - List of links to specification analysis discussion forums. - List of contacts to alert: politicians officials responsible for anti monopoly anti restraint of trade policing. - List of volunteers: people in each OS project to contact governments. - A brief simple sample letter to send to alert politicians officials (maybe via paper post or phone, not email to spam box ;-) As a start here's : http://berklix.org/uefi/ URLs welcome. Contact names welcome. Volunteers welcome. Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, indent with . Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Sun, 10 Jun 2012 22:06:26 +0200 Julian H. Stacey articulated: Too much hot air preaching to the choir is counter productive would die away after internal argument. Better be active Externaly. Defend our future by alerting governments there is an upcoming issue. (eg EU has mega fined MS before for monopoly abuse, EU etc could warn off MS if we alert governments there's something to monitor). Free source OSs, ie inc *BSD *Linux etc, need to co-ordinate with eg - A few short anodyne sentences summarising the MS Win8 UEFI problem, (better too little text than too much, to reduce work, avoid risk of discredit from getting anything wrong). - List of links to specification analysis discussion forums. - List of contacts to alert: politicians officials responsible for anti monopoly anti restraint of trade policing. - List of volunteers: people in each OS project to contact governments. - A brief simple sample letter to send to alert politicians officials (maybe via paper post or phone, not email to spam box ;-) As a start here's : http://berklix.org/uefi/ URLs welcome. Contact names welcome. Volunteers welcome. It is posts like this that basically turn my stomach. A product, any product, should succeed or fail based on its own merits and not because some government agency aided or thwarted it. Most, it not nearly all PC manufacturers exist solely because of Microsoft. The PC market balloons every time Microsoft releases a new version of Windows. Seriously now, how many PC were sold because FreeBSD released version 9 of its OS? If you want to beat someone, you make a better product. You don't go running to your mamma asking for protection. That stinks of socialism/fascism. The UEFI specification has existed for years. Supposedly, Linux has been capable of using it for 8+ years. I have no idea if FreeBSD is even capable of handling it. It wouldn't surprise me it if couldn't though. What this really tells me is that there has been way to much procrastination by the FOSS. Microsoft simply took advantage of an existing standard (remember standards something the FOSS is always crying about) and now FOSS is begging for mercy. This is more than just slightly funny, it is pathetic. If 1% of the effort of spreading this BS over UEFI had gone into working on a solution for UEFI two years ago, we wouldn't be having this discussion at all. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Jerry wrote It is posts like this that basically turn my stomach Never argue with a drunk. Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, indent with . Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote: On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net wrote: Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware and run a free (or in the case of Linux apparently free) OS on free hardware. There are increasing numbers of SBCs and plenty of used servers on Ebay. They're all built better than commodity Intel mafiaware. Good riddance! You have no idea what you're talking about. This kind of religious propaganda post is neither constructive nor helpful. It should be noted that your tone is neither constructive nor helpful, to say nothing of your contentless response. Do you have anything useful to say in response to what Dave U. Random contributed -- perhaps a thoughtful refutation of some specific point(s)? I hope you have more of value to contribute than your obvious disdain for people who disagree with you about something (without even specifying on what points you disagree). -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 9 Jun 2012, at 18:48, Chad Perrin per...@apotheon.com wrote: On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote: On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net wrote: Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware and run a free (or in the case of Linux apparently free) OS on free hardware. There are increasing numbers of SBCs and plenty of used servers on Ebay. They're all built better than commodity Intel mafiaware. Good riddance! You have no idea what you're talking about. This kind of religious propaganda post is neither constructive nor helpful. It should be noted that your tone is neither constructive nor helpful, to say nothing of your contentless response. Do you have anything useful to say in response to what Dave U. Random contributed -- perhaps a thoughtful refutation of some specific point(s)? I hope you have more of value to contribute than your obvious disdain for people who disagree with you about something (without even specifying on what points you disagree). -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] If you had bothered to read all the other mails I've posted on this very specific thread, you wouldn't need to ask the question. If you're going to participate in the Linux zealots' propaganda that makes OSS defenders sound so ridiculous and delusional, so be it. Fact is, if Microsoft didn't deliver acceptable products, people wouldn't use them. Calling them a mafia is neither constructive (I invite you to look up the word mafia in a thesaurus), nor backed up by actual facts. OP is just going on a rampage about MS and intel. You want to follow his advice and advocate the exclusive use of alpha machines ? I guess we'll have to agree to disagree here. No, I'm not gonna use alphas. And no, I'm not going to let a random person (hey, choice words !) call intel or MS a mafia just because he's on a zealot crusade. You might want to take a minute to consider the contributions of both to computing. Without MS (and IBM amongst others) it's possible that computing would never have reached such an audience as it has. So I'm going with the (possibly false) assumption that without MS and other major actors, not many people would use computers nowadays. All this magnificent OSS wouldn't be of much use then. After all, who would need FreeBSD servers to host web sites that had neither visitors nor purpose ? One might see MS as the ultimate evil, yet they're strongly implemented in corporate IT. One might wonder why, before engaging in a crusade, and brandishing empty words as their weapons. I invite you to re-read OP's post and highlight what in mafiaware, wintel and microshaft you find constructive. I also invite you to read all his points about why exactly intel is an overgrown ugly mess. I regret to report I have found none, might you point them out for me ? Now, I shall leave you to read my other posts on this secure boot topic, that you might quit claiming I have nothing to contribute.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
Hi, On 06 June 2012 23:27:39 Chad Perrin wrote: On Wed, Jun 06, 2012 at 03:05:00PM -0400, Jerry wrote: I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. I believe that real life is a bit different. I have immediately installed FreeBSD on the last four or five laptops I I do this since 5.2 is out with all my purchases. I did the same thing with other machines in my environment. But I have to admit, that I have had to install twice Fedora because the notebook hardware was not supported at that moment of time. The second Fedora installation will go as soon as get finished my travelling or I get me hands on a new hard disk. Yes, I am in a location where you can enjoy life without any IT shop nearby which could even try to pull the money out of my pockets. What also has to be mentioned is the fact that people have to be more careful when shopping for new hardware with FreeBSD in mind. AMD based hardware is here of advantage at the moment. But it has other disadvantages. purchased, and I get most of my laptops direct from Lenovo. While my The machine on which I installed Fedora is also from Lenovo. It would have needed a bit of more time to get X running on it. When I ran out of time, I installed Fedora which ran out of the box. Ubuntu did not work out of the box despite being certified. In this aspect, the full integration of Intel's graphic solution into FreeBSD will help acceptance here. Significant Other has been installing Debian on her laptops, also Ah, learning English with FreeBSD. I did not knew of this phrase before. acquired from Lenovo, she is probably going to start using FreeBSD instead next time. I know several other people who install FreeBSD on My 'Significant Other' - you see, I am a fast learner - knows only FreeBSD. You should see her getting emotional when she has to work with Windows and things break in front of her eyes. She is no IT person at all and wants to use a computer with the ease of using a hammer. Of course, she never faces the problems maintaining a system. All she knows is that the machine is starting every time she needs it and continues to work until she switches it of. Yes, my evidence is anecdotal, but I think your notions of the frequency of FreeBSD use other than in a corporate setting are also based on anecdotal observations, so we're even. I can tell you another real ironic story out of the cooperate world. A client needed a firewall. He did not believe that we could do it for him using FreeBSD and PC hardware. He bought then a 'real' firewall. You know what OS was running on this hardware? There was a nice price tag on this hardware too. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
in message 1849552.ouqdgjx...@x220.ovitrap.com, wrote Erich thusly... On 06 June 2012 23:27:39 Chad Perrin wrote: ... I have immediately installed FreeBSD on the last four or five laptops I I do this since 5.2 is out with all my purchases. ... I have to admit, that I have had to install twice Fedora because the notebook hardware was not supported at that moment of time. The second Fedora installation will go as soon as get finished my travelling or I get me hands on a new hard disk. Erich, could you please list the offending Lenovo models? ... What also has to be mentioned is the fact that people have to be more careful when shopping for new hardware with FreeBSD in mind. AMD based hardware is here of advantage at the moment. But it has other disadvantages. ... What would be the said disadvantages? - parv -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 7 Jun 2012, at 01:54, Robert Bonomi bon...@mail.r-bonomi.com wrote: From owner-freebsd-questi...@freebsd.org Wed Jun 6 18:13:09 2012 Date: Thu, 07 Jun 2012 00:09:54 +0100 From: Bruce Cran br...@cran.org.uk To: Robert Bonomi bon...@mail.r-bonomi.com Cc: freebsd-questions@freebsd.org Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? On 06/06/2012 20:27, Robert Bonomi wrote: Suppose I put up a web app that takes an executable as input, signs it with my key, and returns the signed filt to the submitter. I don't divulge the key to anyone, just use it on 'anything'. Anybody attempting to revoke on _that_ basis is asking for a lawsuit. To me it would be perfectly reasonable to revoke the key as soon as you signed the first piece of malware. It may seem reasonable to you, but is there -legal- basis to do so? 'signing' only provides assurance of the identity of the signer. I did sign it. The key has not been compromised. The software in question is tracable to the signer, but the signer never claimed it was 'error free', what conract or statute did they breach by doing the signing? Signing anything and everything defeats the purpose the key and this whole charade are implemented for. Under the contract's undoubtedly carefully penned clauses, this would allow for a key revocation. Make no mistake, they'll go over that contract for several weeks, giving themselves as much manoeuvring room as possible.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
