subject:"Re\: Is this something we $as consumers of FreeBSD$ need to be aware of\?"

On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote:
 
 It is fairly easy to understand both sides in this discussion. When
 Microsoft supporters refer to open-source software as open-sore or
 socialist-software the FOSS community becomes enraged. However, when
 the open-source community retaliates it is considered acceptable. Quite
 frankly I read far more Microsoft based forums than open-source based
 ones and I can say without a doubt, at least in my experience,
 Microsoft proponents never attack open-source with the venomous hatred
 that open-source attacks Microsoft. In fact, the majority of Microsoft
 users that I know could not care less about what they consider an
 overly burdensome (geeky) open-source operating system.
 
 The whole argument can probably be boiled do to this:
 
 Disparaging other operating systems (Microsoft) and pointing out its
 failures is beneficial, constructive and therapeutic. Pointing out
 problems and failures regarding your own OS is destructive and flame
 bait.

Perhaps you're spending too much time in the community venues of open
source software projects.  In communities devoted to use of software
peddled by Microsoft, the reverse would be true, and this seems to me not
the least bit surprising, or even particularly inappropriate.  When you
stroll into a venue where it can reasonably be assumed there is a general
consensus position of favoring one thing over another (such as a sports
bar in Colorado, which would likely favor the Broncos over the Raiders),
then start loudly proclaiming the evils of the favored thing relative to
the unfavored (such as talking about how much better the Raiders are than
the Broncos, and how the Broncos fans are all a bunch of pansy whiners,
as you tend to do about open source software users and advocates while
you're hanging out here on a FreeBSD mailing list), what you are
contributing to the discussion may quite understandably be called
flamebait.  Expressing surprise that someone would apply such a label
in these circumstances is, in my estimation, at least disingenuous if not
wholly ludicrous, directly deceptive, and/or frankly dumb.

I, for one, generally try to avoid saying nonfactually disparaging things
about Microsoft or (especially) users of software peddled by Microsoft in
venues like this mailing list, in part because it's a bit
unsportsmanlike, and in part because it doesn't really contribute
anything positive.  It's kind of mind-boggling that people like you make
no evident effort to avoid saying disparaging things about FreeBSD and
its users in venues like this mailing list, where it's trollish, does not
contribute anything positive, and directly offends large numbers of
people subscribed to the list.

-- 
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-11 Thread Jerry

On Mon, 11 Jun 2012 10:11:11 -0600
Chad Perrin articulated:

On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote:
 
 It is fairly easy to understand both sides in this discussion. When
 Microsoft supporters refer to open-source software as open-sore or
 socialist-software the FOSS community becomes enraged. However,
 when the open-source community retaliates it is considered
 acceptable. Quite frankly I read far more Microsoft based forums
 than open-source based ones and I can say without a doubt, at least
 in my experience, Microsoft proponents never attack open-source with
 the venomous hatred that open-source attacks Microsoft. In fact, the
 majority of Microsoft users that I know could not care less about
 what they consider an overly burdensome (geeky) open-source
 operating system.
 
 The whole argument can probably be boiled do to this:
 
 Disparaging other operating systems (Microsoft) and pointing out its
 failures is beneficial, constructive and therapeutic. Pointing out
 problems and failures regarding your own OS is destructive and flame
 bait.

Perhaps you're spending too much time in the community venues of open
source software projects.  In communities devoted to use of software
peddled by Microsoft, the reverse would be true, and this seems to me
not the least bit surprising, or even particularly inappropriate.
When you stroll into a venue where it can reasonably be assumed there
is a general consensus position of favoring one thing over another
(such as a sports bar in Colorado, which would likely favor the
Broncos over the Raiders), then start loudly proclaiming the evils of
the favored thing relative to the unfavored (such as talking about how
much better the Raiders are than the Broncos, and how the Broncos fans
are all a bunch of pansy whiners, as you tend to do about open source
software users and advocates while you're hanging out here on a
FreeBSD mailing list), what you are contributing to the discussion may
quite understandably be called flamebait.  Expressing surprise that
someone would apply such a label in these circumstances is, in my
estimation, at least disingenuous if not wholly ludicrous, directly
deceptive, and/or frankly dumb.

Your paranoia is kicking in again isn't it Chad. Anyway, to address
your sports analogy, if I walk into a NY City bar and enter into a
discussion regarding the pros and cons of the Jets VS Giants, which in
itself is ridiculous since neither is actually located in NY, and
blatantly scream out that the (Jets of Giants -- you pick) are a bunch
of mother-fucking, wife beating pedophiles, I think you would agree,
unless you happen to belong to that group, that I have gone way over
the top in my team assessment. There is a major difference between
criticizing and defamation. Perhaps someday you will learn the
difference. For the record, I have never heard of anyone using the term
mafia while referring to the FOSS. Then again, the Mafia is a
highly organized operation. I might also add that many people of
Italian descent consider the term mafia offensive.

I, for one, generally try to avoid saying nonfactually disparaging
things about Microsoft or (especially) users of software peddled by
Microsoft in venues like this mailing list, in part because it's a bit
unsportsmanlike, and in part because it doesn't really contribute
anything positive.  It's kind of mind-boggling that people like you
make no evident effort to avoid saying disparaging things about
FreeBSD and its users in venues like this mailing list, where it's
trollish, does not contribute anything positive, and directly offends
large numbers of people subscribed to the list.

When was this election held Chad? I am referring to the one that
appointed you list spokesperson. In any case, you make an interesting
statement without offering any documentation. Are you a politician
Chad? I was inquiring because you seem to like making sound bites sans
substance.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

On Mon, Jun 11, 2012 at 12:59:46PM -0400, Jerry wrote:
 On Mon, 11 Jun 2012 10:11:11 -0600 Chad Perrin articulated:
 
 On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote:
  
  It is fairly easy to understand both sides in this discussion. When
  Microsoft supporters refer to open-source software as open-sore or
  socialist-software the FOSS community becomes enraged. However,
  when the open-source community retaliates it is considered
  acceptable. Quite frankly I read far more Microsoft based forums
  than open-source based ones and I can say without a doubt, at least
  in my experience, Microsoft proponents never attack open-source with
  the venomous hatred that open-source attacks Microsoft. In fact, the
  majority of Microsoft users that I know could not care less about
  what they consider an overly burdensome (geeky) open-source
  operating system.
  
  The whole argument can probably be boiled do to this:
  
  Disparaging other operating systems (Microsoft) and pointing out its
  failures is beneficial, constructive and therapeutic. Pointing out
  problems and failures regarding your own OS is destructive and flame
  bait.
 
 Perhaps you're spending too much time in the community venues of open
 source software projects.  In communities devoted to use of software
 peddled by Microsoft, the reverse would be true, and this seems to me
 not the least bit surprising, or even particularly inappropriate.
 When you stroll into a venue where it can reasonably be assumed there
 is a general consensus position of favoring one thing over another
 (such as a sports bar in Colorado, which would likely favor the
 Broncos over the Raiders), then start loudly proclaiming the evils of
 the favored thing relative to the unfavored (such as talking about how
 much better the Raiders are than the Broncos, and how the Broncos fans
 are all a bunch of pansy whiners, as you tend to do about open source
 software users and advocates while you're hanging out here on a
 FreeBSD mailing list), what you are contributing to the discussion may
 quite understandably be called flamebait.  Expressing surprise that
 someone would apply such a label in these circumstances is, in my
 estimation, at least disingenuous if not wholly ludicrous, directly
 deceptive, and/or frankly dumb.
 
 Your paranoia is kicking in again isn't it Chad. Anyway, to address
 your sports analogy, if I walk into a NY City bar and enter into a
 discussion regarding the pros and cons of the Jets VS Giants, which in
 itself is ridiculous since neither is actually located in NY, and
 blatantly scream out that the (Jets of Giants -- you pick) are a bunch
 of mother-fucking, wife beating pedophiles, I think you would agree,
 unless you happen to belong to that group, that I have gone way over
 the top in my team assessment. There is a major difference between
 criticizing and defamation. Perhaps someday you will learn the
 difference. For the record, I have never heard of anyone using the term
 mafia while referring to the FOSS. Then again, the Mafia is a
 highly organized operation. I might also add that many people of
 Italian descent consider the term mafia offensive.

I'm going to actually ignore your completely irrelevant and hilariously
unfounded attempt at psychiatric diagnosis beyond this sentence, and get
to the point:

Ignoring for the moment http://linuxmafia.com it is true that I have
generally not heard of open source software or its community referred to
as mafia, but I have heard of such things referred to as being
socialist, fascist, or otherwise pejoratively accused of inapplicable
political, criminal, or generally objectionable (in at least someone's
eyes) character.  Three guesses who comes first to mind as having made
such statements, and the first two guesses don't count.


 
 I, for one, generally try to avoid saying nonfactually disparaging
 things about Microsoft or (especially) users of software peddled by
 Microsoft in venues like this mailing list, in part because it's a bit
 unsportsmanlike, and in part because it doesn't really contribute
 anything positive.  It's kind of mind-boggling that people like you
 make no evident effort to avoid saying disparaging things about
 FreeBSD and its users in venues like this mailing list, where it's
 trollish, does not contribute anything positive, and directly offends
 large numbers of people subscribed to the list.
 
 When was this election held Chad? I am referring to the one that
 appointed you list spokesperson. In any case, you make an interesting
 statement without offering any documentation. Are you a politician
 Chad? I was inquiring because you seem to like making sound bites sans
 substance.

I referred to no election.  I am not list spokesperson, nor do I pretend
to be or act as one, any more than you are the spokesperson for
capitalism.  I'm simply pointing out that you are an insufferable,
trollish jackass, initially in a polite manner.  The fact you avoid
actually engaging my

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-11 Thread Jerry

On Mon, 11 Jun 2012 11:44:11 -0600
Chad Perrin articulated:

On Mon, Jun 11, 2012 at 12:59:46PM -0400, Jerry wrote:
 On Mon, 11 Jun 2012 10:11:11 -0600 Chad Perrin articulated:
 
 On Sun, Jun 10, 2012 at 07:23:20AM -0400, Jerry wrote:
  
  It is fairly easy to understand both sides in this discussion.
  When Microsoft supporters refer to open-source software as
  open-sore or socialist-software the FOSS community becomes
  enraged. However, when the open-source community retaliates it is
  considered acceptable. Quite frankly I read far more Microsoft
  based forums than open-source based ones and I can say without a
  doubt, at least in my experience, Microsoft proponents never
  attack open-source with the venomous hatred that open-source
  attacks Microsoft. In fact, the majority of Microsoft users that
  I know could not care less about what they consider an overly
  burdensome (geeky) open-source operating system.
  
  The whole argument can probably be boiled do to this:
  
  Disparaging other operating systems (Microsoft) and pointing out
  its failures is beneficial, constructive and therapeutic.
  Pointing out problems and failures regarding your own OS is
  destructive and flame bait.
 
 Perhaps you're spending too much time in the community venues of
 open source software projects.  In communities devoted to use of
 software peddled by Microsoft, the reverse would be true, and this
 seems to me not the least bit surprising, or even particularly
 inappropriate. When you stroll into a venue where it can reasonably
 be assumed there is a general consensus position of favoring one
 thing over another (such as a sports bar in Colorado, which would
 likely favor the Broncos over the Raiders), then start loudly
 proclaiming the evils of the favored thing relative to the
 unfavored (such as talking about how much better the Raiders are
 than the Broncos, and how the Broncos fans are all a bunch of pansy
 whiners, as you tend to do about open source software users and
 advocates while you're hanging out here on a FreeBSD mailing list),
 what you are contributing to the discussion may quite
 understandably be called flamebait.  Expressing surprise that
 someone would apply such a label in these circumstances is, in my
 estimation, at least disingenuous if not wholly ludicrous, directly
 deceptive, and/or frankly dumb.
 
 Your paranoia is kicking in again isn't it Chad. Anyway, to address
 your sports analogy, if I walk into a NY City bar and enter into a
 discussion regarding the pros and cons of the Jets VS Giants, which
 in itself is ridiculous since neither is actually located in NY, and
 blatantly scream out that the (Jets of Giants -- you pick) are a
 bunch of mother-fucking, wife beating pedophiles, I think you would
 agree, unless you happen to belong to that group, that I have gone
 way over the top in my team assessment. There is a major difference
 between criticizing and defamation. Perhaps someday you will learn
 the difference. For the record, I have never heard of anyone using
 the term mafia while referring to the FOSS. Then again, the
 Mafia is a highly organized operation. I might also add that many
 people of Italian descent consider the term mafia offensive.