Hi, On 06 June 2012 21:10:14 p...@pair.com wrote: in message 1849552.ouqdgjx...@x220.ovitrap.com, wrote Erich thusly... On 06 June 2012 23:27:39 Chad Perrin wrote: ... I have immediately installed FreeBSD on the last four or five laptops I I do this since 5.2 is out with all my purchases. ... I have to admit, that I have had to install twice Fedora because the notebook hardware was not supported at that moment of time. The second Fedora installation will go as soon as get finished my travelling or I get me hands on a new hard disk. Erich, could you please list the offending Lenovo models? it is the X220. There is a solution available which needs a bit more time as I have had on hand before I left. As I have said several times already, I will be back with this machine to FreeBSD after my return. ... What also has to be mentioned is the fact that people have to be more careful when shopping for new hardware with FreeBSD in mind. AMD based hardware is here of advantage at the moment. But it has other disadvantages. ... What would be the said disadvantages? Some say that the AMD CPUs are slower per core. This X220 with the 2640 CPU seems to be very, very fast for me. I was surprised how it performed running plain FreeBSD. I would not have expected this much performance out of a small notebook. As this is my first Intel CPU since the good, old 80586, I cannot tell you more about Intel CPUs. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/6/12 9:43 PM, Daniel Feenberg wrote: On Wed, 6 Jun 2012, Damien Fleuriot wrote: On 6/6/12 6:45 PM, Daniel Feenberg wrote: On Wed, 6 Jun 2012, Julian H. Stacey wrote: I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Contract penalty clause maybe ? Lawyers ? A limited-liability company with no assets is judgement-proof. Otherwise one of us would purchase a key for $99, then publish the key so we could all forever more compile boot our own kernels. But that would presumably break the trap Microsoft Verisign seek to impose. Could it really be that simple? As for hardware vendors putting revoked keys in the ROM - are they really THAT cooperative? Seems like they would drag their feet on ROM updates if they had to add a lot of stuff that won't help them, so that doesn't seem like a great enforcement tool. dan feenberg Oh god... Please realize that once the key is divulged, it gets revoked at the BIOS' next update. But my point is that MS doesn't issue the updates, they have to ask the BIOS vendors to do so, and then the MB vendors have to take the update, and then the users have to install the update. The incentive at each level is generally very small. It does create some confusion, but is hardly an enforcement mechanism. It would disable older versions of FreeBSD on newer hardware, but not much else. A previous poster has pointed out that MS can't revoke a certificate belonging to RH, but I suppose the could ask the BIOS vendors to treat it as revoked. I don't know what the response would be. Daniel Feenberg That is indeed the case. This is akin to, for example, Sony's race against Homebrewers on the good ol' PSP. When hackers found a hardware flaw that enabled them to install custom firmware, Sony had to release new versions of the consoles with fixed hardware. The old ones were still exploitable but the new ones weren't. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On 6/5/12 10:19 PM, Colin Barnabas wrote: On Tue, Jun 05, 2012 at 11:19:26AM -0700, Kurt Buff wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. Kurt History show us that _everything_ will eventually run *nix. Take a look at the Sony PS3 debacle. After Sony yanked support for installing other OS's, the community ripped apart their hypervisor in a matter of months. If these boot keys do gain any momentum, sooner than later the community with poke holes in the system. This, however, raises the problem of the legality of it. George HOTZ was sued by Sony for releasing the master key. While Anonymous responded very aggressively (and while I do not generally condone their actions, this one I can both understand and support), in the end the consensus reached was that Geohotz agreed to not work on bypassing the PS3's protections anymore. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On 6/6/12 9:55 PM, Robert Simmons wrote: On Wed, Jun 6, 2012 at 3:05 PM, Jerry je...@seibercom.net wrote: On Wed, 06 Jun 2012 12:49:53 -0400 Daniel Staal articulated: On 2012-06-05 17:20, Jerry wrote: The question that I have not seen answered in this thread is what FreeBSD intents to do. From what I have seen, most FreeBSD users do not use the latest versions of most hardware, so it may be a while before its user base is even effected. I don't believe at this point FreeBSD has any intent one way or another, really. It's not an immediate problem for any platform supported by the FreeBSD project, at least for a technically-inclined user who's willing to check out their BIOS. (Even if they are using the latest hardware, the x86-derived platforms aren't going to require this code signing yet.) So it'll probably be a 'wait and see if it's something the FreeBSD community needs a solution for' at this point. But this is just my impression. I totally agree with you. Unfortunately that speaks to the sad state of affairs that FreeBSD appears to be in. When it comes to supporting the latest technologies, it tends to be behind the curve when compared to other operating systems. Wireless networking and USB support are only a few examples. I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. I would have to disagree with you there. I know of quite a few users who happen to run one of the world's largest content distribution networks (accounting for about one third of the internet's traffic; up there with pornography). They purchased more than just a handful of new computers and threw FreeBSD on them: http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068129.html You're talking about servers here, I think Jerry was speaking more generally, about a lambda user buying a computer and *definitely* not installing FBSD (or anything else) on it. The typical users just wants to buy internet and emails without a care in the world about the OS. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Snippet from Jerry je...@seibercom.net: I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. I did, or almost. Before installing FreeBSD, I tried unsuccessfully to install NetBSD, figuring I'd start with the least stable of (NetBSD, FreeBSD, Linux) and not risk messing up good Linux and FreeBSD installations. Then FreeBSD 9.0-BETA1 was released, and I went with that: now on 9.0-STABLE #9. That was on a computer that I built from parts in May-June 2011, meaning modern hardware including UEFI, but no secure boot. Tom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
But my point is that MS doesn't issue the updates, they have to ask the BIOS vendors to do so, and then the MB vendors have to take the update, and then the users have to install the update. The incentive at each level is generally very small. It does create some confusion, but is hardly an enforcement mechanism. It would disable older versions of FreeBSD on newer hardware, but not much else. This can be automated. Many mobo manufacturers have software that searches for new BIOS and flashes it for you. All they have to do is get on board and make this automatic like Windows Updates. Don't think they haven't thought this far ahead. I believe some offer this now. A previous poster has pointed out that MS can't revoke a certificate belonging to RH, but I suppose the could ask the BIOS vendors to treat it as revoked. I don't know what the response would be. MS and Intel are running this. If Verisign is just a trusted 3rd party (without administrative duties) they can well defer to the Microshaft Mafia and do as they're told. It wouldn't be the first time. For example, did everybody already forget the Microshaft Mafias' initiation of the FBI server raids on the botnet? Many innocent companies and peoples hosting got screwed during this takeover. But it was all in the name of justice. If we can get a few Russian hackers then it's well worth damaging your business and property. We're from Microshaft Mafia and the FBI and we're here to help. This is akin to, for example, Sony's race against Homebrewers on the good ol' PSP. When hackers found a hardware flaw that enabled them to install custom firmware, Sony had to release new versions of the consoles with fixed hardware. The old ones were still exploitable but the new ones weren't. That is a little different, possibly. For one thing, Sony detected whether you had the updates they wanted you to install and if you don't have them installed you can't play on their PlayStation network. For 99.99% of PlayStation users this is the whole point of buying their console. So if you don't upgrade all you have is a box for playing local games which most people don't seem to want to do. All the Intel and Microshaft Mafia have to do is a similar thing, and make your PC or Windows stop working unless you install their updates, or tell the FBI your PC is possibly infected and part of a Russian botnet etc. and you won't be allowed on the internet until you upgrade your system to a safe level to avoid these horrible threats. This idea was floated publicly even unrelated to so-called secure boot. Windows activation can check the firmware level and Intel's management BIOS is connected to the net even when your new PC is shut off (as long as it is plugged in). If you go along with this they can do whatever you want. You're submitting to true remote management/control over YOUR hardware and life. This is the beginning of a lot of bad Big Brother stuff and if people accept it now they get what they deserve tomorrow. Say NO to the Intel/Microshaft Mafia. Say NO to Secure boot. Run MIPS and Alpha hardware if you have to, just DUMP INTEL AND THE MICROSHAFT MAFIA. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/7/12 3:43 PM, Nomen Nescio wrote: But my point is that MS doesn't issue the updates, they have to ask the BIOS vendors to do so, and then the MB vendors have to take the update, and then the users have to install the update. The incentive at each level is generally very small. It does create some confusion, but is hardly an enforcement mechanism. It would disable older versions of FreeBSD on newer hardware, but not much else. This can be automated. Many mobo manufacturers have software that searches for new BIOS and flashes it for you. All they have to do is get on board and make this automatic like Windows Updates. Don't think they haven't thought this far ahead. I believe some offer this now. A previous poster has pointed out that MS can't revoke a certificate belonging to RH, but I suppose the could ask the BIOS vendors to treat it as revoked. I don't know what the response would be. MS and Intel are running this. If Verisign is just a trusted 3rd party (without administrative duties) they can well defer to the Microshaft Mafia and do as they're told. It wouldn't be the first time. For example, did everybody already forget the Microshaft Mafias' initiation of the FBI server raids on the botnet? Many innocent companies and peoples hosting got screwed during this takeover. But it was all in the name of justice. If we can get a few Russian hackers then it's well worth damaging your business and property. We're from Microshaft Mafia and the FBI and we're here to help. This is akin to, for example, Sony's race against Homebrewers on the good ol' PSP. When hackers found a hardware flaw that enabled them to install custom firmware, Sony had to release new versions of the consoles with fixed hardware. The old ones were still exploitable but the new ones weren't. That is a little different, possibly. For one thing, Sony detected whether you had the updates they wanted you to install and if you don't have them installed you can't play on their PlayStation network. For 99.99% of PlayStation users this is the whole point of buying their console. So if you don't upgrade all you have is a box for playing local games which most people don't seem to want to do. Totally off-topic, but I actually used mine to run gameboy and gameboy advance emulators ^^' All the Intel and Microshaft Mafia have to do is a similar thing, and make your PC or Windows stop working unless you install their updates, or tell the FBI your PC is possibly infected and part of a Russian botnet etc. and you won't be allowed on the internet until you upgrade your system to a safe level to avoid these horrible threats. This idea was floated publicly even unrelated to so-called secure boot. I refer you to the years old threads about Palladium and the TCPA that Microsoft dreamed back in the days. Windows activation can check the firmware level and Intel's management BIOS is connected to the net even when your new PC is shut off (as long as it is plugged in). If you go along with this they can do whatever you want. You're submitting to true remote management/control over YOUR hardware and life. Well, I don't know about that... how do you suggest the BIOS gets its IP ? The 8-STABLE box that acts as my router is not going to serve one over DHCP or BOOTP any time soon. As for sniffing the network to guess the router + DNS servers, that one might be a bit far-fetched. This is the beginning of a lot of bad Big Brother stuff and if people accept it now they get what they deserve tomorrow. Say NO to the Intel/Microshaft Mafia. Say NO to Secure boot. Run MIPS and Alpha hardware if you have to, just DUMP INTEL AND THE MICROSHAFT MAFIA. Seriously you need to stop with the wintel, microshaft, mafia and all the stuff. We get it, you don't like them. However, there are literally thousands of people reading this list and just because they do not share your ideals doesn't necessarily make them advocates of this so-called mafia, or blind sheep. Finally, I can't come up with a scenario where my CEO is going to okay alpha boxes for our regular web servers and such. Our x86 servers run just fine and are roughly 12.000% cheaper. We need to distance ourselves from Intel, apparently they run their business like darned brigands is not going to cut it. Things aren't that easy in a corporate world, you get a volume contract with a supplier, Dell for example, and purchase your hardware from them. I can hardly see Dell shipping x86 servers with locked-in Windows installs, that just won't do for their business. I have to admit I'd love to see it though, I've always wanted us to try Cisco or IBM's blade servers in lieu of Dell's. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Totally off-topic, but I actually used mine to run gameboy and gameboy advance emulators ^^' And I use mine to write PPC code. But Sony's business model wasn't about software development or doing what you and I are doing. Windows activation can check the firmware level and Intel's management BIOS is connected to the net even when your new PC is shut off (as long as it is plugged in). If you go along with this they can do whatever you want. You're submitting to true remote management/control over YOUR hardware and life. Well, I don't know about that... how do you suggest the BIOS gets its IP ? The 8-STABLE box that acts as my router is not going to serve one over DHCP or BOOTP any time soon. You seem to be focusing on the .01% cases. The UEFI was specifically designed to allow TCP/IP from the BIOS with the machine powered off, well before secure boot was on the table. Just because you can firewall it off doesn't mean everybody else understands the issues or knows how, because they don't. For all we know Intel or Microshaft have plenty of DHCP servers ready for this. As for sniffing the network to guess the router + DNS servers, that one might be a bit far-fetched. It's not going to be like Skype and do NAT traversals by itself and find it's way out of your box. It's just that if you leave your computer plugged in like everybody in the world does, the BIOS will be able to do whatever they program it to do, including downloading and flashing BIOS updates and whatever malware the dreaded Chinese hackers and Russian botnets create. Microshaft is pretty stupid because every time they create something secure the Russians or Chinese hack it in a day. I'll be surprised if they don't crack Verisigns keys and create exploits and this will be a better attack vector than they ever had because now they can flash your BIOS. All they could do before was replace your boot sector. Seriously you need to stop with the wintel, microshaft, mafia and all the stuff. Why? However, there are literally thousands of people reading this list and just because they do not share your ideals doesn't necessarily make them advocates of this so-called mafia, or blind sheep. Aside from the one ostrich I spanked I don't think they are either. Finally, I can't come up with a scenario where my CEO is going to okay alpha boxes for our regular web servers and such. Our x86 servers run just fine and are roughly 12.000% cheaper. Yeah but nobody cares about that because they're not talking about doing this to server boxes. It's home PCs where people are usually not well informed and are usually defenseless. Try to stay focused on the discussion. I can hardly see Dell shipping x86 servers with locked-in Windows installs, that just won't do for their business. Right, so this doesn't apply. Why do you keep bringing it up? Even if it did apply, who cares? It's not your problem. The target is commodity WinTel crapware boxes. I have to admit I'd love to see it though, I've always wanted us to try Cisco or IBM's blade servers in lieu of Dell's. Intel is bad not just because of UEFI and secure boot. They're bad because they have conspired many times over the years with Microshaft to create a monopoly. Everybody should object to that. Say NO to the WinTel Mafia! (had to add that ;-)) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/06/2012 01:35 PM, Alejandro Imass wrote: But this is more to do with the BIOS than with Intel as such. Wasn't there a FreeBIOS, later LinuxBIOS, now coreboot I believe..? So replacing the BIOS entirely wouldn't suffice to override all this nonsense? ___ anybody will be free to disable secure boot in x86 systems and run any OS, so this is not really a big deal. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 05/06/2012 23:10, Jerry wrote: I thought this URL http://mjg59.dreamwidth.org/12368.html also shown above, answered that question. Signing bootloaders and kernels etc. seems superficially like a good idea to me. However, instant reaction is that this is definitely *not* something that Microsoft should be in charge of. Some neutral[*] body without any commercial interests should do that job, and bootloader/kernel signing should be freely available. On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. Which completely abrogates the whole point of signing bootloaders/kernels in the first place: anyone wishing to create malware would be able to sign whatever they want using such a key. It's DRM-level stupidity all over again. My conclusion: boycott products, manufacturers and/or OSes that participate in this scheme. FreeBSD alone won't make any real difference to manufacturers, but I hope there is still enough of the original spirit of freedom within the Linux camp, and perhaps from Google/android to make an impact. I'm pretty sure there can be a way of whitelisting bootloaders and so forth to help prevent low-level malware, but this isn't it. Cheers, Matthew [*] I suggest ICANN might be the right sort of organization to fulfil this role. -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey signature.asc Description: OpenPGP digital signature
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/06/2012 08:32, Matthew Seaman wrote: On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. It just means that anyone wishing to run their own kernels would either need to disable secure boot, or purchase/create their own certificate and install it. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/06/2012 09:45, Bruce Cran wrote: On 06/06/2012 08:32, Matthew Seaman wrote: On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. It just means that anyone wishing to run their own kernels would either need to disable secure boot, or purchase/create their own certificate and install it. Indeed. However disabling secure boot is apparently: * too difficult for users of Fedora * not possible on all platforms (arm based tablets especially) and purchasing your own certificate currently means paying $99 to Microsoft, or else getting a key from the hardware manufacturer (which I very much suspect will not be free either). While I would expect the typical FreeBSD user to be quite capable of disabling secure boot, I know that this is something that will result in realms of questions by new users, alarmist claims that FreeBSD is not secure and general glee amongst the FreeBSD is dying crowd. This is just another misconceived DRM scheme and suffers from all the same old flaws. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey signature.asc Description: OpenPGP digital signature
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, Jun 6, 2012 at 2:38 AM, Matthew Seaman matt...@freebsd.org wrote: On 06/06/2012 09:45, Bruce Cran wrote: On 06/06/2012 08:32, Matthew Seaman wrote: On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. It just means that anyone wishing to run their own kernels would either need to disable secure boot, or purchase/create their own certificate and install it. Indeed. However disabling secure boot is apparently: * too difficult for users of Fedora * not possible on all platforms (arm based tablets especially) and purchasing your own certificate currently means paying $99 to Microsoft, or else getting a key from the hardware manufacturer (which I very much suspect will not be free either). While I would expect the typical FreeBSD user to be quite capable of disabling secure boot, I know that this is something that will result in realms of questions by new users, alarmist claims that FreeBSD is not secure and general glee amongst the FreeBSD is dying crowd. This is just another misconceived DRM scheme and suffers from all the same old flaws. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey http://www.infoworld.com/t/hacking/tech-behind-flame-attack-could-compromise-microsoft-update-194867 Thank you very much . Mehmet Erol Sanliturk ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
jerr...@msu.edu wrote: Quoting Kurt Buff kurt.b...@gmail.com: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. I don't see how this MS scam is even at all legal. It is clearly restraint of trade and probably violates some other related laws too. A shame Bush blocked dismembering monopolist Microsoft. The last enormous fines Microsoft paid the EU for monopoly abuse, presumably failed to discipline Microsoft. Time for increased fines, till Microsoft stops abusing its monooly. Would be nice if the fines were so high it forced a free recall by hardware vendors to fix, if it can't be fixed with a UEFI net upgrade. Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, indent with . Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 06 Jun 2012 10:38:41 +0100 Matthew Seaman articulated: On 06/06/2012 09:45, Bruce Cran wrote: On 06/06/2012 08:32, Matthew Seaman wrote: On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. It just means that anyone wishing to run their own kernels would either need to disable secure boot, or purchase/create their own certificate and install it. Indeed. However disabling secure boot is apparently: * too difficult for users of Fedora * not possible on all platforms (arm based tablets especially) and purchasing your own certificate currently means paying $99 to Microsoft, or else getting a key from the hardware manufacturer (which I very much suspect will not be free either). I think you are in error there Matthew. From what I have read The $99 goes to Verisign, not Microsoft - further once paid you can sign as many binaries as you want. While I would expect the typical FreeBSD user to be quite capable of disabling secure boot, I know that this is something that will result in realms of questions by new users, alarmist claims that FreeBSD is not secure and general glee amongst the FreeBSD is dying crowd. This is just another misconceived DRM scheme and suffers from all the same old flaws. I don't feel this is misconceived at all. Again, from what I have read, most non-Microsoft operating systems have been able to use UEFI Secure Boot for nearly eight years; however, they have actively refused to do so. However, now Microsoft has stepped up to the plate and is actively taking advantage of the scheme. Actually, Microsoft has been issuing warnings for ten years when a user would attempt to install unsigned drivers. Now the FOSS community is getting its knickers in a knot. They should have taken this into account a long time ago. In any case, we are talking $99 dollars total, not per user here for the certificate. If that is going to cause a problem, I'll donate the $99. In any case, the real problem appears to be how FreeBSD is going to handle drivers which apparently will need to be signed since they work at the kernel level. Apparently Fedora has a working solution for that all ready. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ signature.asc Description: PGP signature