I'm going to actually ignore your completely irrelevant and hilariously
unfounded attempt at psychiatric diagnosis beyond this sentence, and
get to the point:

Ignoring for the moment http://linuxmafia.com it is true that I have
generally not heard of open source software or its community referred
to as mafia, but I have heard of such things referred to as being
socialist, fascist, or otherwise pejoratively accused of inapplicable
political, criminal, or generally objectionable (in at least someone's
eyes) character.  Three guesses who comes first to mind as having made
such statements, and the first two guesses don't count.

I love the way you make a statement, then add a qualifier to the
statement making it virtually impossible to attack as well as giving
yourself a way out. I'll explain further in my reply near the end of
this post.

 I, for one, generally try to avoid saying nonfactually disparaging
 things about Microsoft or (especially) users of software peddled by
 Microsoft in venues like this mailing list, in part because it's a
 bit unsportsmanlike, and in part because it doesn't really
 contribute anything positive.  It's kind of mind-boggling that
 people like you make no evident effort to avoid saying disparaging
 things about FreeBSD and its users in venues like this mailing
 list, where it's trollish, does not contribute anything positive,
 and directly offends large numbers of people subscribed to the list.
 
 When was this election held Chad? I am referring to the one that
 appointed you list spokesperson. In any case, you make an interesting
 statement without offering any documentation. Are you a politician
 Chad? I was inquiring because you seem to like making sound bites
 sans substance.

I referred to no

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

On Mon, Jun 11, 2012 at 02:46:49PM -0400, Jerry wrote:
 On Mon, 11 Jun 2012 11:44:11 -0600 Chad Perrin articulated:
 On Mon, Jun 11, 2012 at 12:59:46PM -0400, Jerry wrote:
  
  Your paranoia is kicking in again isn't it Chad. Anyway, to address
  your sports analogy, if I walk into a NY City bar and enter into a
  discussion regarding the pros and cons of the Jets VS Giants, which
  in itself is ridiculous since neither is actually located in NY, and
  blatantly scream out that the (Jets of Giants -- you pick) are a
  bunch of mother-fucking, wife beating pedophiles, I think you would
  agree, unless you happen to belong to that group, that I have gone
  way over the top in my team assessment. There is a major difference
  between criticizing and defamation. Perhaps someday you will learn
  the difference. For the record, I have never heard of anyone using
  the term mafia while referring to the FOSS. Then again, the
  Mafia is a highly organized operation. I might also add that many
  people of Italian descent consider the term mafia offensive.
 
 I'm going to actually ignore your completely irrelevant and hilariously
 unfounded attempt at psychiatric diagnosis beyond this sentence, and
 get to the point:
 
 Ignoring for the moment http://linuxmafia.com it is true that I have
 generally not heard of open source software or its community referred
 to as mafia, but I have heard of such things referred to as being
 socialist, fascist, or otherwise pejoratively accused of inapplicable
 political, criminal, or generally objectionable (in at least someone's
 eyes) character.  Three guesses who comes first to mind as having made
 such statements, and the first two guesses don't count.
 
 I love the way you make a statement, then add a qualifier to the
 statement making it virtually impossible to attack as well as giving
 yourself a way out. I'll explain further in my reply near the end of
 this post.

This is interesting coming from someone whose immediately preceding
comment was an Internet diagnosis of paranoia coupled with a hypocritical
accusation of inappropriate phrasing directed at a third party.


 
  I, for one, generally try to avoid saying nonfactually disparaging
  things about Microsoft or (especially) users of software peddled by
  Microsoft in venues like this mailing list, in part because it's a
  bit unsportsmanlike, and in part because it doesn't really
  contribute anything positive.  It's kind of mind-boggling that
  people like you make no evident effort to avoid saying disparaging
  things about FreeBSD and its users in venues like this mailing
  list, where it's trollish, does not contribute anything positive,
  and directly offends large numbers of people subscribed to the list.
  
  When was this election held Chad? I am referring to the one that
  appointed you list spokesperson. In any case, you make an interesting
  statement without offering any documentation. Are you a politician
  Chad? I was inquiring because you seem to like making sound bites
  sans substance.
 
 I referred to no election.  I am not list spokesperson, nor do I
 pretend to be or act as one, any more than you are the spokesperson for
 capitalism.  I'm simply pointing out that you are an insufferable,
 trollish jackass, initially in a polite manner.  The fact you avoid
 actually engaging my points, in favor of simply bleating about
 transgressions I haven't even made, does a fairly good job of
 supporting my statements.
 
 As stated above in my latest response, it is difficult to counter a
 statement by you since you don't really state anything. You say, I
 have heard of such things referred to as being socialist,
 fascist, ... (truncated by me) etcetera. Well who the hell hasn't.
 News flash --  that isn't one. Then you add the (in at least someone's
 eyes) qualifier making it impossible to argue with. A good
 politician's trick by the way. Are you sure you are not into politics?
 If it were not for your paranoia, you could probably be a good one. You
 say nothing and speak volumes. Seriously, look over your postings for
 the past year. Your transgressions I haven't even made and similar
 statements are reproduced in an alarming number of them.

The obvious implication here is that you are one of those people who
makes comments insinuating (or outright claiming) socialist or fascist
ethics dominating open source communities.  I make no bones about the
fact I made implicative reference to you in that statement, so you don't
need to play dumb and pretend you don't know I was pointing out your own
hypocrisies.

The at least in someone's eyes parenthetical remark was in reference to
the presumably pejorative character of some remarks people like you often
make.  Nice job pretending I meant something else with that parenthetical
remark, though.  Your tendency to (intentionally, I think) misrepresent
the context of my statements when you fail to find a concrete argument to
present proves you're a real class act.  What

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-11 Thread Jerry

On Mon, 11 Jun 2012 13:44:36 -0600
Chad Perrin articulated:

 As stated above in my latest response, it is difficult to counter a
 statement by you since you don't really state anything. You say, I
 have heard of such things referred to as being socialist,
 fascist, ... (truncated by me) etcetera. Well who the hell hasn't.
 News flash --  that isn't one. Then you add the (in at least
 someone's eyes) qualifier making it impossible to argue with. A good
 politician's trick by the way. Are you sure you are not into
 politics? If it were not for your paranoia, you could probably be a
 good one. You say nothing and speak volumes. Seriously, look over
 your postings for the past year. Your transgressions I haven't even
 made and similar statements are reproduced in an alarming number of
 them.

The obvious implication here is that you are one of those people who
makes comments insinuating (or outright claiming) socialist or fascist
ethics dominating open source communities.  I make no bones about the
fact I made implicative reference to you in that statement, so you
don't need to play dumb and pretend you don't know I was pointing out
your own hypocrisies.

The at least in someone's eyes parenthetical remark was in reference
to the presumably pejorative character of some remarks people like you
often make.  Nice job pretending I meant something else with that
parenthetical remark, though.  Your tendency to (intentionally, I
think) misrepresent the context of my statements when you fail to find
a concrete argument to present proves you're a real class act.  What
class that is, I leave as an inference for the reader.

Your paranoia is working overtime now.

I'm not sure what you're talking about with regard to the
transgressions I haven't made.  I did not refer to anyone as mafia
in this list, to my recollection, and I would be quite interested in
seeing verifiable quotes of me saying such a thing.  I similarly do
not recall expressing a pathological fear of persecution here.  I
pointed out that one person (not you) failed to say something
worthwhile in an earlier email, and that another person (you) have
unreasonable expectations if you really think that you have given
nobody any reason to call you a troll or refer to what you do as
flamebaiting when you show up in a FreeBSD community mailing list and
accuse open source software users and advocates of pejoratively
socialist, fascist, and otherwise reprehensible behavior in your eyes
just because they prefer something other than MS Windows, often
lumping an entire community in with a single noisy individual.

Oh, poor Chad. His feelings are hurt.

Chad, for some reason that totally escapes me at the moment, you feel
as if you are important enough for me to really care what you think.
News flash -- you aren't. I think of you as nothing more than an
incorrigible bore with an inflated ego. Your attempts to portray
yourself as an cognoscente while your persecution complex has pervaded
numerous posts you have responded to has become laughable. Perhaps you
are experiencing hypnagogic hallucinations. You really should consult
an expert in the field although I fear that you would be recalcitrant to
the idea.

It must be sad going through life feeling that everyone is casting
aspersions and heaping maledictions upon you. It is really sad.

Personally, I would much rather have a discussion with Poly. I respect
him, although I don't often agree with him. At least he discusses facts
and doesn't spend his time trying to defend himself against non existent
attacks.

If you want to reply back with actual facts pertinent to the subject of
this post, fine. Otherwise you are only wasting your time since I will
not play your sad woe is me game.


-- 
Jerry ♔ {This author has been Chad Perrin approved}

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-11 Thread Mark Felder


Jerry, Chad: please unsubscribe me from your mailing list. Thanks!!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

On Mon, Jun 11, 2012 at 04:53:11PM -0400, Jerry wrote:

 . . .

You obviously aren't serious.  I can't believe I let you string me along
with this fantasy for so long.

-- 
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-11 Thread Modulok

This thread has united the open source community into doing something useful
and constructive. Thanks guys. You really showed 'em.

-Modulok-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Jerry

On Sun, 10 Jun 2012 03:27:25 +0200
Damien Fleuriot articulated:

On 9 Jun 2012, at 18:48, Chad Perrin per...@apotheon.com wrote:

 On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote:
 
 On 6 Jun 2012, at 21:52, Dave U. Random
 anonym...@anonymitaet-im-inter.net wrote:
 
 Polytropon free...@edvax.de wrote:
 
 On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
 Having to pay Verisign instead of Microsoft makes no difference:
 the point is why should I have to pay anything to a third party
 in order to run whatever OS I want on a piece of hardware I own?
 
 It's time to dump the Intel/Microshaft mafia forever. FreeBSD,
 OpenBSD, NetBSD, and even Linux have ports to many platforms. Why
 stay on Intel? It's an overgrown ugly mess.
 
 We need to stop buying Intel mafiaware with preinstalled
 Microshaft mafiware and run a free (or in the case of Linux
 apparently free) OS on free hardware.
 
 There are increasing numbers of SBCs and plenty of used servers on
 Ebay. They're all built better than commodity Intel mafiaware. Good
 riddance!
  
 You have no idea what you're talking about.
 
 This kind of religious propaganda post is neither constructive nor
 helpful.
 
 It should be noted that your tone is neither constructive nor
 helpful, to say nothing of your contentless response.  Do you have
 anything useful to say in response to what Dave U. Random
 contributed -- perhaps a thoughtful refutation of some specific
 point(s)?  I hope you have more of value to contribute than your
 obvious disdain for people who disagree with you about something
 (without even specifying on what points you disagree).

If you had bothered to read all the other mails I've posted on this
very specific thread, you wouldn't need to ask the question.

If you're going to participate in the Linux zealots' propaganda that
makes OSS defenders sound so ridiculous and delusional, so be it.

Fact is, if Microsoft didn't deliver acceptable products, people
wouldn't use them. Calling them a mafia is neither constructive (I
invite you to look up the word mafia in a thesaurus), nor backed up by
actual facts.

OP is just going on a rampage about MS and intel.

You want to follow his advice and advocate the exclusive use of alpha
machines ? I guess we'll have to agree to disagree here.
No, I'm not gonna use alphas.
And no, I'm not going to let a random person (hey, choice words !)
call intel or MS a mafia just because he's on a zealot crusade.

You might want to take a minute to consider the contributions of both
to computing. Without MS (and IBM amongst others) it's possible that
computing would never have reached such an audience as it has. So I'm
going with the (possibly false) assumption that without MS and other
major actors, not many people would use computers nowadays. All this
magnificent OSS wouldn't be of much use then. After all, who would
need FreeBSD servers to host web sites that had neither visitors nor
purpose ?

One might see MS as the ultimate evil, yet they're strongly
implemented in corporate IT. One might wonder why, before engaging in
a crusade, and brandishing empty words as their weapons.

I invite you to re-read OP's post and highlight what in mafiaware,
wintel and microshaft you find constructive. I also invite you to
read all his points about why exactly intel is an overgrown ugly
mess. I regret to report I have found none, might you point them out
for me ?

Now, I shall leave you to read my other posts on this secure boot
topic, that you might quit claiming I have nothing to
contribute.___

It is fairly easy to understand both sides in this discussion. When
Microsoft supporters refer to open-source software as open-sore or
socialist-software the FOSS community becomes enraged. However, when
the open-source community retaliates it is considered acceptable. Quite
frankly I read far more Microsoft based forums than open-source based
ones and I can say without a doubt, at least in my experience,
Microsoft proponents never attack open-source with the venomous hatred
that open-source attacks Microsoft. In fact, the majority of Microsoft
users that I know could not care less about what they consider an
overly burdensome (geeky) open-source operating system.