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/06/2012 11:24, Jerry wrote: They should have taken this into account a long time ago. In any case, we are talking $99 dollars total, not per user here for the certificate. If that is going to cause a problem, I'll donate the $99. It's not the $99 that'll be the problem, but the fact that it's Verisign (actually Symantec, since they bought Verisign) that you deal with. Whereas Globalsign accept applications from individuals, Verisign require company documents before they'll generate a certificate. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/06/2012 11:38, Bruce Cran wrote: It's not the $99 that'll be the problem, but the fact that it's Verisign (actually Symantec, since they bought Verisign) that you deal with. Whereas Globalsign accept applications from individuals, Verisign require company documents before they'll generate a certificate. I've just checked, and I'm wrong - they seem to have changed things and now allow signups from individuals. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/06/2012 11:24, Jerry wrote: I think you are in error there Matthew. From what I have read The $99 goes to Verisign, not Microsoft - further once paid you can sign as many binaries as you want. Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? $99 as a one-off payment might seem a trivial cost to you, so much so that you rather rashly promised to pay that for anyone. I won't hold you to it. Even so, there are several thousand readers of this list. I doubt even you could afford to subsidise very many of them... Yes UEFI Secure Boot may have been around for 8 years. The fact that no one has adopted use of it in all that time speaks volumes. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 6 Jun 2012, Matthew Seaman wrote: On 05/06/2012 23:10, Jerry wrote: I thought this URL http://mjg59.dreamwidth.org/12368.html also shown above, answered that question. Signing bootloaders and kernels etc. seems superficially like a good idea to me. However, instant reaction is that this is definitely *not* something that Microsoft should be in charge of. Some neutral[*] body ... On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own You don't need the signing key if you turn off secure boot in the CMOS. The fedora folk are worried that naive desktop users will not be able to do that, and usage of linux will be impeded. It won't be a significant impediment to users capable of compiling their own kernel. is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. Which completely abrogates the whole point of signing bootloaders/kernels in the first place: anyone wishing to create malware would be able to sign whatever they want using such a key. It's DRM-level stupidity all over again. I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Apple keeps it's signing key secret because it gets a share of revenue from the sale of apps. If the fedora key became known it wouldn't hurt fedora. Can the UEFI BIOS consult a list of revoked keys online? That would be surprising. dan feenberg ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, Jun 6, 2012 at 3:47 AM, Matthew Seaman m.sea...@infracaninophile.co.uk wrote: On 06/06/2012 11:24, Jerry wrote: I think you are in error there Matthew. From what I have read The $99 goes to Verisign, not Microsoft - further once paid you can sign as many binaries as you want. Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? $99 as a one-off payment might seem a trivial cost to you, so much so that you rather rashly promised to pay that for anyone. I won't hold you to it. Even so, there are several thousand readers of this list. I doubt even you could afford to subsidise very many of them... Yes UEFI Secure Boot may have been around for 8 years. The fact that no one has adopted use of it in all that time speaks volumes. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW What will be the usefulness of a security key for an Open Source Operating System when people are not using mostly proprietary binary packages and nearly all of the supplied binary packages have accompanying sources ? When FreeBSD is installing a binary package or making a port , it is ALWAYS checking integrity of installed parts . Then is there a necessity of a Security Key obtained by paying money ? In Turkish literature , there is a person named as Deli Dumrul means Crazy Dumrul where his name is Dumrul . Crazy Dumrul constructed a bridge over a dried river . If any one passes from the bridge , he was taking money for passing over the bridge for Using the Bridge , and , if any one is NOT passing from the bridge , and walking over the dried river , he was taking money for Not to Use the Bridge . It seems that History is Repeating Thank you very much . Mehmet Erol Sanliturk ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 06 Jun 2012 11:47:11 +0100 Matthew Seaman articulated: On 06/06/2012 11:24, Jerry wrote: I think you are in error there Matthew. From what I have read The $99 goes to Verisign, not Microsoft - further once paid you can sign as many binaries as you want. Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? $99 as a one-off payment might seem a trivial cost to you, so much so that you rather rashly promised to pay that for anyone. I won't hold you to it. Even so, there are several thousand readers of this list. I doubt even you could afford to subsidise very many of them... The $99 was for FreeBSD to deliver the OS, not per user. This is clearly explained in the various URLs listed in this thread. I am sorry if you misunderstood. Of course if a user wants to recompile the kernel, etcetera after having downloaded and installed it from FreeBSD or one of its subsidies, they are on their own. Seriously though, a one time payment of $99 is so trivial I find it hard to believe that anyone is actually bitching about it. I pay many times that amount for golf every month. Yes UEFI Secure Boot may have been around for 8 years. The fact that no one has adopted use of it in all that time speaks volumes. I don't want to get in an argument with you Matthew since you are one of the few on this list that I feel actually thinks before they speak and knows what they are talking about; however, the real reason, in my opinion, is that no one carefully considered the consequences of it. It is a great idea, it offers greater security and again from what I have read it can be disabled by the end user if the vendor so allows. Microsoft does not control the vendors right to allow or disallow that action. In any event, it won't belong before some hacker comes up with a way to circumvent the entire process anyway, In my opinion, so why worry about it. Most FreeBSD users do not use state of the art equipment anyway, so it may be years before they even come up against this problem. By then it will all be ironed out. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ signature.asc Description: PGP signature
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/6/12 1:36 PM, Jerry wrote: On Wed, 06 Jun 2012 11:47:11 +0100 Matthew Seaman articulated: On 06/06/2012 11:24, Jerry wrote: I think you are in error there Matthew. From what I have read The $99 goes to Verisign, not Microsoft - further once paid you can sign as many binaries as you want. Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? $99 as a one-off payment might seem a trivial cost to you, so much so that you rather rashly promised to pay that for anyone. I won't hold you to it. Even so, there are several thousand readers of this list. I doubt even you could afford to subsidise very many of them... The $99 was for FreeBSD to deliver the OS, not per user. This is clearly explained in the various URLs listed in this thread. I am sorry if you misunderstood. Of course if a user wants to recompile the kernel, etcetera after having downloaded and installed it from FreeBSD or one of its subsidies, they are on their own. Seriously though, a one time payment of $99 is so trivial I find it hard to believe that anyone is actually bitching about it. I pay many times that amount for golf every month. Look Jerry, Are you serious there ? Having to pay to use a different OS on hardware that you own ? What next, non-approved keyboard, $40 extra ? Non-approved mouse, $30, non-approved USB external drive, $80 ? Don't take it personally but it's people like you willing to bend the knee that encourage such abuse as we're discussing today. The denial of freedom to do what you want with that piece of hardware you just bought. And no, $99 isn't trivial, it has to be 1/6 the price of a standard PC nowadays. I'm *not* paying extra to install a non-MS-approved-lol-seriously OS. This is nothing short of extortion. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/6/12 9:32 AM, Matthew Seaman wrote: On 05/06/2012 23:10, Jerry wrote: I thought this URL http://mjg59.dreamwidth.org/12368.html also shown above, answered that question. Signing bootloaders and kernels etc. seems superficially like a good idea to me. However, instant reaction is that this is definitely *not* something that Microsoft should be in charge of. Some neutral[*] body without any commercial interests should do that job, and bootloader/kernel signing should be freely available. On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. Which completely abrogates the whole point of signing bootloaders/kernels in the first place: anyone wishing to create malware would be able to sign whatever they want using such a key. It's DRM-level stupidity all over again. My conclusion: boycott products, manufacturers and/or OSes that participate in this scheme. FreeBSD alone won't make any real difference to manufacturers, but I hope there is still enough of the original spirit of freedom within the Linux camp, and perhaps from Google/android to make an impact. I'm pretty sure there can be a way of whitelisting bootloaders and so forth to help prevent low-level malware, but this isn't it. Cheers, Matthew [*] I suggest ICANN might be the right sort of organization to fulfil this role. I agree with the whole post except that last bit about ICANN Matthew. The US already has enough dominance as is, without involving ICANN, a supposedly neutral body (yeah right...) any further. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/6/12 1:19 PM, Daniel Feenberg wrote: On Wed, 6 Jun 2012, Matthew Seaman wrote: On 05/06/2012 23:10, Jerry wrote: I thought this URL http://mjg59.dreamwidth.org/12368.html also shown above, answered that question. Signing bootloaders and kernels etc. seems superficially like a good idea to me. However, instant reaction is that this is definitely *not* something that Microsoft should be in charge of. Some neutral[*] body ... On deeper thought though, the whole idea appears completely unworkable. It means that you will not be able to compile your own kernel or drivers unless you have access to a signing key. As building your own You don't need the signing key if you turn off secure boot in the CMOS. The fedora folk are worried that naive desktop users will not be able to do that, and usage of linux will be impeded. It won't be a significant impediment to users capable of compiling their own kernel. is pretty fundamental to the FreeBSD project, the logical consequence is that FreeBSD source should come with a signing key for anyone to use. Which completely abrogates the whole point of signing bootloaders/kernels in the first place: anyone wishing to create malware would be able to sign whatever they want using such a key. It's DRM-level stupidity all over again. I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Apple keeps it's signing key secret because it gets a share of revenue from the sale of apps. If the fedora key became known it wouldn't hurt fedora. Can the UEFI BIOS consult a list of revoked keys online? That would be surprising. dan feenberg Key revoked in the BIOS' next version, which will ship by default on newer hardware. No need for checking online. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/5/12 9:12 PM, Gökşin Akdeniz wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ That's restriction is only for ARM devices which have a label that says Desgined for Windows8. In other words those devices can not boot another os except Windows 8 due to secure boot option enabled by default. The short and the long of it Microsoft is copying Apple on tablets with ARM. Well perhaps it should say designed ONLY for windows8 then ? This has class action written all over it, just like the ready for win7 fiasco where the PCs displaying the sticker could only run the minimalist version of the OS. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/6/12 1:57 AM, Chris Hill wrote: On Tue, 5 Jun 2012, G?k?in Akdeniz wrote: For the time being only ARM platform is restricted. True, but I would be astonished if this restriction were not expanded by MS in the future. Just my opinion, but I believe their ultimate goal is to add platforms until the secure boot restriction encompasses most or all desktop and server hardware. This would be over a period of years. I direct you to an older version of the matrix, where microsoft was discussing Paladium and TCPA. These are the exact same. And these are a liberty killer. http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 6 Jun 2012 07:36:24 -0400 Jerry wrote: In any event, it won't belong before some hacker comes up with a way to circumvent the entire process anyway, It sounds like Fedora already have. They say that they are only going to sign a thin shim that loads grub. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
RW rwmailli...@googlemail.com wrote: On Wed, 6 Jun 2012 07:36:24 -0400 Jerry wrote: In any event, it won't belong before some hacker comes up with a way to circumvent the entire process anyway, It sounds like Fedora already have. They say that they are only going to sign a thin shim that loads grub. not exactly. *GRIN* Fedora'a 'thin shim' will be signed, to keep an (always-, or other) enabled 'secure BIOS' loader happy. Fedora will provide an option -- which will remain 'user-settable' (regardless of whether the 'secure BIOS' signature is mandatory -- to either ENFORCE or IGNORE a requirement for valid 'signatures' on the subsequently loaded pieces of the O/S -- 2nd/3rd/etc-stage boot loaders, the kernel itself, any loadable modules, etc. And, Fedora will sign all _Fedora-supplied_ files that meet that criteria. Thus an end-user can run with 'secure boot' fully enabled, with only signed files being loadable as part of the O/S -- using either Fedora-supplied signed files, -or- files that they, themselves, have signed. OR, with BIOS signing required (the 'thin shim' loader) but signing of subsequent files -not- required, OR, (if the hardware manufacturer allows it) with BIOS signing disabled. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? Maybe a common marketing and sales model comes from software to hardware too: You don't actually own the hardware! When you give money to the manufacturer (maybe through vendors or retailers), you receive hardware _plus_ a limited set of rights which you may exercise on that hardware, maybe for a limited time. By purchasing the hardware that way, you may even have implicitely signed a kind of agreement (cf. EULA) that you accept those licensing of hardware. You do _not_ own it in order to exercise your free will on it, like I have the right to wipe 'Windows' and install something else, which might result in a loss of warranty. You may only run what the manufacturer allows you to run (by providing the proper boot mechanism for it that just works). If the manufacturer may decide that you shouldn't boot that system you bought anymore, he can retract the permissions and the device you paid money for will be rendered into a shiny brick. This _is_ possible, and as human nature teaches: Everything that is possible _will_ be done, no matter if we recognize it immediately or not. And the worst solution prevails, so whatever we may assume about the future, the future will be much worse. :-) Note that flats are a familiar example of this model. You may live in the flat, but by paying a rent you don't own it. What you may do is limited. Another valid interpretation of this problem is of course defective by design and planned obsolescense. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Contract penalty clause maybe ? Lawyers ? Otherwise one of us would purchase a key for $99, then publish the key so we could all forever more compile boot our own kernels. But that would presumably break the trap Microsoft Verisign seek to impose. It seems dangerous. I suspect we (the free source community) will need to campaign, to engage for eg more EU fines against monoplists to force them to back off. I say EU, 'cos they have done it before, so our best bet so far, but it doesnt matter much which governments impose swingeing anti monoploy fines, as long as enough do, to deter MS verisign etc. Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, indent with . Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On 2012-06-05 17:20, Jerry wrote: The question that I have not seen answered in this thread is what FreeBSD intents to do. From what I have seen, most FreeBSD users do not use the latest versions of most hardware, so it may be a while before its user base is even effected. I don't believe at this point FreeBSD has any intent one way or another, really. It's not an immediate problem for any platform supported by the FreeBSD project, at least for a technically-inclined user who's willing to check out their BIOS. (Even if they are using the latest hardware, the x86-derived platforms aren't going to require this code signing yet.) So it'll probably be a 'wait and see if it's something the FreeBSD community needs a solution for' at this point. But this is just my impression. In slight defense of RedHat: They do a lot of worrying about enterprise and government customers, many of whom don't really care what platform they are running on - as long as they can get 'support' and it passes their security/operational tests. In that environment, I can easily see some middle-manager decreeing that disabling the signed-boot process is verboten, without any understanding of the meaning or the consequences, and enforcing it on the whole company/division, to the point where any non-signed OS would be thrown out the door. FreeBSD has probably already been thrown out the door at those types of locations, as there is no 'official' support channel. (Yes, for my sins, I work at one of these...) Daniel T. Staal --- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 6 Jun 2012, Julian H. Stacey wrote: I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Contract penalty clause maybe ? Lawyers ? A limited-liability company with no assets is judgement-proof. Otherwise one of us would purchase a key for $99, then publish the key so we could all forever more compile boot our own kernels. But that would presumably break the trap Microsoft Verisign seek to impose. Could it really be that simple? As for hardware vendors putting revoked keys in the ROM - are they really THAT cooperative? Seems like they would drag their feet on ROM updates if they had to add a lot of stuff that won't help them, so that doesn't seem like a great enforcement tool. dan feenberg ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/6/12 6:45 PM, Daniel Feenberg wrote: On Wed, 6 Jun 2012, Julian H. Stacey wrote: I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Contract penalty clause maybe ? Lawyers ? A limited-liability company with no assets is judgement-proof. Otherwise one of us would purchase a key for $99, then publish the key so we could all forever more compile boot our own kernels. But that would presumably break the trap Microsoft Verisign seek to impose. Could it really be that simple? As for hardware vendors putting revoked keys in the ROM - are they really THAT cooperative? Seems like they would drag their feet on ROM updates if they had to add a lot of stuff that won't help them, so that doesn't seem like a great enforcement tool. dan feenberg Oh god... Please realize that once the key is divulged, it gets revoked at the BIOS' next update. Otherwise the key's purpose is rendered moot. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6/6/12 7:23 PM, Robert Bonomi wrote: Julian H. Stacey j...@berklix.com wrote: I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Contract penalty clause maybe ? Lawyers ? Contract with _whom_? The party you pay money to -- Verisign -- simply certifies that the party buying the certificate/signing-key -is- who they claim to be. It is *entirely* up to the owner of that certificate/signing-key -who- they allow to use it. If someone/anyone attempts to 'revoke' that certificate/key _other_ than at the request of the owner of that certificate/key, *THAT* party is subject to legal sanctions. Among other things, 'false persona', 'tortuous inter- ference in a business relationship', just to name a few. There is, however, an 'interesting' legal question -- *if* a party were to let 'anybody' use their certificate/key, what is the certificat/key owner's legal liability if someone uses that key to sign malware? Standard contract writeup stipulates that only a limited set of 'authorized' company representatives be given access to the Signing Key. If the key should be divulged, then the key may be revoked by the issuer. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On Wed, 06 Jun 2012 12:49:53 -0400 Daniel Staal articulated: On 2012-06-05 17:20, Jerry wrote: The question that I have not seen answered in this thread is what FreeBSD intents to do. From what I have seen, most FreeBSD users do not use the latest versions of most hardware, so it may be a while before its user base is even effected. I don't believe at this point FreeBSD has any intent one way or another, really. It's not an immediate problem for any platform supported by the FreeBSD project, at least for a technically-inclined user who's willing to check out their BIOS. (Even if they are using the latest hardware, the x86-derived platforms aren't going to require this code signing yet.) So it'll probably be a 'wait and see if it's something the FreeBSD community needs a solution for' at this point. But this is just my impression. I totally agree with you. Unfortunately that speaks to the sad state of affairs that FreeBSD appears to be in. When it comes to supporting the latest technologies, it tends to be behind the curve when compared to other operating systems. Wireless networking and USB support are only a few examples. I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. Large companies would all ready have the infrastructure in place to handle this sort of problem and as you pointed out would be working with a *nix vendor that could properly meet their needs. Said vendor would have all ready taken care of the UEFI Secure Boot problem. In slight defense of RedHat: They do a lot of worrying about enterprise and government customers, many of whom don't really care what platform they are running on - as long as they can get 'support' and it passes their security/operational tests. In that environment, I can easily see some middle-manager decreeing that disabling the signed-boot process is verboten, without any understanding of the meaning or the consequences, and enforcing it on the whole company/division, to the point where any non-signed OS would be thrown out the door. FreeBSD has probably already been thrown out the door at those types of locations, as there is no 'official' support channel. (Yes, for my sins, I work at one of these...) What sin? You use a product and want it properly supported. You have an absolute right to that. Posting a message on a forum and hoping that someone can answer it is not the type of support a business would want. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
From owner-freebsd-questi...@freebsd.org Wed Jun 6 13:46:43 2012 Date: Wed, 06 Jun 2012 20:44:57 +0200 From: Damien Fleuriot m...@my.gd To: freebsd-questions@freebsd.org Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? On 6/6/12 7:23 PM, Robert Bonomi wrote: Julian H. Stacey j...@berklix.com wrote: I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Contract penalty clause maybe ? Lawyers ? Contract with _whom_? The party you pay money to -- Verisign -- simply certifies that the party buying the certificate/signing-key -is- who they claim to be. It is *entirely* up to the owner of that certificate/signing-key -who- they allow to use it. If someone/anyone attempts to 'revoke' that certificate/key _other_ than at the request of the owner of that certificate/key, *THAT* party is subject to legal sanctions. Among other things, 'false persona', 'tortuous inter- ference in a business relationship', just to name a few. There is, however, an 'interesting' legal question -- *if* a party were to let 'anybody' use their certificate/key, what is the certificat/key owner's legal liability if someone uses that key to sign malware? Standard contract writeup stipulates that only a limited set of 'authorized' company representatives be given access to the Signing Key. Which simply begs the question. _who_ decides who is or is not an 'authorized' representative? Or how many such persons are allowed? If the key should be divulged, then the key may be revoked by the issuer. Suppose I put up a web app that takes an executable as input, signs it with my key, and returns the signed filt to the submitter. I don't divulge the key to anyone, just use it on 'anything'. Anybody attempting to revoke on _that_ basis is asking for a lawsuit. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 6 Jun 2012, Damien Fleuriot wrote: On 6/6/12 6:45 PM, Daniel Feenberg wrote: On Wed, 6 Jun 2012, Julian H. Stacey wrote: I do wonder about that. What incentive does the possesor of a signing key have to keep it secret? Contract penalty clause maybe ? Lawyers ? A limited-liability company with no assets is judgement-proof. Otherwise one of us would purchase a key for $99, then publish the key so we could all forever more compile boot our own kernels. But that would presumably break the trap Microsoft Verisign seek to impose. Could it really be that simple? As for hardware vendors putting revoked keys in the ROM - are they really THAT cooperative? Seems like they would drag their feet on ROM updates if they had to add a lot of stuff that won't help them, so that doesn't seem like a great enforcement tool. dan feenberg Oh god... Please realize that once the key is divulged, it gets revoked at the BIOS' next update. But my point is that MS doesn't issue the updates, they have to ask the BIOS vendors to do so, and then the MB vendors have to take the update, and then the users have to install the update. The incentive at each level is generally very small. It does create some confusion, but is hardly an enforcement mechanism. It would disable older versions of FreeBSD on newer hardware, but not much else. A previous poster has pointed out that MS can't revoke a certificate belonging to RH, but I suppose the could ask the BIOS vendors to treat it as revoked. I don't know what the response would be. Daniel Feenberg Otherwise the key's purpose is rendered moot. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, 06 Jun 2012 13:44:57 -0500, Damien Fleuriot m...@my.gd wrote: If the key should be divulged, then the key may be revoked by the issuer. Revoked how? Wouldn't they have to issue a firmware update to actually revoke it? The UEFI firmware doesn't have network access ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On Wed, Jun 6, 2012 at 3:05 PM, Jerry je...@seibercom.net wrote: On Wed, 06 Jun 2012 12:49:53 -0400 Daniel Staal articulated: On 2012-06-05 17:20, Jerry wrote: The question that I have not seen answered in this thread is what FreeBSD intents to do. From what I have seen, most FreeBSD users do not use the latest versions of most hardware, so it may be a while before its user base is even effected. I don't believe at this point FreeBSD has any intent one way or another, really. It's not an immediate problem for any platform supported by the FreeBSD project, at least for a technically-inclined user who's willing to check out their BIOS. (Even if they are using the latest hardware, the x86-derived platforms aren't going to require this code signing yet.) So it'll probably be a 'wait and see if it's something the FreeBSD community needs a solution for' at this point. But this is just my impression. I totally agree with you. Unfortunately that speaks to the sad state of affairs that FreeBSD appears to be in. When it comes to supporting the latest technologies, it tends to be behind the curve when compared to other operating systems. Wireless networking and USB support are only a few examples. I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. I would have to disagree with you there. I know of quite a few users who happen to run one of the world's largest content distribution networks (accounting for about one third of the internet's traffic; up there with pornography). They purchased more than just a handful of new computers and threw FreeBSD on them: http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068129.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware and run a free (or in the case of Linux apparently free) OS on free hardware. There are increasing numbers of SBCs and plenty of used servers on Ebay. They're all built better than commodity Intel mafiaware. Good riddance! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Yes, let's all run ALPHA and MIPS hardware. I'll just jam my Nvidia card into one of the available slots and everything should work OK, right? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On Wed, 6 Jun 2012 15:55:16 -0400 Robert Simmons articulated: On Wed, Jun 6, 2012 at 3:05 PM, Jerry je...@seibercom.net wrote: On Wed, 06 Jun 2012 12:49:53 -0400 Daniel Staal articulated: On 2012-06-05 17:20, Jerry wrote: The question that I have not seen answered in this thread is what FreeBSD intents to do. From what I have seen, most FreeBSD users do not use the latest versions of most hardware, so it may be a while before its user base is even effected. I don't believe at this point FreeBSD has any intent one way or another, really. It's not an immediate problem for any platform supported by the FreeBSD project, at least for a technically-inclined user who's willing to check out their BIOS. (Even if they are using the latest hardware, the x86-derived platforms aren't going to require this code signing yet.) So it'll probably be a 'wait and see if it's something the FreeBSD community needs a solution for' at this point. But this is just my impression. I totally agree with you. Unfortunately that speaks to the sad state of affairs that FreeBSD appears to be in. When it comes to supporting the latest technologies, it tends to be behind the curve when compared to other operating systems. Wireless networking and USB support are only a few examples. I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. I would have to disagree with you there. I know of quite a few users who happen to run one of the world's largest content distribution networks (accounting for about one third of the internet's traffic; up there with pornography). They purchased more than just a handful of new computers and threw FreeBSD on them: http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068129.html It is late and I am tired; however, unless I am misreading this, this is not dealing with a typical home use but a corporate entity. You omitted my last paragraph in my reply that clearly dealing with corporations. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On 2012-06-06 15:05, Jerry wrote: On Wed, 06 Jun 2012 12:49:53 -0400 Daniel Staal articulated: I don't believe at this point FreeBSD has any intent one way or another, really. It's not an immediate problem for any platform supported by the FreeBSD project, at least for a technically-inclined user who's willing to check out their BIOS. (Even if they are using the latest hardware, the x86-derived platforms aren't going to require this code signing yet.) So it'll probably be a 'wait and see if it's something the FreeBSD community needs a solution for' at this point. But this is just my impression. I totally agree with you. Unfortunately that speaks to the sad state of affairs that FreeBSD appears to be in. When it comes to supporting the latest technologies, it tends to be behind the curve when compared to other operating systems. Wireless networking and USB support are only a few examples. That was not my intended message with the above. :) FreeBSD supports several server-class hardware platforms. ARM is not currently a server-class hardware platform. (It's a very interesting platform for mobile and small devices, but it has not seen any significant use that I am aware of in the market that FreeBSD is primarily aimed at.) Secure Boot - if even a part of the platform - can easily be disabled on those platforms. So it is not a current problem, and there is a fair amount of bad feeling about the technology, so it may not ever be a problem. RedHat is facing severe backlash from the community because it supported this technology. A 'wait and see' approach to whether it needs to be supported at all - especially as it doesn't appear to need support at present - is a reasonable course. I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. *Raises hand*. I did this with two boxes within the past year. One turned out to be to new for FreeBSD - but Linux didn't have support for it yet at that point either. Now either does. In slight defense of RedHat: They do a lot of worrying about enterprise and government customers, many of whom don't really care what platform they are running on - as long as they can get 'support' and it passes their security/operational tests. In that environment, I can easily see some middle-manager decreeing that disabling the signed-boot process is verboten, without any understanding of the meaning or the consequences, and enforcing it on the whole company/division, to the point where any non-signed OS would be thrown out the door. FreeBSD has probably already been thrown out the door at those types of locations, as there is no 'official' support channel. (Yes, for my sins, I work at one of these...) What sin? You use a product and want it properly supported. You have an absolute right to that. Posting a message on a forum and hoping that someone can answer it is not the type of support a business would want. I'm not sure what sin I committed to be consigned to this place, but it must have been heinous. (And in many cases 'official support' appears to be 'post a message about it on our forum, so we can ignore you more efficiently'.) Daniel T. Staal --- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, Jun 6, 2012 at 3:52 PM, Dave U. Random anonym...@anonymitaet-im-inter.net wrote: Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware and run a free (or in the case of Linux apparently free) OS on free hardware. But this is more to do with the BIOS than with Intel as such. Wasn't there a FreeBIOS, later LinuxBIOS, now coreboot I believe..? So replacing the BIOS entirely wouldn't suffice to override all this nonsense? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Wed, Jun 06, 2012 at 02:23:20PM +0200, Damien Fleuriot wrote: I agree with the whole post except that last bit about ICANN Matthew. The US already has enough dominance as is, without involving ICANN, a supposedly neutral body (yeah right...) any further. Indeed. The last thing we need is some self-appointed authority purporting to have the last word on what qualifies as secure. There is no need for a third-party certification of secure booting. If there is need for such a secure booting mechanism at all, it is a need for the ability of end-of-chain device owners to be able to set their own keys, without the involvement of any third parties, and an out-of-band key verification mechanism. Once again, I feel it incumbent upon me to point to examples like OpenPGP's keyserver network as the counter-proposal to a cetifying authority charging money to allow people to control their own system security in what amounts to a vacant lot scam. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Wojciech Puchar woj...@tensor.gdynia.pl wrote: anyway NOBODY are forced to buy micro-soft software. That's almost correct but not quite. In 99% of the cases any Intel commodity mafiaware comes with a preinstalled Winblows. You're paying for it whether you want it or not. You can get a refund in many cases but it's more effort than most peoples' time is worth. Nobody is forced to buy a PC. True. I got rid of all my Intel mafiaware a few years ago and I don't miss it. It's nice in the winter as well. Doing this with PC market will result in larger market share for non-Wintel hardware. I hope it does but sheeple are stupid and don't care. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net wrote: Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware and run a free (or in the case of Linux apparently free) OS on free hardware. There are increasing numbers of SBCs and plenty of used servers on Ebay. They're all built better than commodity Intel mafiaware. Good riddance! You have no idea what you're talking about. This kind of religious propaganda post is neither constructive nor helpful. I don't trust AMD with my servers' CPUs, not since many years ago when they had all these overheating problems.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 06/06/2012 20:27, Robert Bonomi wrote: Suppose I put up a web app that takes an executable as input, signs it with my key, and returns the signed filt to the submitter. I don't divulge the key to anyone, just use it on 'anything'. Anybody attempting to revoke on _that_ basis is asking for a lawsuit. To me it would be perfectly reasonable to revoke the key as soon as you signed the first piece of malware. And then anyone who has used the service is left with broken binaries, so the model fails. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Contract penalty clause maybe ? Lawyers ? A limited-liability company with no assets is judgement-proof. There's set up running costs (time money), other exposure http://berklix.com/~jhs/mecc/ltd_gmbh.html Easiest done by those who have done it before, One would be careful, there's exposure to directors individual liabilities eg fraud laws perhaps in some scenarios, not wanting to be struck off listed as somone not allowed to be a director of other companies. Otherwise one of us would purchase a key for $99, then publish the key so we could all forever more compile boot our own kernels. But that would presumably break the trap Microsoft Verisign seek to impose. Could it really be that simple? I doubt it. Even if so, best avoid one individual in the firing line. It's not nice being a small company director personaly targeted by lawyers of a rich malicious company. Being in another country gives little protection, remote lawyers hire local lawyers to harass. They don't even need a good chance of winning, inventive threats, stress costs unpleasant. Best activate officials with big budgets manpower to fight back. We should unite with other Free Source groups approach inform eg the Competition Commisioner of the European Union (which has already fined MS heavily before on anti monopoly issues) http://en.wikipedia.org/wiki/European_Union_Microsoft_competition_case http://www.msnbc.msn.com/id/23366103/ns/business-world_business/t/eu-fines-microsoft-record-billion/ I recall George Bush junior quashed the last go at breaking up Microsoft, but maybe the present USA govt. could be encouraged to fine MS, even if they don't fancy breaking the monopoly aka http://en.wikipedia.org/wiki/Standard_Oil Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, indent with . Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
From owner-freebsd-questi...@freebsd.org Wed Jun 6 18:13:09 2012 Date: Thu, 07 Jun 2012 00:09:54 +0100 From: Bruce Cran br...@cran.org.uk To: Robert Bonomi bon...@mail.r-bonomi.com Cc: freebsd-questions@freebsd.org Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? On 06/06/2012 20:27, Robert Bonomi wrote: Suppose I put up a web app that takes an executable as input, signs it with my key, and returns the signed filt to the submitter. I don't divulge the key to anyone, just use it on 'anything'. Anybody attempting to revoke on _that_ basis is asking for a lawsuit. To me it would be perfectly reasonable to revoke the key as soon as you signed the first piece of malware. It may seem reasonable to you, but is there -legal- basis to do so? 'signing' only provides assurance of the identity of the signer. I did sign it. The key has not been compromised. The software in question is tracable to the signer, but the signer never claimed it was 'error free', what conract or statute did they breach by doing the signing? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Jun 6, 2012, at 4:54 PM, Robert Bonomi wrote: [ ... ] It may seem reasonable to you, but is there -legal- basis to do so? Go ask your lawyer. freebsd-questions isn't qualified to provide you with legal advice. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
From owner-freebsd-questi...@freebsd.org Wed Jun 6 19:01:14 2012 From: Chuck Swiger cswi...@mac.com Date: Wed, 06 Jun 2012 16:59:36 -0700 To: Robert Bonomi bon...@mail.r-bonomi.com Cc: freebsd-questions@freebsd.org Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? On Jun 6, 2012, at 4:54 PM, Robert Bonomi wrote: [ ... ] It may seem reasonable to you, but is there -legal- basis to do so? Go ask your lawyer. freebsd-questions isn't qualified to provide you with legal advice. Thank you for your opinion. However, if you had bothered to read the thread you woul understand that it was not a solicitation of legal advice. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
(cf. EULA) that you accept those licensing of hardware. Also, I think you'll find that such actions are already illegal certainly in the UK, and I believe EU wide. Yes illegal for English law (England Scotland have different contract laws). Contract terms given after money changes hands are Not part of contract. (Reasonable Eh ?) Case law since in UK, NCP National Car Park lost an appeals court decision on their nasty disclaimers visible only after you'd paid to enter car park. (PS Matthew, I noticed in Canterbury NCP built an escape lane in their car park after. So one could then queue up to park, theoreticaly block the lane, read super fast all the disclaimers, before deciding to either pay enter or take the sharp curve out. I've always hoped all the (usually American) legal rubbish in the sealed packages I bought in Germany were on same principle irrelevant, (but no idea). USA companies later learnt to ship with front page in transparent bags, but still not usualy readable till after purchase. Maybe USA restraint of trade laws could penalise a monopolist working to convert a market to sell computers that (if amd64) have been been crippled to only work with associate bsuiness partners ? Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, indent with . Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Mark Felder f...@feld.me wrote: Yes, let's all run ALPHA and MIPS hardware. I'll just jam my Nvidia card into one of the available slots and everything should work OK, right? Dear Numbskull, It's co-dependent hostages like you who enable Intel Mafiaware. According to your logic we should all be using Windows since everything just works, right? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Damien Fleuriot m...@my.gd wrote: On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net wrote: Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware and run a free (or in the case of Linux apparently free) OS on free hardware. There are increasing numbers of SBCs and plenty of used servers on Ebay. They're all built better than commodity Intel mafiaware. Good riddance! You have no idea what you're talking about. I have no idea what you're talking about. Does that count? This kind of religious propaganda post is neither constructive nor helpful. But your expansive and well-reasoned rebuttal is? Is mafiaware a religious issue? I thought it was common sense. Thanks for your half-assed attempt to marginalize it. I don't think you were successful. If at first... I don't trust AMD with my servers' CPUs, not since many years ago when they had all these overheating problems. I don't really care about that. But I'm sure you feel better after getting it off your chest. Still, that doesn't have to do with two major corporations conspiring to butt-fuck the consumer. At most it involved one company. So, for now, this is more important than what you wanted to talk about. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Alejandro Imass a...@p2ee.org wrote: On Wed, Jun 6, 2012 at 3:52 PM, Dave U. Random anonym...@anonymitaet-im-inter.net wrote: Polytropon free...@edvax.de wrote: On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote: Having to pay Verisign instead of Microsoft makes no difference: the point is why should I have to pay anything to a third party in order to run whatever OS I want on a piece of hardware I own? It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD, NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's an overgrown ugly mess. We need to stop buying Intel mafiaware with preinstalled Microshaft mafiaware and run a free (or in the case of Linux apparently free) OS on free hardware. But this is more to do with the BIOS than with Intel as such. Intel and Microshaft conspired together and now they get to decide what BIOS they sell you. They figured out a way to make it harder for non-Winblows OS to be installed on most commodity shitboxes made after this goes into effect. Wasn't there a FreeBIOS, later LinuxBIOS, now coreboot I believe..? I can tell from your question it was a smashing success. Everybody uses it. Somebody's heard of it? So replacing the BIOS entirely wouldn't suffice to override all this nonsense? Probably but very few people can flash their own BIOS. Hell, they can't even install a copy of Windows bought off the shelf...What if the BIOS has protection against reflashing? Otherwise it won't be secure... Just because smart people can work around something doesn't make it right. Say NO to the Intel and Microshaft mafia, say NO to secure boot that isn't. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On Wed, Jun 06, 2012 at 03:05:00PM -0400, Jerry wrote: I don't know of any user personally who purchased a new PC and then threw FreeBSD on it. Most users that I have come into contact with use 2+ year old units that have been replaced by shiny new Windows units. I don't see that changing anytime soon. I have immediately installed FreeBSD on the last four or five laptops I purchased, and I get most of my laptops direct from Lenovo. While my Significant Other has been installing Debian on her laptops, also acquired from Lenovo, she is probably going to start using FreeBSD instead next time. I know several other people who install FreeBSD on their new primary-use systems when they get them, including a couple of developers who do MS Windows development (among other things). This doesn't even take into account the servers many of us use, which are even more likely to get FreeBSD installed, and none of this has anything to do with corporate accounts or bulk purchases. Yes, my evidence is anecdotal, but I think your notions of the frequency of FreeBSD use other than in a corporate setting are also based on anecdotal observations, so we're even. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Is this something we (as consumers of FreeBSD) need to be aware of?
UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, Jun 5, 2012 at 1:19 PM, Kurt Buff kurt.b...@gmail.com wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. Red Hat is the one that is apparently paying for it. I believe that should be unnecessary. It would only be a matter of time before someone breaks the M$ layer of poop that is supposed to prevent folks from booting other OSes other than Window$. They hit the panic button too soon IMHO. There is a thread on Fedora list about this and many people are unsure that Red Hat paying for secure boot was the right thing to do. See the archives for references. Regards, Antonio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, 5 Jun 2012 11:19:26 -0700, Kurt Buff wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ I may reply with another link: http://mjg59.dreamwidth.org/12368.html This would seem to make compiling from source difficult. It won't need much time until hackers find a way to find a way around booting restrictions. Maybe this is an additional step needed to make non-Windows boot on then-current hardware. A free market won't allow a situation come up that requires the competitor to obtain a permission by its concurrent to make his product work. It would also show a security feature being an aspect of defective by design regarding computer hardware and its manufacturers. Compiling from source? You don't even get that far! :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 05/06/2012 19:27, Antonio Olivares wrote: I believe that should be unnecessary. It would only be a matter of time before someone breaks the M$ layer of poop that is supposed to prevent folks from booting other OSes other than Window$. They hit the panic button too soon IMHO. Press Delete/F1 during boot, select Advanced - Trusted Computing. Change TCG/TPM Support to No. But according to Cory Doctorow, that's far too finicky and highly technical (http://boingboing.net/2012/05/31/lockdown-freeopen-os-maker-p.html)! By the way it's not Microsoft's stuff people would have to break, but UEFI. I think secure boot actually makes sense, but preventing users disabling it or installing their own keys on ARM platforms is totally wrong. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ That's restriction is only for ARM devices which have a label that says Desgined for Windows8. In other words those devices can not boot another os except Windows 8 due to secure boot option enabled by default. The short and the long of it Microsoft is copying Apple on tablets with ARM. -- Gökşin Akdeniz goksin.akde...@gmail.com pgpcIJoL7PW9l.pgp Description: PGP signature
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Quoting Kurt Buff kurt.b...@gmail.com: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. I don't see how this MS scam is even at all legal. It is clearly restraint of trade and probably violates some other related laws too. jerry Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On 05/06/2012 20:12, Gökşin Akdeniz wrote: That's restriction is only for ARM devices which have a label that says Desgined for Windows8. In other words those devices can not boot another os except Windows 8 due to secure boot option enabled by default. Not quite. As I understand it, on ARM secure boot will be enabled by default and users won't have any option of disabling it or adding their own keys. On x86 secure boot will be enabled by default too, but with the option of disabling it or adding custom keys. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
Not quite. As I understand it, on ARM secure boot will be enabled by default and users won't have any option of disabling it or adding their own keys. That is correct. ARM based tablets which have Windows 8 preinstalled will only boot Windows 8. There is no chance of disabling secure boot on ARM tables with Windows 8. On x86 secure boot will be enabled by default too, but with the option of disabling it or adding custom keys. Micrsoft confirms that there will be no obligations for secure boot option on x86 and x86_64 platforms. It is up to vendor and users to decide to enable secure boot or not. Besides users may add/delete/manage own keys with secure boot options. For the time being only ARM platform is restricted. -- Gökşin Akdeniz goksin.akde...@gmail.com pgpu07jFpvwU0.pgp Description: PGP signature
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On Tue, Jun 05, 2012 at 11:19:26AM -0700, Kurt Buff wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ This would seem to make compiling from source difficult. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org History show us that _everything_ will eventually run *nix. Take a look at the Sony PS3 debacle. After Sony yanked support for installing other OS's, the community ripped apart their hypervisor in a matter of months. If these boot keys do gain any momentum, sooner than later the community with poke holes in the system. -- Colin Barnabas - End forwarded message - -- Colin Barnabas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, 5 Jun 2012, Polytropon wrote: On Tue, 5 Jun 2012 11:19:26 -0700, Kurt Buff wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ I may reply with another link: http://mjg59.dreamwidth.org/12368.html I have a pretty basic question that probably displays some ignorance... Does the loader need to be signed? Once signed, can it load anything, or just things MS has approved? If MS signs the kernel, can the kernel run anything, or just things MS has approved? If RH has a signed kernel, do they have to sign all the userland programs that run under that kernel? Can users sign programs compiled from source? If MS only has to sign the first link in the chain, then the $99 certificate is not really a problem except for the pure of heart. If MS or someone else has to sign all the way down to the userland binaries, then users of FreeBSD will have to turn off secure boot in CMOS, and it will lose a few users. But I can't tell from the discussions mentioned above. Either way, I don't think it will destroy FreeBSD, or Linux, but I would be interested anyway. Daniel Feenberg ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?]
On Tue, 5 Jun 2012 13:19:00 -0700 Colin Barnabas articulated: History show us that _everything_ will eventually run *nix. Perhaps, but *nix will not run everything. Take a look at the Sony PS3 debacle. After Sony yanked support for installing other OS's, the community ripped apart their hypervisor in a matter of months. If these boot keys do gain any momentum, sooner than later the community with poke holes in the system. Which, depending on how the end user or his flunky poke holes in the system, may allow vendors to disallow warranty claims. The question that I have not seen answered in this thread is what FreeBSD intents to do. From what I have seen, most FreeBSD users do not use the latest versions of most hardware, so it may be a while before its user base is even effected. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, 5 Jun 2012 17:00:14 -0400 (EDT) Daniel Feenberg articulated: On Tue, 5 Jun 2012, Polytropon wrote: On Tue, 5 Jun 2012 11:19:26 -0700, Kurt Buff wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ I may reply with another link: http://mjg59.dreamwidth.org/12368.html I have a pretty basic question that probably displays some ignorance... Does the loader need to be signed? Once signed, can it load anything, or just things MS has approved? If MS signs the kernel, can the kernel run anything, or just things MS has approved? If RH has a signed kernel, do they have to sign all the userland programs that run under that kernel? Can users sign programs compiled from source? If MS only has to sign the first link in the chain, then the $99 certificate is not really a problem except for the pure of heart. If MS or someone else has to sign all the way down to the userland binaries, then users of FreeBSD will have to turn off secure boot in CMOS, and it will lose a few users. But I can't tell from the discussions mentioned above. Either way, I don't think it will destroy FreeBSD, or Linux, but I would be interested anyway. I thought this URL http://mjg59.dreamwidth.org/12368.html also shown above, answered that question. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, 5 Jun 2012, Jerry wrote: On Tue, 5 Jun 2012 17:00:14 -0400 (EDT) Daniel Feenberg articulated: On Tue, 5 Jun 2012, Polytropon wrote: On Tue, 5 Jun 2012 11:19:26 -0700, Kurt Buff wrote: UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ I may reply with another link: http://mjg59.dreamwidth.org/12368.html I have a pretty basic question that probably displays some ignorance... Does the loader need to be signed? Once signed, can it load anything, or just things MS has approved? If MS signs the kernel, can the kernel run anything, or just things MS has approved? If RH has a signed kernel, do they have to sign all the userland programs that run under that kernel? Can users sign programs compiled from source? If MS only has to sign the first link in the chain, then the $99 certificate is not really a problem except for the pure of heart. If MS or someone else has to sign all the way down to the userland binaries, then users of FreeBSD will have to turn off secure boot in CMOS, and it will lose a few users. But I can't tell from the discussions mentioned above. Either way, I don't think it will destroy FreeBSD, or Linux, but I would be interested anyway. I thought this URL http://mjg59.dreamwidth.org/12368.html also shown above, answered that question. It says once paid you can sign as many binaries as you want but I don't know if that means as many different binaries or as many copies of the same binary. Later it says they will write a new bootloader that MS will sign and adding support for verifying that the kernel it's about to boot is signed with a trusted key but I don't know if that kernel is signed by MS or RH, or if MS gets to approve it. Finally it says we'll be sanitising the kernel command line to avoid certain bits of functionality that would permit an attacker to cause even a signed kernel to launch arbitrary code but does arbitrary code refer to something I would want to do as a sys-admin? dan feenberg ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, 5 Jun 2012, G?k?in Akdeniz wrote: For the time being only ARM platform is restricted. True, but I would be astonished if this restriction were not expanded by MS in the future. Just my opinion, but I believe their ultimate goal is to add platforms until the secure boot restriction encompasses most or all desktop and server hardware. This would be over a period of years. -- Chris Hill ch...@monochrome.org ** [ Busy Expunging / ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
On Tue, 5 Jun 2012 19:57:30 -0400 (EDT) Chris Hill ch...@monochrome.org wrote: On Tue, 5 Jun 2012, G?k?in Akdeniz wrote: For the time being only ARM platform is restricted. True, but I would be astonished if this restriction were not expanded by MS in the future. Just my opinion, but I believe their ultimate goal is to add platforms until the secure boot restriction encompasses most or all desktop and server hardware. This would be over a period of years. -- Chris Hill ch...@monochrome.org ** [ Busy Expunging / ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org This seems all too likely to me. I expect it will become very hard to find a consumer laptop that will run other operating systems in a few years. There won't be any in Best Buy or Staples, one can be pretty sure. It will be a Windows or Mac world. Not an attractive future. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org