The whole argument can probably be boiled do to this:

Disparaging other operating systems (Microsoft) and pointing out its
failures is beneficial, constructive and therapeutic. Pointing out
problems and failures regarding your own OS is destructive and flame
bait.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Nomen Nescio

This is really missing the point. The issue is not open source
vs. proprietary although many people seem to try to steer everything into
that meaningless conflict.

The point is the WinTel Mafia's many years of collusion and screwing over
the customer. Try to buy a commodity PC in any major store and it will come
with Windows, and you have to pay for it. Now the WinTel Mafia got many
companies onboard with their system to lock you out from the box you just
bought. Bad enough it comes with Windows and you had to pay for it, and you
don't even get an install disk. But the WinTel Mafia adds insult to injury
and stops you from installing whatever software you want on it.

What does this have to do with OSS v. proprietary source? Nothing!

It is just about the WinTel Mafia's illegal, abuse trade practices.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Edward M


On 06/10/2012 08:09 AM, Nomen Nescio wrote:

This is really missing the point. The issue is not open source
vs. proprietary although many people seem to try to steer everything into
that meaningless conflict.

The point is the WinTel Mafia's many years of collusion and screwing over
the customer. Try to buy a commodity PC in any major store and it will come
with Windows, and you have to pay for it. Now the WinTel Mafia got many
companies onboard with their system to lock you out from the box you just
bought. Bad enough it comes with Windows and you had to pay for it, and you
don't even get an install disk. But the WinTel Mafia adds insult to injury
and stops you from installing whatever software you want on it.

What does this have to do with OSS v. proprietary source? Nothing!

It is just about the WinTel Mafia's illegal, abuse trade practices.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org



Need to have that congitiive distortion ckecked out
because it makes it difficult to bring a logical conclusion, and 
creates an ill perspective
on reality and keeps the person with a child like mentality; which 
makes the person to excerise

worlds like wintel mafia,etc.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Bruce Cran


On 10/06/2012 16:09, Nomen Nescio wrote:

The point is the WinTel Mafia's many years of collusion and screwing over
the customer. Try to buy a commodity PC in any major store and it will come
with Windows, and you have to pay for it.


Does Intel control AMD too? Last I checked there are plenty of AMD 
machines in major stores and they come with Windows too.


--
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Michael Sierchio

On Sun, Jun 10, 2012 at 9:31 AM, Bruce Cran br...@cran.org.uk wrote:

 Does Intel control AMD too? Last I checked there are plenty of AMD machines
 in major stores and they come with Windows too.

So... attempting to bring reason into the argument? That won't do, I'm
afraid. ;-)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Julian H. Stacey

Too much hot air  preaching to the choir is counter productive
 would die away after internal argument.  Better be active Externaly.
Defend our future by alerting governments there is an upcoming issue.
(eg EU has mega fined MS before for monopoly abuse, EU etc could warn off MS
if we alert governments there's something to monitor).

Free source OSs, ie inc *BSD  *Linux etc, need to co-ordinate with eg
-  A few short anodyne sentences summarising the MS Win8 UEFI problem, 
(better too little text than too much, to reduce work,
avoid risk of discredit from getting anything wrong).
- List of links to specification  analysis  discussion forums.
- List of contacts to alert: politicians  officials responsible for
  anti monopoly  anti restraint of trade policing. 
- List of volunteers: people in each OS project to contact governments.
- A brief simple sample letter to send to alert politicians  
 officials (maybe via paper post or phone, not email to spam box ;-) 

As a start here's :  http://berklix.org/uefi/

URLs welcome. Contact names welcome. Volunteers welcome.

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script,  indent with  .
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Jerry

On Sun, 10 Jun 2012 22:06:26 +0200
Julian H. Stacey articulated:

Too much hot air  preaching to the choir is counter productive
 would die away after internal argument.  Better be active Externaly.
Defend our future by alerting governments there is an upcoming issue.
(eg EU has mega fined MS before for monopoly abuse, EU etc could warn
off MS if we alert governments there's something to monitor).

Free source OSs, ie inc *BSD  *Linux etc, need to co-ordinate with eg
-  A few short anodyne sentences summarising the MS Win8 UEFI
 problem, (better too little text than too much, to reduce work,
   avoid risk of discredit from getting anything wrong).
- List of links to specification  analysis  discussion forums.
- List of contacts to alert: politicians  officials responsible
 for anti monopoly  anti restraint of trade policing. 
- List of volunteers: people in each OS project to contact
 governments.
- A brief simple sample letter to send to alert politicians  
 officials (maybe via paper post or phone, not email to spam
 box ;-) 

As a start here's : http://berklix.org/uefi/

URLs welcome. Contact names welcome. Volunteers welcome.

It is posts like this that basically turn my stomach. A product, any
product, should succeed or fail based on its own merits and not because
some government agency aided or thwarted it. Most, it not nearly all PC
manufacturers exist solely because of Microsoft. The PC market balloons
every time Microsoft releases a new version of Windows. Seriously now,
how many PC were sold because FreeBSD released version 9 of its OS? If
you want to beat someone, you make a better product. You don't go
running to your mamma asking for protection. That stinks of
socialism/fascism. The UEFI specification has existed for years.
Supposedly, Linux has been capable of using it for 8+ years. I have
no idea if FreeBSD is even capable of handling it. It wouldn't
surprise me it if couldn't though. What this really tells me is that
there has been way to much procrastination by the FOSS. Microsoft
simply took advantage of an existing standard (remember standards
something the FOSS is always crying about) and now FOSS is begging for
mercy. This is more than just slightly funny, it is pathetic. If 1% of
the effort of spreading this BS over UEFI had gone into working on a
solution for UEFI two years ago, we wouldn't be having this discussion
at all.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-10 Thread Julian H. Stacey

Jerry wrote
 It is posts like this that basically turn my stomach

Never argue with a drunk.

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script,  indent with  .
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-09 Thread Chad Perrin

On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote:
 
 On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net 
 wrote:
 
  Polytropon free...@edvax.de wrote:
  
  On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
  Having to pay Verisign instead of Microsoft makes no difference: the
  point is why should I have to pay anything to a third party in order to
  run whatever OS I want on a piece of hardware I own?
  
  It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD,
  NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's
  an overgrown ugly mess.
  
  We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware
  and run a free (or in the case of Linux apparently free) OS on free
  hardware.
  
  There are increasing numbers of SBCs and plenty of used servers on
  Ebay. They're all built better than commodity Intel mafiaware. Good
  riddance!
  
 
 You have no idea what you're talking about.
 
 This kind of religious propaganda post is neither constructive nor
 helpful.

It should be noted that your tone is neither constructive nor helpful, to
say nothing of your contentless response.  Do you have anything useful to
say in response to what Dave U. Random contributed -- perhaps a
thoughtful refutation of some specific point(s)?  I hope you have more of
value to contribute than your obvious disdain for people who disagree
with you about something (without even specifying on what points you
disagree).

-- 
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-09 Thread Damien Fleuriot



On 9 Jun 2012, at 18:48, Chad Perrin per...@apotheon.com wrote:

 On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote:
 
 On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net 
 wrote:
 
 Polytropon free...@edvax.de wrote:
 
 On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
 Having to pay Verisign instead of Microsoft makes no difference: the
 point is why should I have to pay anything to a third party in order to
 run whatever OS I want on a piece of hardware I own?
 
 It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD,
 NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's
 an overgrown ugly mess.
 
 We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware
 and run a free (or in the case of Linux apparently free) OS on free
 hardware.
 
 There are increasing numbers of SBCs and plenty of used servers on
 Ebay. They're all built better than commodity Intel mafiaware. Good
 riddance!
 
 
 You have no idea what you're talking about.
 
 This kind of religious propaganda post is neither constructive nor
 helpful.
 
 It should be noted that your tone is neither constructive nor helpful, to
 say nothing of your contentless response.  Do you have anything useful to
 say in response to what Dave U. Random contributed -- perhaps a
 thoughtful refutation of some specific point(s)?  I hope you have more of
 value to contribute than your obvious disdain for people who disagree
 with you about something (without even specifying on what points you
 disagree).
 
 -- 
 Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
 

If you had bothered to read all the other mails I've posted on this very 
specific thread, you wouldn't need to ask the question.


If you're going to participate in the Linux zealots' propaganda that makes OSS 
defenders sound so ridiculous and delusional, so be it.

Fact is, if Microsoft didn't deliver acceptable products, people wouldn't use 
them.
Calling them a mafia is neither constructive (I invite you to look up the word 
mafia in a thesaurus), nor backed up by actual facts.

OP is just going on a rampage about MS and intel.



You want to follow his advice and advocate the exclusive use of alpha machines ?
I guess we'll have to agree to disagree here.
No, I'm not gonna use alphas.
And no, I'm not going to let a random person (hey, choice words !) call intel 
or MS a mafia just because he's on a zealot crusade.


You might want to take a minute to consider the contributions of both to 
computing.
Without MS (and IBM amongst others) it's possible that computing would never 
have reached such an audience as it has.
So I'm going with the (possibly false) assumption that without MS and other 
major actors, not many people would use computers nowadays.
All this magnificent OSS wouldn't be of much use then.
After all, who would need FreeBSD servers to host web sites that had neither 
visitors nor purpose ?

One might see MS as the ultimate evil, yet they're strongly implemented in 
corporate IT.
One might wonder why, before engaging in a crusade, and brandishing empty words 
as their weapons.

I invite you to re-read OP's post and highlight what in mafiaware, wintel 
and microshaft you find constructive.
I also invite you to read all his points about why exactly intel is an 
overgrown ugly mess.
I regret to report I have found none, might you point them out for me ?



Now, I shall leave you to read my other posts on this secure boot topic, that 
you might quit claiming I have nothing to 
contribute.___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

2012-06-07 Thread Erich

Hi,

On 06 June 2012 23:27:39 Chad Perrin wrote:
 On Wed, Jun 06, 2012 at 03:05:00PM -0400, Jerry wrote:
  
  I don't know of any user personally who purchased a new PC and then
  threw FreeBSD on it. Most users that I have come into contact with use
  2+ year old units that have been replaced by shiny new Windows units. I
  don't see that changing anytime soon.
 
I believe that real life is a bit different.

 I have immediately installed FreeBSD on the last four or five laptops I

I do this since 5.2 is out with all my purchases. I did the same thing with 
other machines in my environment.

But I have to admit, that I have had to install twice Fedora because the 
notebook hardware was not supported at that moment of time.

The second Fedora installation will go as soon as get finished my travelling or 
I get me hands on a new hard disk.

Yes, I am in a location where you can enjoy life without any IT shop nearby 
which could even try to pull the money out of my pockets.

What also has to be mentioned is the fact that people have to be more careful 
when shopping for new hardware with FreeBSD in mind. AMD based hardware is here 
of advantage at the moment. But it has other disadvantages.

 purchased, and I get most of my laptops direct from Lenovo.  While my

The machine on which I installed Fedora is also from Lenovo. It would have 
needed a bit of more time to get X running on it. When I ran out of time, I 
installed Fedora which ran out of the box.

Ubuntu did not work out of the box despite being certified.

In this aspect, the full integration of Intel's graphic solution into FreeBSD 
will help acceptance here.

 Significant Other has been installing Debian on her laptops, also

Ah, learning English with FreeBSD. I did not knew of this phrase before.

 acquired from Lenovo, she is probably going to start using FreeBSD
 instead next time.  I know several other people who install FreeBSD on

My 'Significant Other' - you see, I am a fast learner - knows only FreeBSD.

You should see her getting emotional when she has to work with Windows and 
things break in front of her eyes.

She is no IT person at all and wants to use a computer with the ease of using a 
hammer.

Of course, she never faces the problems maintaining a system. All she knows is 
that the machine is starting every time she needs it and continues to work 
until she switches it of.

 Yes, my evidence is anecdotal, but I think your notions of the frequency
 of FreeBSD use other than in a corporate setting are also based on
 anecdotal observations, so we're even.

I can tell you another real ironic story out of the cooperate world. A client 
needed a firewall. He did not believe that we could do it for him using FreeBSD 
and PC hardware. He bought then a 'real' firewall.

You know what OS was running on this hardware?

There was a nice price tag on this hardware too.

Erich
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

2012-06-07 Thread parv

in message 1849552.ouqdgjx...@x220.ovitrap.com,
wrote Erich thusly...

 On 06 June 2012 23:27:39 Chad Perrin wrote:
...
  I have immediately installed FreeBSD on the last four or five
  laptops I

 I do this since 5.2 is out with all my purchases.
...
 I have to admit, that I have had to install twice Fedora because
 the notebook hardware was not supported at that moment of time.

 The second Fedora installation will go as soon as get finished my
 travelling or I get me hands on a new hard disk.

Erich, could you please list the offending Lenovo models?


...
 What also has to be mentioned is the fact that people have to be
 more careful when shopping for new hardware with FreeBSD in mind.
 AMD based hardware is here of advantage at the moment. But it has
 other disadvantages.
...

What would be the said disadvantages?


  - parv


-- 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

On 7 Jun 2012, at 01:54, Robert Bonomi bon...@mail.r-bonomi.com wrote:

 From owner-freebsd-questi...@freebsd.org  Wed Jun  6 18:13:09 2012
 Date: Thu, 07 Jun 2012 00:09:54 +0100
 From: Bruce Cran br...@cran.org.uk
 To: Robert Bonomi bon...@mail.r-bonomi.com
 Cc: freebsd-questions@freebsd.org
 Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware
 of?

 On 06/06/2012 20:27, Robert Bonomi wrote:
 Suppose I put up a web app that takes an executable as input, signs it 
 with my key, and returns the signed filt to the submitter. I don't 
 divulge the key to anyone, just use it on 'anything'. Anybody 
 attempting to revoke on _that_ basis is asking for a lawsuit.

 To me it would be perfectly reasonable to revoke the key as soon as you 
 signed the first piece of malware.

 It may seem reasonable to you, but is there -legal- basis to do so? 

 'signing' only provides assurance of the identity of the signer. I did
 sign it.  The key has not been compromised.  The software in question 
 is tracable to the signer, but the signer never claimed it was 'error free',
 what conract or statute did they breach by doing the signing?  

Signing anything and everything defeats the purpose the key and this whole 
charade are implemented for.

Under the contract's undoubtedly carefully penned clauses, this would allow for 
a key revocation.

Make no mistake, they'll go over that contract for several weeks, giving 
themselves as much manoeuvring room as 
possible.___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

2012-06-07 Thread Erich

Hi,

On 06 June 2012 21:10:14 p...@pair.com wrote:
 in message 1849552.ouqdgjx...@x220.ovitrap.com,
 wrote Erich thusly...
 
  On 06 June 2012 23:27:39 Chad Perrin wrote:
 ...
   I have immediately installed FreeBSD on the last four or five
   laptops I
 
  I do this since 5.2 is out with all my purchases.
 ...
  I have to admit, that I have had to install twice Fedora because
  the notebook hardware was not supported at that moment of time.
 
  The second Fedora installation will go as soon as get finished my
  travelling or I get me hands on a new hard disk.
 
 Erich, could you please list the offending Lenovo models?

it is the X220.

There is a solution available which needs a bit more time as I have had on hand 
before I left.

As I have said several times already, I will be back with this machine to 
FreeBSD after my return.
 
 
 ...
  What also has to be mentioned is the fact that people have to be
  more careful when shopping for new hardware with FreeBSD in mind.
  AMD based hardware is here of advantage at the moment. But it has
  other disadvantages.
 ...
 
 What would be the said disadvantages?

Some say that the AMD CPUs are slower per core. This X220 with the 2640 CPU 
seems to be very, very fast for me. I was surprised how it performed running 
plain FreeBSD.

I would not have expected this much performance out of a small notebook.

As this is my first Intel CPU since the good, old 80586, I cannot tell you more 
about Intel CPUs.

Erich
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 6/6/12 9:43 PM, Daniel Feenberg wrote:
 
 
 On Wed, 6 Jun 2012, Damien Fleuriot wrote:
 


 On 6/6/12 6:45 PM, Daniel Feenberg wrote:


 On Wed, 6 Jun 2012, Julian H. Stacey wrote:

 I do wonder about that. What incentive does the possesor of a signing
 key
 have to keep it secret?

 Contract penalty clause maybe ? Lawyers ?

 A limited-liability company with no assets is judgement-proof.


 Otherwise one of us would purchase a key for $99,  then publish
 the key so we could all forever more compile  boot our own kernels.
 But that would presumably break the trap Microsoft  Verisign seek
 to impose.


 Could it really be that simple? As for hardware vendors putting revoked
 keys in the ROM - are they really THAT cooperative? Seems like they
 would drag their feet on ROM updates if they had to add a lot of stuff
 that won't help them, so that doesn't seem like a great enforcement
 tool.

 dan feenberg


 Oh god...

 Please realize that once the key is divulged, it gets revoked at the
 BIOS' next update.
 
 But my point is that MS doesn't issue the updates, they have to ask the
 BIOS vendors to do so, and then the MB vendors have to take the update,
 and then the users have to install the update. The incentive at each
 level is generally very small. It does create some confusion, but is
 hardly an enforcement mechanism. It would disable older versions of
 FreeBSD on newer hardware, but not much else.
 
 A previous poster has pointed out that MS can't revoke a certificate
 belonging to RH, but I suppose the could ask the BIOS vendors to treat
 it as revoked. I don't know what the response would be.
 
 Daniel Feenberg
 

That is indeed the case.


This is akin to, for example, Sony's race against Homebrewers on the
good ol' PSP.

When hackers found a hardware flaw that enabled them to install custom
firmware, Sony had to release new versions of the consoles with fixed
hardware.

The old ones were still exploitable but the new ones weren't.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]



On 6/5/12 10:19 PM, Colin Barnabas wrote:
 On Tue, Jun 05, 2012 at 11:19:26AM -0700, Kurt Buff wrote:
 UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries
 http://cwonline.computerworld.com/t/8035515/1292406/565573/0/

 This would seem to make compiling from source difficult.

 Kurt

 History show us that _everything_ will eventually run *nix. Take a
 look at the Sony PS3 debacle. After Sony yanked support for
 installing other OS's, the community ripped apart their
 hypervisor in a matter of months. If these boot keys do gain any
 momentum, sooner than later the community with poke holes in the
 system.
 

This, however, raises the problem of the legality of it.

George HOTZ was sued by Sony for releasing the master key.

While Anonymous responded very aggressively (and while I do not
generally condone their actions, this one I can both understand and
support), in the end the consensus reached was that Geohotz agreed to
not work on bypassing the PS3's protections anymore.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]



On 6/6/12 9:55 PM, Robert Simmons wrote:
 On Wed, Jun 6, 2012 at 3:05 PM, Jerry je...@seibercom.net wrote:
 On Wed, 06 Jun 2012 12:49:53 -0400
 Daniel Staal articulated:

 On 2012-06-05 17:20, Jerry wrote:

 The question that I have not seen answered in this thread is what
 FreeBSD intents to do. From what I have seen, most FreeBSD users do
 not
 use the latest versions of most hardware, so it may be a while before
 its user base is even effected.

 I don't believe at this point FreeBSD has any intent one way or
 another, really.  It's not an immediate problem for any platform
 supported by the FreeBSD project, at least for a technically-inclined
 user who's willing to check out their BIOS.  (Even if they are using
 the latest hardware, the x86-derived platforms aren't going to require
 this code signing yet.)  So it'll probably be a 'wait and see if it's
 something the FreeBSD community needs a solution for' at this point.
 But this is just my impression.

 I totally agree with you. Unfortunately that speaks to the sad state of
 affairs that FreeBSD appears to be in. When it comes to supporting the
 latest technologies, it tends to be behind the curve when compared to
 other operating systems. Wireless networking and USB support are only a
 few examples.

 I don't know of any user personally who purchased a new PC and then
 threw FreeBSD on it. Most users that I have come into contact with use
 2+ year old units that have been replaced by shiny new Windows units. I
 don't see that changing anytime soon.
 
 I would have to disagree with you there.  I know of quite a few users
 who happen to run one of the world's largest content distribution
 networks (accounting for about one third of the internet's traffic; up
 there with pornography).  They purchased more than just a handful of
 new computers and threw FreeBSD on them:
 
 http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068129.html


You're talking about servers here, I think Jerry was speaking more
generally, about a lambda user buying a computer and *definitely* not
installing FBSD (or anything else) on it.

The typical users just wants to buy internet and emails without a care
in the world about the OS.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-07 Thread Thomas Mueller

Snippet from Jerry je...@seibercom.net:

 I don't know of any user personally who purchased a new PC and then
 threw FreeBSD on it. Most users that I have come into contact with use
 2+ year old units that have been replaced by shiny new Windows units. I
 don't see that changing anytime soon.

I did, or almost.  Before installing FreeBSD, I tried unsuccessfully to install 
NetBSD, figuring I'd start with the least stable of (NetBSD, FreeBSD, Linux) 
and not risk messing up good Linux and FreeBSD installations.

Then FreeBSD 9.0-BETA1 was released, and I went with that: now on 9.0-STABLE #9.

That was on a computer that I built from parts in May-June 2011, meaning modern 
hardware including UEFI, but no secure boot.


Tom
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-07 Thread Nomen Nescio

  But my point is that MS doesn't issue the updates, they have to ask the
  BIOS vendors to do so, and then the MB vendors have to take the update,
  and then the users have to install the update. The incentive at each
  level is generally very small. It does create some confusion, but is
  hardly an enforcement mechanism. It would disable older versions of
  FreeBSD on newer hardware, but not much else.

This can be automated. Many mobo manufacturers have software that searches
for new BIOS and flashes it for you. All they have to do is get on board
and make this automatic like Windows Updates. Don't think they haven't
thought this far ahead. I believe some offer this now.

  A previous poster has pointed out that MS can't revoke a certificate
  belonging to RH, but I suppose the could ask the BIOS vendors to treat
  it as revoked. I don't know what the response would be.

MS and Intel are running this. If Verisign is just a trusted 3rd party
(without administrative duties) they can well defer to the Microshaft Mafia
and do as they're told. It wouldn't be the first time. For example, did
everybody already forget the Microshaft Mafias' initiation of the FBI server
raids on the botnet? Many innocent companies and peoples hosting got screwed
during this takeover. But it was all in the name of justice. If we can get
a few Russian hackers then it's well worth damaging your business and
property. We're from Microshaft Mafia and the FBI and we're here to help.

 This is akin to, for example, Sony's race against Homebrewers on the
 good ol' PSP.
 
 When hackers found a hardware flaw that enabled them to install custom
 firmware, Sony had to release new versions of the consoles with fixed
 hardware.
 
 The old ones were still exploitable but the new ones weren't.

That is a little different, possibly. For one thing, Sony detected whether
you had the updates they wanted you to install and if you don't have them
installed you can't play on their PlayStation network. For 99.99% of
PlayStation users this is the whole point of buying their console. So if you
don't upgrade all you have is a box for playing local games which most
people don't seem to want to do. 

All the Intel and Microshaft Mafia have to do is a similar thing, and make
your PC or Windows stop working unless you install their updates, or tell
the FBI your PC is possibly infected and part of a Russian botnet etc. and
you won't be allowed on the internet until you upgrade your system to a safe
level to avoid these horrible threats. This idea was floated publicly even
unrelated to so-called secure boot.

Windows activation can check the firmware level and Intel's management BIOS
is connected to the net even when your new PC is shut off (as long as it is
plugged in). If you go along with this they can do whatever you want. You're
submitting to true remote management/control over YOUR hardware and life.

This is the beginning of a lot of bad Big Brother stuff and if people accept
it now they get what they deserve tomorrow.

Say NO to the Intel/Microshaft Mafia. Say NO to Secure boot.

Run MIPS and Alpha hardware if you have to, just DUMP INTEL AND THE
MICROSHAFT MAFIA.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 6/7/12 3:43 PM, Nomen Nescio wrote:
 But my point is that MS doesn't issue the updates, they have to ask the
 BIOS vendors to do so, and then the MB vendors have to take the update,
 and then the users have to install the update. The incentive at each
 level is generally very small. It does create some confusion, but is
 hardly an enforcement mechanism. It would disable older versions of
 FreeBSD on newer hardware, but not much else.
 
 This can be automated. Many mobo manufacturers have software that searches
 for new BIOS and flashes it for you. All they have to do is get on board
 and make this automatic like Windows Updates. Don't think they haven't
 thought this far ahead. I believe some offer this now.
 
 A previous poster has pointed out that MS can't revoke a certificate
 belonging to RH, but I suppose the could ask the BIOS vendors to treat
 it as revoked. I don't know what the response would be.
 
 MS and Intel are running this. If Verisign is just a trusted 3rd party
 (without administrative duties) they can well defer to the Microshaft Mafia
 and do as they're told. It wouldn't be the first time. For example, did
 everybody already forget the Microshaft Mafias' initiation of the FBI server
 raids on the botnet? Many innocent companies and peoples hosting got screwed
 during this takeover. But it was all in the name of justice. If we can get
 a few Russian hackers then it's well worth damaging your business and
 property. We're from Microshaft Mafia and the FBI and we're here to help.
 
 This is akin to, for example, Sony's race against Homebrewers on the
 good ol' PSP.

 When hackers found a hardware flaw that enabled them to install custom
 firmware, Sony had to release new versions of the consoles with fixed
 hardware.

 The old ones were still exploitable but the new ones weren't.
 
 That is a little different, possibly. For one thing, Sony detected whether
 you had the updates they wanted you to install and if you don't have them
 installed you can't play on their PlayStation network. For 99.99% of
 PlayStation users this is the whole point of buying their console. So if you
 don't upgrade all you have is a box for playing local games which most
 people don't seem to want to do. 
 


Totally off-topic, but I actually used mine to run gameboy and gameboy
advance emulators ^^'



 All the Intel and Microshaft Mafia have to do is a similar thing, and make
 your PC or Windows stop working unless you install their updates, or tell
 the FBI your PC is possibly infected and part of a Russian botnet etc. and
 you won't be allowed on the internet until you upgrade your system to a safe
 level to avoid these horrible threats. This idea was floated publicly even
 unrelated to so-called secure boot.
 

I refer you to the years old threads about Palladium and the TCPA that
Microsoft dreamed back in the days.



 Windows activation can check the firmware level and Intel's management BIOS
 is connected to the net even when your new PC is shut off (as long as it is
 plugged in). If you go along with this they can do whatever you want. You're
 submitting to true remote management/control over YOUR hardware and life.
 

Well, I don't know about that... how do you suggest the BIOS gets its IP ?
The 8-STABLE box that acts as my router is not going to serve one over
DHCP or BOOTP any time soon.

As for sniffing the network to guess the router + DNS servers, that one
might be a bit far-fetched.



 This is the beginning of a lot of bad Big Brother stuff and if people accept
 it now they get what they deserve tomorrow.
 
 Say NO to the Intel/Microshaft Mafia. Say NO to Secure boot.
 
 Run MIPS and Alpha hardware if you have to, just DUMP INTEL AND THE
 MICROSHAFT MAFIA.

Seriously you need to stop with the wintel, microshaft, mafia and
all the stuff.

We get it, you don't like them.

However, there are literally thousands of people reading this list and
just because they do not share your ideals doesn't necessarily make them
advocates of this so-called mafia, or blind sheep.




Finally, I can't come up with a scenario where my CEO is going to okay
alpha boxes for our regular web servers and such.
Our x86 servers run just fine and are roughly 12.000% cheaper.

We need to distance ourselves from Intel, apparently they run their
business like darned brigands is not going to cut it.


Things aren't that easy in a corporate world, you get a volume contract
with a supplier, Dell for example, and purchase your hardware from them.

I can hardly see Dell shipping x86 servers with locked-in Windows
installs, that just won't do for their business.
I have to admit I'd love to see it though, I've always wanted us to try
Cisco or IBM's blade servers in lieu of Dell's.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-07 Thread Nomen Nescio

 Totally off-topic, but I actually used mine to run gameboy and gameboy
 advance emulators ^^'

And I use mine to write PPC code. But Sony's business model wasn't about
software development or doing what you and I are doing. 

  Windows activation can check the firmware level and Intel's management BIOS
  is connected to the net even when your new PC is shut off (as long as it is
  plugged in). If you go along with this they can do whatever you want. You're
  submitting to true remote management/control over YOUR hardware and life.
  
 
 Well, I don't know about that... how do you suggest the BIOS gets its IP ?
 The 8-STABLE box that acts as my router is not going to serve one over
 DHCP or BOOTP any time soon.

You seem to be focusing on the .01% cases. The UEFI was specifically
designed to allow TCP/IP from the BIOS with the machine powered off, well
before secure boot was on the table. Just because you can firewall it off
doesn't mean everybody else understands the issues or knows how, because
they don't. For all we know Intel or Microshaft have plenty of DHCP servers
ready for this.

 As for sniffing the network to guess the router + DNS servers, that one
 might be a bit far-fetched.

It's not going to be like Skype and do NAT traversals by itself and find
it's way out of your box. It's just that if you leave your computer plugged
in like everybody in the world does, the BIOS will be able to do whatever
they program it to do, including downloading and flashing BIOS updates and
whatever malware the dreaded Chinese hackers and Russian botnets
create. Microshaft is pretty stupid because every time they create something
secure the Russians or Chinese hack it in a day. I'll be surprised if they
don't crack Verisigns keys and create exploits and this will be a better
attack vector than they ever had because now they can flash your BIOS. All
they could do before was replace your boot sector.

 Seriously you need to stop with the wintel, microshaft, mafia and
 all the stuff.

Why?

 However, there are literally thousands of people reading this list and
 just because they do not share your ideals doesn't necessarily make them
 advocates of this so-called mafia, or blind sheep.

Aside from the one ostrich I spanked I don't think they are either.

 Finally, I can't come up with a scenario where my CEO is going to okay
 alpha boxes for our regular web servers and such.
 Our x86 servers run just fine and are roughly 12.000% cheaper.

Yeah but nobody cares about that because they're not talking about doing
this to server boxes. It's home PCs where people are usually not well
informed and are usually defenseless. Try to stay focused on the discussion.

 I can hardly see Dell shipping x86 servers with locked-in Windows
 installs, that just won't do for their business.

Right, so this doesn't apply. Why do you keep bringing it up? Even if it did
apply, who cares? It's not your problem. The target is commodity WinTel
crapware boxes.


 I have to admit I'd love to see it though, I've always wanted us to try
 Cisco or IBM's blade servers in lieu of Dell's.

Intel is bad not just because of UEFI and secure boot. They're bad because
they have conspired many times over the years with Microshaft to create a
monopoly. Everybody should object to that.

Say NO to the WinTel Mafia! (had to add that ;-))
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-07 Thread Edward M


On 06/06/2012 01:35 PM, Alejandro Imass wrote:

But this is more to do with the BIOS than with Intel as such. Wasn't
there a FreeBIOS, later LinuxBIOS, now coreboot I believe..?
So replacing the BIOS entirely wouldn't suffice to override all this nonsense?
___
anybody will be free  to disable secure boot in x86 systems and run 
any OS, so this is not really a big deal.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Matthew Seaman

On 05/06/2012 23:10, Jerry wrote:
 I thought this URL http://mjg59.dreamwidth.org/12368.html also shown
 above, answered that question.

Signing bootloaders and kernels etc. seems superficially like a good
idea to me.  However, instant reaction is that this is definitely *not*
something that Microsoft should be in charge of.  Some neutral[*] body
without any commercial interests should do that job, and
bootloader/kernel signing should be freely available.

On deeper thought though, the whole idea appears completely unworkable.
 It means that you will not be able to compile your own kernel or
drivers unless you have access to a signing key.  As building your own
is pretty fundamental to the FreeBSD project, the logical consequence is
that FreeBSD source should come with a signing key for anyone to use.

Which completely abrogates the whole point of signing
bootloaders/kernels in the first place: anyone wishing to create malware
would be able to sign whatever they want using such a key.  It's
DRM-level stupidity all over again.

My conclusion: boycott products, manufacturers and/or OSes that
participate in this scheme.  FreeBSD alone won't make any real
difference to manufacturers, but I hope there is still enough of the
original spirit of freedom within the Linux camp, and perhaps from
Google/android to make an impact.

I'm pretty sure there can be a way of whitelisting bootloaders and so
forth to help prevent low-level malware, but this isn't it.

Cheers,

Matthew

[*] I suggest ICANN might be the right sort of organization to fulfil
this role.

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 06/06/2012 08:32, Matthew Seaman wrote:

On deeper thought though, the whole idea appears completely unworkable.
  It means that you will not be able to compile your own kernel or
drivers unless you have access to a signing key.  As building your own
is pretty fundamental to the FreeBSD project, the logical consequence is
that FreeBSD source should come with a signing key for anyone to use.


It just means that anyone wishing to run their own kernels would either 
need to disable secure boot, or purchase/create their own certificate 
and install it.


--
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Matthew Seaman

On 06/06/2012 09:45, Bruce Cran wrote:
 On 06/06/2012 08:32, Matthew Seaman wrote:
 On deeper thought though, the whole idea appears completely unworkable.
   It means that you will not be able to compile your own kernel or
 drivers unless you have access to a signing key.  As building your own
 is pretty fundamental to the FreeBSD project, the logical consequence is
 that FreeBSD source should come with a signing key for anyone to use.

 It just means that anyone wishing to run their own kernels would either
 need to disable secure boot, or purchase/create their own certificate
 and install it.

Indeed.  However disabling secure boot is apparently:

   * too difficult for users of Fedora

   * not possible on all platforms (arm based tablets especially)

and purchasing your own certificate currently means paying $99 to
Microsoft, or else getting a key from the hardware manufacturer (which I
very much suspect will not be free either).

While I would expect the typical FreeBSD user to be quite capable of
disabling secure boot, I know that this is something that will result in
realms of questions by new users, alarmist claims that FreeBSD is not
secure and general glee amongst the FreeBSD is dying crowd.

This is just another misconceived DRM scheme and suffers from all the
same old flaws.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Mehmet Erol Sanliturk

On Wed, Jun 6, 2012 at 2:38 AM, Matthew Seaman matt...@freebsd.org wrote:

On 06/06/2012 09:45, Bruce Cran wrote:
On 06/06/2012 08:32, Matthew Seaman wrote:
On deeper thought though, the whole idea appears completely unworkable.
It means that you will not be able to compile your own kernel or
drivers unless you have access to a signing key. As building your own
is pretty fundamental to the FreeBSD project, the logical consequence is
that FreeBSD source should come with a signing key for anyone to use.

It just means that anyone wishing to run their own kernels would either
need to disable secure boot, or purchase/create their own certificate
and install it.

Indeed. However disabling secure boot is apparently:

* too difficult for users of Fedora

* not possible on all platforms (arm based tablets especially)

and purchasing your own certificate currently means paying $99 to
Microsoft, or else getting a key from the hardware manufacturer (which I
very much suspect will not be free either).

While I would expect the typical FreeBSD user to be quite capable of
disabling secure boot, I know that this is something that will result in
realms of questions by new users, alarmist claims that FreeBSD is not
secure and general glee amongst the FreeBSD is dying crowd.

This is just another misconceived DRM scheme and suffers from all the
same old flaws.

Cheers,

Matthew

--
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey

http://www.infoworld.com/t/hacking/tech-behind-flame-attack-could-compromise-microsoft-update-194867

Thank you very much .

Mehmet Erol Sanliturk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

jerr...@msu.edu wrote:
 Quoting Kurt Buff kurt.b...@gmail.com:
 
  UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries
  http://cwonline.computerworld.com/t/8035515/1292406/565573/0/
 
  This would seem to make compiling from source difficult.
 
 
 I don't see how this MS scam is even at all legal.
 It is clearly restraint of trade and probably violates some other
 related laws too.

A shame Bush blocked dismembering monopolist Microsoft.  
The last enormous fines Microsoft paid the EU for monopoly abuse,
presumably failed to discipline Microsoft. 

Time for increased fines, till Microsoft stops abusing its monooly.
Would be nice if the fines were so high it forced a free recall by
hardware vendors to fix, if it can't be fixed with a UEFI net upgrade.

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script,  indent with  .
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

On Wed, 06 Jun 2012 10:38:41 +0100
Matthew Seaman articulated:

On 06/06/2012 09:45, Bruce Cran wrote:
 On 06/06/2012 08:32, Matthew Seaman wrote:
 On deeper thought though, the whole idea appears completely
 unworkable. It means that you will not be able to compile your own
 kernel or drivers unless you have access to a signing key.  As
 building your own is pretty fundamental to the FreeBSD project, the
 logical consequence is that FreeBSD source should come with a
 signing key for anyone to use.

 It just means that anyone wishing to run their own kernels would
 either need to disable secure boot, or purchase/create their own
 certificate and install it.

Indeed.  However disabling secure boot is apparently:

   * too difficult for users of Fedora

   * not possible on all platforms (arm based tablets especially)

and purchasing your own certificate currently means paying $99 to
Microsoft, or else getting a key from the hardware manufacturer (which
I very much suspect will not be free either).

I think you are in error there Matthew. From what I have read The $99
goes to Verisign, not Microsoft - further once paid you can sign as
many binaries as you want.

While I would expect the typical FreeBSD user to be quite capable of
disabling secure boot, I know that this is something that will result
in realms of questions by new users, alarmist claims that FreeBSD is
not secure and general glee amongst the FreeBSD is dying crowd.

This is just another misconceived DRM scheme and suffers from all the
same old flaws.

I don't feel this is misconceived at all. Again, from what I have read,
most non-Microsoft operating systems have been able to use UEFI Secure
Boot for nearly eight years; however, they have actively refused to do
so. However, now Microsoft has stepped up to the plate and is
actively taking advantage of the scheme. Actually, Microsoft has been
issuing warnings for ten years when a user would attempt to install
unsigned drivers. Now the FOSS community is getting its knickers in a
knot. They should have taken this into account a long time ago. In any
case, we are talking $99 dollars total, not per user here for the
certificate. If that is going to cause a problem, I'll donate the $99.
In any case, the real problem appears to be how FreeBSD is going to
handle drivers which apparently will need to be signed since they work
at the kernel level. Apparently Fedora has a working solution for that
all ready.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__



signature.asc
Description: PGP signature

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 06/06/2012 11:24, Jerry wrote:


They should have taken this into account a long time ago. In any
case, we are talking $99 dollars total, not per user here for the
certificate. If that is going to cause a problem, I'll donate the $99.


It's not the $99 that'll be the problem, but the fact that it's Verisign 
(actually Symantec, since they bought Verisign) that you deal with. 
Whereas Globalsign accept applications from individuals, Verisign 
require company documents before they'll generate a certificate.


--
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 06/06/2012 11:38, Bruce Cran wrote:
It's not the $99 that'll be the problem, but the fact that it's 
Verisign (actually Symantec, since they bought Verisign) that you deal 
with. Whereas Globalsign accept applications from individuals, 
Verisign require company documents before they'll generate a certificate.




I've just checked, and I'm wrong - they seem to have changed things and 
now allow signups from individuals.


--
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Matthew Seaman

On 06/06/2012 11:24, Jerry wrote:
 I think you are in error there Matthew. From what I have read The $99
 goes to Verisign, not Microsoft - further once paid you can sign as
 many binaries as you want.

Having to pay Verisign instead of Microsoft makes no difference: the
point is why should I have to pay anything to a third party in order to
run whatever OS I want on a piece of hardware I own?

$99 as a one-off payment might seem a trivial cost to you, so much so
that you rather rashly promised to pay that for anyone. I won't hold you
to it.  Even so, there are several thousand readers of this list.  I
doubt even you could afford to subsidise very many of them...

Yes UEFI Secure Boot may have been around for 8 years.  The fact that no
one has adopted use of it in all that time speaks volumes.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matt...@infracaninophile.co.uk   Kent, CT11 9PW



signature.asc
Description: OpenPGP digital signature

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Daniel Feenberg




On Wed, 6 Jun 2012, Matthew Seaman wrote:


On 05/06/2012 23:10, Jerry wrote:

I thought this URL http://mjg59.dreamwidth.org/12368.html also shown
above, answered that question.


Signing bootloaders and kernels etc. seems superficially like a good
idea to me.  However, instant reaction is that this is definitely *not*
something that Microsoft should be in charge of.  Some neutral[*] body

...

On deeper thought though, the whole idea appears completely unworkable.
It means that you will not be able to compile your own kernel or
drivers unless you have access to a signing key.  As building your own


You don't need the signing key if you turn off secure boot in the CMOS. 
The fedora folk are worried that naive desktop users will not be able to 
do that, and usage of linux will be impeded. It won't be a significant 
impediment to users capable of compiling their own kernel.



is pretty fundamental to the FreeBSD project, the logical consequence is
that FreeBSD source should come with a signing key for anyone to use.

Which completely abrogates the whole point of signing
bootloaders/kernels in the first place: anyone wishing to create malware
would be able to sign whatever they want using such a key.  It's
DRM-level stupidity all over again.


I do wonder about that. What incentive does the possesor of a signing key 
have to keep it secret? Apple keeps it's signing key secret because it 
gets a share of revenue from the sale of apps. If the fedora key became 
known it wouldn't hurt fedora. Can the UEFI BIOS consult a list of revoked 
keys online? That would be surprising.


dan feenberg
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Mehmet Erol Sanliturk

On Wed, Jun 6, 2012 at 3:47 AM, Matthew Seaman 
m.sea...@infracaninophile.co.uk wrote:

 On 06/06/2012 11:24, Jerry wrote:
  I think you are in error there Matthew. From what I have read The $99
  goes to Verisign, not Microsoft - further once paid you can sign as
  many binaries as you want.

 Having to pay Verisign instead of Microsoft makes no difference: the
 point is why should I have to pay anything to a third party in order to
 run whatever OS I want on a piece of hardware I own?

 $99 as a one-off payment might seem a trivial cost to you, so much so
 that you rather rashly promised to pay that for anyone. I won't hold you
 to it.  Even so, there are several thousand readers of this list.  I
 doubt even you could afford to subsidise very many of them...

 Yes UEFI Secure Boot may have been around for 8 years.  The fact that no
 one has adopted use of it in all that time speaks volumes.

Cheers,

Matthew

 --
 Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
  Flat 3
 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
 JID: matt...@infracaninophile.co.uk   Kent, CT11 9PW



What will be the usefulness of a security key for an Open Source Operating
System when people are not using mostly proprietary binary packages and
nearly all of the supplied binary packages have accompanying sources ?

When FreeBSD is installing a binary package or making a port , it is ALWAYS
checking integrity of installed
parts .

Then is there a necessity of a Security Key obtained by paying money ?

In Turkish literature , there is a person named as Deli Dumrul means
Crazy Dumrul where his name is Dumrul .

Crazy Dumrul constructed a bridge over a dried river . If any one passes
from the bridge , he was taking money for passing over the bridge for
Using the Bridge  , and , if any one is NOT passing from the bridge , and
walking over the dried river , he was taking money for Not to Use the
Bridge .

It seems that History is Repeating 


Thank you very much .

Mehmet Erol Sanliturk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

On Wed, 06 Jun 2012 11:47:11 +0100
Matthew Seaman articulated:

On 06/06/2012 11:24, Jerry wrote:
 I think you are in error there Matthew. From what I have read The $99
 goes to Verisign, not Microsoft - further once paid you can sign as
 many binaries as you want.

Having to pay Verisign instead of Microsoft makes no difference: the
point is why should I have to pay anything to a third party in order to
run whatever OS I want on a piece of hardware I own?

$99 as a one-off payment might seem a trivial cost to you, so much so
that you rather rashly promised to pay that for anyone. I won't hold
you to it.  Even so, there are several thousand readers of this list.
I doubt even you could afford to subsidise very many of them...

The $99 was for FreeBSD to deliver the OS, not per user. This is
clearly explained in the various URLs listed in this thread. I am sorry
if you misunderstood. Of course if a user wants to recompile the
kernel, etcetera after having downloaded and installed it from FreeBSD
or one of its subsidies, they are on their own. Seriously though, a
one time payment of $99 is so trivial I find it hard to believe that
anyone is actually bitching about it. I pay many times that amount for
golf every month.

Yes UEFI Secure Boot may have been around for 8 years.  The fact that
no one has adopted use of it in all that time speaks volumes.

I don't want to get in an argument with you Matthew since you are one of
the few on this list that I feel actually thinks before they speak and
knows what they are talking about; however, the real reason, in my
opinion, is that no one carefully considered the consequences of it. It
is a great idea, it offers greater security and again from what I have
read it can be disabled by the end user if the vendor so allows.
Microsoft does not control the vendors right to allow or disallow that
action.

In any event, it won't belong before some hacker comes up with a way
to circumvent the entire process anyway, In my opinion, so why worry
about it. Most FreeBSD users do not use state of the art equipment
anyway, so it may be years before they even come up against this
problem. By then it will all be ironed out.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__


signature.asc
Description: PGP signature

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 6/6/12 1:36 PM, Jerry wrote:
 On Wed, 06 Jun 2012 11:47:11 +0100
 Matthew Seaman articulated:
 
 On 06/06/2012 11:24, Jerry wrote:
 I think you are in error there Matthew. From what I have read The $99
 goes to Verisign, not Microsoft - further once paid you can sign as
 many binaries as you want.

 Having to pay Verisign instead of Microsoft makes no difference: the
 point is why should I have to pay anything to a third party in order to
 run whatever OS I want on a piece of hardware I own?

 $99 as a one-off payment might seem a trivial cost to you, so much so
 that you rather rashly promised to pay that for anyone. I won't hold
 you to it.  Even so, there are several thousand readers of this list.
 I doubt even you could afford to subsidise very many of them...
 
 The $99 was for FreeBSD to deliver the OS, not per user. This is
 clearly explained in the various URLs listed in this thread. I am sorry
 if you misunderstood. Of course if a user wants to recompile the
 kernel, etcetera after having downloaded and installed it from FreeBSD
 or one of its subsidies, they are on their own. Seriously though, a
 one time payment of $99 is so trivial I find it hard to believe that
 anyone is actually bitching about it. I pay many times that amount for
 golf every month.
 

Look Jerry,


Are you serious there ?
Having to pay to use a different OS on hardware that you own ?

What next, non-approved keyboard, $40 extra ?
Non-approved mouse, $30, non-approved USB external drive, $80 ?


Don't take it personally but it's people like you willing to bend the
knee that encourage such abuse as we're discussing today.
The denial of freedom to do what you want with that piece of hardware
you just bought.

And no, $99 isn't trivial, it has to be 1/6 the price of a standard PC
nowadays.

I'm *not* paying extra to install a non-MS-approved-lol-seriously OS.
This is nothing short of extortion.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?



On 6/6/12 9:32 AM, Matthew Seaman wrote:
 On 05/06/2012 23:10, Jerry wrote:
 I thought this URL http://mjg59.dreamwidth.org/12368.html also shown
 above, answered that question.
 
 Signing bootloaders and kernels etc. seems superficially like a good
 idea to me.  However, instant reaction is that this is definitely *not*
 something that Microsoft should be in charge of.  Some neutral[*] body
 without any commercial interests should do that job, and
 bootloader/kernel signing should be freely available.
 
 On deeper thought though, the whole idea appears completely unworkable.
  It means that you will not be able to compile your own kernel or
 drivers unless you have access to a signing key.  As building your own
 is pretty fundamental to the FreeBSD project, the logical consequence is
 that FreeBSD source should come with a signing key for anyone to use.
 
 Which completely abrogates the whole point of signing
 bootloaders/kernels in the first place: anyone wishing to create malware
 would be able to sign whatever they want using such a key.  It's
 DRM-level stupidity all over again.
 
 My conclusion: boycott products, manufacturers and/or OSes that
 participate in this scheme.  FreeBSD alone won't make any real
 difference to manufacturers, but I hope there is still enough of the
 original spirit of freedom within the Linux camp, and perhaps from
 Google/android to make an impact.
 
 I'm pretty sure there can be a way of whitelisting bootloaders and so
 forth to help prevent low-level malware, but this isn't it.
 
   Cheers,
 
   Matthew
 
 [*] I suggest ICANN might be the right sort of organization to fulfil
 this role.
 


I agree with the whole post except that last bit about ICANN Matthew.

The US already has enough dominance as is, without involving ICANN, a
supposedly neutral body (yeah right...) any further.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?



On 6/6/12 1:19 PM, Daniel Feenberg wrote:
 
 
 On Wed, 6 Jun 2012, Matthew Seaman wrote:
 
 On 05/06/2012 23:10, Jerry wrote:
 I thought this URL http://mjg59.dreamwidth.org/12368.html also shown
 above, answered that question.

 Signing bootloaders and kernels etc. seems superficially like a good
 idea to me.  However, instant reaction is that this is definitely *not*
 something that Microsoft should be in charge of.  Some neutral[*] body
 ...
 On deeper thought though, the whole idea appears completely unworkable.
 It means that you will not be able to compile your own kernel or
 drivers unless you have access to a signing key.  As building your own
 
 You don't need the signing key if you turn off secure boot in the CMOS.
 The fedora folk are worried that naive desktop users will not be able to
 do that, and usage of linux will be impeded. It won't be a significant
 impediment to users capable of compiling their own kernel.
 
 is pretty fundamental to the FreeBSD project, the logical consequence is
 that FreeBSD source should come with a signing key for anyone to use.

 Which completely abrogates the whole point of signing
 bootloaders/kernels in the first place: anyone wishing to create malware
 would be able to sign whatever they want using such a key.  It's
 DRM-level stupidity all over again.
 
 I do wonder about that. What incentive does the possesor of a signing
 key have to keep it secret? Apple keeps it's signing key secret because
 it gets a share of revenue from the sale of apps. If the fedora key
 became known it wouldn't hurt fedora. Can the UEFI BIOS consult a list
 of revoked keys online? That would be surprising.
 
 dan feenberg


Key revoked in the BIOS' next version, which will ship by default on
newer hardware.

No need for checking online.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?



On 6/5/12 9:12 PM, Gökşin Akdeniz wrote:

 UEFI considerations drive Fedora to pay MSFT to sign their kernel
 binaries http://cwonline.computerworld.com/t/8035515/1292406/565573/0/

 
 That's restriction is only for ARM devices which have a label that says
 Desgined for Windows8. In other words those devices can not boot
 another os except Windows 8 due to secure boot option enabled by
 default.
 
 The short and the long of it Microsoft is copying Apple on tablets with
 ARM.
 

Well perhaps it should say designed ONLY for windows8 then ?

This has class action written all over it, just like the ready for
win7 fiasco where the PCs displaying the sticker could only run the
minimalist version of the OS.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?



On 6/6/12 1:57 AM, Chris Hill wrote:
 On Tue, 5 Jun 2012, G?k?in Akdeniz wrote:
 
 For the time being only ARM platform is restricted.
 
 True, but I would be astonished if this restriction were not expanded by
 MS in the future. Just my opinion, but I believe their ultimate goal is
 to add platforms until the secure boot restriction encompasses most or
 all desktop and server hardware. This would be over a period of years.
 

I direct you to an older version of the matrix, where microsoft was
discussing Paladium and TCPA.

These are the exact same.

And these are a liberty killer.


http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread RW

On Wed, 6 Jun 2012 07:36:24 -0400
Jerry wrote:


 In any event, it won't belong before some hacker comes up with a way
 to circumvent the entire process anyway,

It sounds like Fedora already have. They say that they are only going to
sign a thin shim that loads grub.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


RW rwmailli...@googlemail.com wrote:
 On Wed, 6 Jun 2012 07:36:24 -0400  Jerry wrote:


  In any event, it won't belong before some hacker comes up with a way
  to circumvent the entire process anyway,

 It sounds like Fedora already have. They say that they are only going to
 sign a thin shim that loads grub.

not exactly.  *GRIN*

Fedora'a 'thin shim' will be signed, to keep an (always-, or other) enabled
'secure BIOS' loader happy.

Fedora will provide an option -- which will remain 'user-settable' (regardless
of whether the 'secure BIOS' signature is mandatory -- to either ENFORCE or
IGNORE a requirement for valid 'signatures' on the subsequently loaded pieces
of the O/S -- 2nd/3rd/etc-stage boot loaders, the kernel itself, any loadable
modules, etc.   And, Fedora will sign all _Fedora-supplied_ files that meet
that criteria.  Thus an end-user can run with 'secure boot' fully enabled,
with only signed files being loadable as part of the O/S -- using either
Fedora-supplied signed files, -or- files that they, themselves, have signed.
OR, with BIOS signing required (the 'thin shim' loader) but signing of
subsequent files -not- required, OR, (if the hardware manufacturer allows it)
with BIOS signing disabled.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Polytropon

On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
 Having to pay Verisign instead of Microsoft makes no difference: the
 point is why should I have to pay anything to a third party in order to
 run whatever OS I want on a piece of hardware I own?

Maybe a common marketing and sales model comes from software
to hardware too: You don't actually own the hardware! When
you give money to the manufacturer (maybe through vendors
or retailers), you receive hardware _plus_ a limited set
of rights which you may exercise on that hardware, maybe
for a limited time. By purchasing the hardware that way,
you may even have implicitely signed a kind of agreement
(cf. EULA) that you accept those licensing of hardware.
You do _not_ own it in order to exercise your free will
on it, like I have the right to wipe 'Windows' and install
something else, which might result in a loss of warranty.
You may only run what the manufacturer allows you to run
(by providing the proper boot mechanism for it that just
works). If the manufacturer may decide that you shouldn't
boot that system you bought anymore, he can retract the
permissions and the device you paid money for will be
rendered into a shiny brick.

This _is_ possible, and as human nature teaches: Everything
that is possible _will_ be done, no matter if we recognize
it immediately or not. And the worst solution prevails, so
whatever we may assume about the future, the future will be
much worse. :-)

Note that flats are a familiar example of this model.
You may live in the flat, but by paying a rent you don't
own it. What you may do is limited.

Another valid interpretation of this problem is of course
defective by design and planned obsolescense.


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

 I do wonder about that. What incentive does the possesor of a signing key 
 have to keep it secret? 

Contract penalty clause maybe ? Lawyers ?

Otherwise one of us would purchase a key for $99,  then publish
the key so we could all forever more compile  boot our own kernels.
But that would presumably break the trap Microsoft  Verisign seek
to impose.

It seems dangerous.  I suspect we (the free source community) will need
to campaign, to engage for eg more EU fines against monoplists to force 
them to back off.

I say EU, 'cos they have done it before, so our best bet so far,
but it doesnt matter much which governments impose swingeing anti
monoploy fines, as long as enough do, to deter MS  verisign etc. 

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script,  indent with  .
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

2012-06-06 Thread Daniel Staal


On 2012-06-05 17:20, Jerry wrote:


The question that I have not seen answered in this thread is what
FreeBSD intents to do. From what I have seen, most FreeBSD users do 
not

use the latest versions of most hardware, so it may be a while before
its user base is even effected.


I don't believe at this point FreeBSD has any intent one way or 
another, really.  It's not an immediate problem for any platform 
supported by the FreeBSD project, at least for a technically-inclined 
user who's willing to check out their BIOS.  (Even if they are using the 
latest hardware, the x86-derived platforms aren't going to require this 
code signing yet.)  So it'll probably be a 'wait and see if it's 
something the FreeBSD community needs a solution for' at this point.  
But this is just my impression.


In slight defense of RedHat: They do a lot of worrying about enterprise 
and government customers, many of whom don't really care what platform 
they are running on - as long as they can get 'support' and it passes 
their security/operational tests.  In that environment, I can easily see 
some middle-manager decreeing that disabling the signed-boot process is 
verboten, without any understanding of the meaning or the consequences, 
and enforcing it on the whole company/division, to the point where any 
non-signed OS would be thrown out the door.  FreeBSD has probably 
already been thrown out the door at those types of locations, as there 
is no 'official' support channel.  (Yes, for my sins, I work at one of 
these...)


Daniel T. Staal

---
This email copyright the author.  Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes.  This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Daniel Feenberg




On Wed, 6 Jun 2012, Julian H. Stacey wrote:


I do wonder about that. What incentive does the possesor of a signing key
have to keep it secret?


Contract penalty clause maybe ? Lawyers ?


A limited-liability company with no assets is judgement-proof.



Otherwise one of us would purchase a key for $99,  then publish
the key so we could all forever more compile  boot our own kernels.
But that would presumably break the trap Microsoft  Verisign seek
to impose.



Could it really be that simple? As for hardware vendors putting revoked 
keys in the ROM - are they really THAT cooperative? Seems like they would 
drag their feet on ROM updates if they had to add a lot of stuff that 
won't help them, so that doesn't seem like a great enforcement tool.


dan feenberg
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?



On 6/6/12 6:45 PM, Daniel Feenberg wrote:
 
 
 On Wed, 6 Jun 2012, Julian H. Stacey wrote:
 
 I do wonder about that. What incentive does the possesor of a signing
 key
 have to keep it secret?

 Contract penalty clause maybe ? Lawyers ?
 
 A limited-liability company with no assets is judgement-proof.
 

 Otherwise one of us would purchase a key for $99,  then publish
 the key so we could all forever more compile  boot our own kernels.
 But that would presumably break the trap Microsoft  Verisign seek
 to impose.

 
 Could it really be that simple? As for hardware vendors putting revoked
 keys in the ROM - are they really THAT cooperative? Seems like they
 would drag their feet on ROM updates if they had to add a lot of stuff
 that won't help them, so that doesn't seem like a great enforcement tool.
 
 dan feenberg


Oh god...

Please realize that once the key is divulged, it gets revoked at the
BIOS' next update.

Otherwise the key's purpose is rendered moot.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?



On 6/6/12 7:23 PM, Robert Bonomi wrote:
 Julian H. Stacey j...@berklix.com wrote:

 I do wonder about that. What incentive does the possesor of a signing key 
 have to keep it secret? 

 Contract penalty clause maybe ? Lawyers ?
 
 Contract with _whom_?  The party you pay money to -- Verisign -- simply
 certifies that the party buying the certificate/signing-key  -is- who they 
 claim to be.
 
 It is *entirely* up to the owner of that certificate/signing-key -who- they
 allow to use it.
 
 If someone/anyone attempts to 'revoke' that certificate/key _other_ than
 at the request of the owner of that certificate/key, *THAT* party is subject
 to legal sanctions.  Among other things, 'false persona', 'tortuous inter-
 ference in a business relationship', just to name a few.
 
 There is, however, an 'interesting' legal question -- *if* a party were to
 let 'anybody' use their certificate/key, what is the certificat/key owner's
 legal liability if someone uses that key to sign malware?
 



Standard contract writeup stipulates that only a limited set of
'authorized' company representatives be given access to the Signing Key.

If the key should be divulged, then the key may be revoked by the issuer.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

On Wed, 06 Jun 2012 12:49:53 -0400
Daniel Staal articulated:

On 2012-06-05 17:20, Jerry wrote:

 The question that I have not seen answered in this thread is what
 FreeBSD intents to do. From what I have seen, most FreeBSD users do 
 not
 use the latest versions of most hardware, so it may be a while before
 its user base is even effected.

I don't believe at this point FreeBSD has any intent one way or 
another, really.  It's not an immediate problem for any platform 
supported by the FreeBSD project, at least for a technically-inclined 
user who's willing to check out their BIOS.  (Even if they are using
the latest hardware, the x86-derived platforms aren't going to require
this code signing yet.)  So it'll probably be a 'wait and see if it's 
something the FreeBSD community needs a solution for' at this point.  
But this is just my impression.

I totally agree with you. Unfortunately that speaks to the sad state of
affairs that FreeBSD appears to be in. When it comes to supporting the
latest technologies, it tends to be behind the curve when compared to
other operating systems. Wireless networking and USB support are only a
few examples.

I don't know of any user personally who purchased a new PC and then
threw FreeBSD on it. Most users that I have come into contact with use
2+ year old units that have been replaced by shiny new Windows units. I
don't see that changing anytime soon.

Large companies would all ready have the infrastructure in place to
handle this sort of problem and as you pointed out would be working
with a *nix vendor that could properly meet their needs. Said vendor
would have all ready taken care of the UEFI Secure Boot problem.

In slight defense of RedHat: They do a lot of worrying about
enterprise and government customers, many of whom don't really care
what platform they are running on - as long as they can get 'support'
and it passes their security/operational tests.  In that environment,
I can easily see some middle-manager decreeing that disabling the
signed-boot process is verboten, without any understanding of the
meaning or the consequences, and enforcing it on the whole
company/division, to the point where any non-signed OS would be thrown
out the door.  FreeBSD has probably already been thrown out the door
at those types of locations, as there is no 'official' support
channel.  (Yes, for my sins, I work at one of these...)

What sin? You use a product and want it properly supported. You have an
absolute right to that. Posting a message on a forum and hoping that
someone can answer it is not the type of support a business would want.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

 From owner-freebsd-questi...@freebsd.org  Wed Jun  6 13:46:43 2012
 Date: Wed, 06 Jun 2012 20:44:57 +0200
 From: Damien Fleuriot m...@my.gd
 To: freebsd-questions@freebsd.org
 Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware
  of?

 On 6/6/12 7:23 PM, Robert Bonomi wrote:
  Julian H. Stacey j...@berklix.com wrote:

  I do wonder about that. What incentive does the possesor of a signing key 
  have to keep it secret? 

  Contract penalty clause maybe ? Lawyers ?

  Contract with _whom_?  The party you pay money to -- Verisign -- simply
  certifies that the party buying the certificate/signing-key  -is- who they 
  claim to be.

  It is *entirely* up to the owner of that certificate/signing-key -who- they
  allow to use it.

  If someone/anyone attempts to 'revoke' that certificate/key _other_ than
  at the request of the owner of that certificate/key, *THAT* party is subject
  to legal sanctions.  Among other things, 'false persona', 'tortuous inter-
  ference in a business relationship', just to name a few.

  There is, however, an 'interesting' legal question -- *if* a party were to
  let 'anybody' use their certificate/key, what is the certificat/key owner's
  legal liability if someone uses that key to sign malware?

 Standard contract writeup stipulates that only a limited set of
 'authorized' company representatives be given access to the Signing Key.

Which simply begs the question. _who_ decides who is or is not an 'authorized'
representative?   Or how many such persons are allowed?

 If the key should be divulged, then the key may be revoked by the issuer.

Suppose I put up a web app that takes an executable as input, signs it with
my key, and returns the signed filt to the submitter.  I don't divulge the
key to anyone, just use it on 'anything'.  Anybody attempting to revoke on
_that_ basis is asking for a lawsuit.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Daniel Feenberg




On Wed, 6 Jun 2012, Damien Fleuriot wrote:




On 6/6/12 6:45 PM, Daniel Feenberg wrote:



On Wed, 6 Jun 2012, Julian H. Stacey wrote:


I do wonder about that. What incentive does the possesor of a signing
key
have to keep it secret?


Contract penalty clause maybe ? Lawyers ?


A limited-liability company with no assets is judgement-proof.



Otherwise one of us would purchase a key for $99,  then publish
the key so we could all forever more compile  boot our own kernels.
But that would presumably break the trap Microsoft  Verisign seek
to impose.



Could it really be that simple? As for hardware vendors putting revoked
keys in the ROM - are they really THAT cooperative? Seems like they
would drag their feet on ROM updates if they had to add a lot of stuff
that won't help them, so that doesn't seem like a great enforcement tool.

dan feenberg



Oh god...

Please realize that once the key is divulged, it gets revoked at the
BIOS' next update.


But my point is that MS doesn't issue the updates, they have to ask the 
BIOS vendors to do so, and then the MB vendors have to take the update, 
and then the users have to install the update. The incentive at each level 
is generally very small. It does create some confusion, but is hardly an 
enforcement mechanism. It would disable older versions of FreeBSD on newer 
hardware, but not much else.


A previous poster has pointed out that MS can't revoke a certificate 
belonging to RH, but I suppose the could ask the BIOS vendors to treat it 
as revoked. I don't know what the response would be.


Daniel Feenberg




Otherwise the key's purpose is rendered moot.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Mark Felder


On Wed, 06 Jun 2012 13:44:57 -0500, Damien Fleuriot m...@my.gd wrote:


If the key should be divulged, then the key may be revoked by the issuer.


Revoked how? Wouldn't they have to issue a firmware update to actually  
revoke it? The UEFI firmware doesn't have network access

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

2012-06-06 Thread Robert Simmons

On Wed, Jun 6, 2012 at 3:05 PM, Jerry je...@seibercom.net wrote:
 On Wed, 06 Jun 2012 12:49:53 -0400
 Daniel Staal articulated:

On 2012-06-05 17:20, Jerry wrote:

 The question that I have not seen answered in this thread is what
 FreeBSD intents to do. From what I have seen, most FreeBSD users do
 not
 use the latest versions of most hardware, so it may be a while before
 its user base is even effected.

I don't believe at this point FreeBSD has any intent one way or
another, really.  It's not an immediate problem for any platform
supported by the FreeBSD project, at least for a technically-inclined
user who's willing to check out their BIOS.  (Even if they are using
the latest hardware, the x86-derived platforms aren't going to require
this code signing yet.)  So it'll probably be a 'wait and see if it's
something the FreeBSD community needs a solution for' at this point.
But this is just my impression.

 I totally agree with you. Unfortunately that speaks to the sad state of
 affairs that FreeBSD appears to be in. When it comes to supporting the
 latest technologies, it tends to be behind the curve when compared to
 other operating systems. Wireless networking and USB support are only a
 few examples.

 I don't know of any user personally who purchased a new PC and then
 threw FreeBSD on it. Most users that I have come into contact with use
 2+ year old units that have been replaced by shiny new Windows units. I
 don't see that changing anytime soon.

I would have to disagree with you there.  I know of quite a few users
who happen to run one of the world's largest content distribution
networks (accounting for about one third of the internet's traffic; up
there with pornography).  They purchased more than just a handful of
new computers and threw FreeBSD on them:

http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068129.html
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Dave U . Random

Polytropon free...@edvax.de wrote:

 On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
  Having to pay Verisign instead of Microsoft makes no difference: the
  point is why should I have to pay anything to a third party in order to
  run whatever OS I want on a piece of hardware I own?

It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD,
NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's
an overgrown ugly mess.

We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware
and run a free (or in the case of Linux apparently free) OS on free
hardware.

There are increasing numbers of SBCs and plenty of used servers on
Ebay. They're all built better than commodity Intel mafiaware. Good
riddance!

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Mark Felder

Yes, let's all run ALPHA and MIPS hardware. I'll just jam my Nvidia card  
into one of the available slots and everything should work OK, right?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

On Wed, 6 Jun 2012 15:55:16 -0400
Robert Simmons articulated:

On Wed, Jun 6, 2012 at 3:05 PM, Jerry je...@seibercom.net wrote:
 On Wed, 06 Jun 2012 12:49:53 -0400
 Daniel Staal articulated:

On 2012-06-05 17:20, Jerry wrote:

 The question that I have not seen answered in this thread is what
 FreeBSD intents to do. From what I have seen, most FreeBSD users do
 not
 use the latest versions of most hardware, so it may be a while
 before its user base is even effected.

I don't believe at this point FreeBSD has any intent one way or
another, really.  It's not an immediate problem for any platform
supported by the FreeBSD project, at least for a technically-inclined
user who's willing to check out their BIOS.  (Even if they are using
the latest hardware, the x86-derived platforms aren't going to
require this code signing yet.)  So it'll probably be a 'wait and
see if it's something the FreeBSD community needs a solution for' at
this point. But this is just my impression.

 I totally agree with you. Unfortunately that speaks to the sad state
 of affairs that FreeBSD appears to be in. When it comes to
 supporting the latest technologies, it tends to be behind the curve
 when compared to other operating systems. Wireless networking and
 USB support are only a few examples.

 I don't know of any user personally who purchased a new PC and then
 threw FreeBSD on it. Most users that I have come into contact with
 use 2+ year old units that have been replaced by shiny new Windows
 units. I don't see that changing anytime soon.

I would have to disagree with you there.  I know of quite a few users
who happen to run one of the world's largest content distribution
networks (accounting for about one third of the internet's traffic; up
there with pornography).  They purchased more than just a handful of
new computers and threw FreeBSD on them:

http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068129.html

It is late and I am tired; however, unless I am misreading this, this
is not dealing with a typical home use but a corporate entity. You
omitted my last paragraph in my reply that clearly dealing with
corporations.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?]

2012-06-06 Thread Daniel Staal


On 2012-06-06 15:05, Jerry wrote:

On Wed, 06 Jun 2012 12:49:53 -0400
Daniel Staal articulated:


I don't believe at this point FreeBSD has any intent one way or
another, really.  It's not an immediate problem for any platform
supported by the FreeBSD project, at least for a technically-inclined
user who's willing to check out their BIOS.  (Even if they are using
the latest hardware, the x86-derived platforms aren't going to 
require

this code signing yet.)  So it'll probably be a 'wait and see if it's
something the FreeBSD community needs a solution for' at this point.
But this is just my impression.


I totally agree with you. Unfortunately that speaks to the sad state 
of
affairs that FreeBSD appears to be in. When it comes to supporting 
the

latest technologies, it tends to be behind the curve when compared to
other operating systems. Wireless networking and USB support are only 
a

few examples.


That was not my intended message with the above.  :)  FreeBSD supports 
several server-class hardware platforms.  ARM is not currently a 
server-class hardware platform.  (It's a very interesting platform for 
mobile and small devices, but it has not seen any significant use that I 
am aware of in the market that FreeBSD is primarily aimed at.)  Secure 
Boot - if even a part of the platform - can easily be disabled on those 
platforms.  So it is not a current problem, and there is a fair amount 
of bad feeling about the technology, so it may not ever be a problem.


RedHat is facing severe backlash from the community because it 
supported this technology.  A 'wait and see' approach to whether it 
needs to be supported at all - especially as it doesn't appear to need 
support at present - is a reasonable course.



I don't know of any user personally who purchased a new PC and then
threw FreeBSD on it. Most users that I have come into contact with 
use
2+ year old units that have been replaced by shiny new Windows units. 
I

don't see that changing anytime soon.


*Raises hand*.  I did this with two boxes within the past year.  One 
turned out to be to new for FreeBSD - but Linux didn't have support for 
it yet at that point either.  Now either does.



In slight defense of RedHat: They do a lot of worrying about
enterprise and government customers, many of whom don't really care
what platform they are running on - as long as they can get 'support'
and it passes their security/operational tests.  In that environment,
I can easily see some middle-manager decreeing that disabling the
signed-boot process is verboten, without any understanding of the
meaning or the consequences, and enforcing it on the whole
company/division, to the point where any non-signed OS would be 
thrown

out the door.  FreeBSD has probably already been thrown out the door
at those types of locations, as there is no 'official' support
channel.  (Yes, for my sins, I work at one of these...)


What sin? You use a product and want it properly supported. You have 
an

absolute right to that. Posting a message on a forum and hoping that
someone can answer it is not the type of support a business would 
want.


I'm not sure what sin I committed to be consigned to this place, but it 
must have been heinous.


(And in many cases 'official support' appears to be 'post a message 
about it on our forum, so we can ignore you more efficiently'.)


Daniel T. Staal

---
This email copyright the author.  Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes.  This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Alejandro Imass

On Wed, Jun 6, 2012 at 3:52 PM, Dave U. Random
anonym...@anonymitaet-im-inter.net wrote:
 Polytropon free...@edvax.de wrote:

 On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
  Having to pay Verisign instead of Microsoft makes no difference: the
  point is why should I have to pay anything to a third party in order to
  run whatever OS I want on a piece of hardware I own?

 It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD,
 NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's
 an overgrown ugly mess.

 We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware
 and run a free (or in the case of Linux apparently free) OS on free
 hardware.


But this is more to do with the BIOS than with Intel as such. Wasn't
there a FreeBIOS, later LinuxBIOS, now coreboot I believe..?
So replacing the BIOS entirely wouldn't suffice to override all this nonsense?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Chad Perrin

On Wed, Jun 06, 2012 at 02:23:20PM +0200, Damien Fleuriot wrote:
 
 I agree with the whole post except that last bit about ICANN Matthew.
 
 The US already has enough dominance as is, without involving ICANN, a
 supposedly neutral body (yeah right...) any further.

Indeed.  The last thing we need is some self-appointed authority
purporting to have the last word on what qualifies as secure.  There is
no need for a third-party certification of secure booting.  If there is
need for such a secure booting mechanism at all, it is a need for the
ability of end-of-chain device owners to be able to set their own keys,
without the involvement of any third parties, and an out-of-band key
verification mechanism.  Once again, I feel it incumbent upon me to point
to examples like OpenPGP's keyserver network as the counter-proposal to a
cetifying authority charging money to allow people to control their own
system security in what amounts to a vacant lot scam.

-- 
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Dave U . Random

Wojciech Puchar woj...@tensor.gdynia.pl wrote:

 anyway NOBODY are forced to buy micro-soft software.

That's almost correct but not quite. In 99% of the cases any Intel commodity
mafiaware comes with a preinstalled Winblows. You're paying for it whether
you want it or not. You can get a refund in many cases but it's more effort
than most peoples' time is worth.

 Nobody is forced to buy a PC.

True. I got rid of all my Intel mafiaware a few years ago and I don't miss
it. It's nice in the winter as well.

 Doing this with PC market will result in larger market share for 
 non-Wintel hardware.

I hope it does but sheeple are stupid and don't care.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 6 Jun 2012, at 21:52, Dave U. Random anonym...@anonymitaet-im-inter.net 
wrote:

 Polytropon free...@edvax.de wrote:
 
 On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
 Having to pay Verisign instead of Microsoft makes no difference: the
 point is why should I have to pay anything to a third party in order to
 run whatever OS I want on a piece of hardware I own?
 
 It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD,
 NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's
 an overgrown ugly mess.
 
 We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware
 and run a free (or in the case of Linux apparently free) OS on free
 hardware.
 
 There are increasing numbers of SBCs and plenty of used servers on
 Ebay. They're all built better than commodity Intel mafiaware. Good
 riddance!
 

You have no idea what you're talking about.

This kind of religious propaganda post is neither constructive nor helpful.



I don't trust AMD with my servers' CPUs, not since many years ago when they had 
all these overheating problems.___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?


On 06/06/2012 20:27, Robert Bonomi wrote:
Suppose I put up a web app that takes an executable as input, signs it 
with my key, and returns the signed filt to the submitter. I don't 
divulge the key to anyone, just use it on 'anything'. Anybody 
attempting to revoke on _that_ basis is asking for a lawsuit.


To me it would be perfectly reasonable to revoke the key as soon as you 
signed the first piece of malware. And then anyone who has used the 
service is left with broken binaries, so the model fails.


--
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

Contract penalty clause maybe ? Lawyers ?

A limited-liability company with no assets is judgement-proof.

There's set up running costs (time money), other exposure
http://berklix.com/~jhs/mecc/ltd_gmbh.html
Easiest done by those who have done it before, One would
be careful, there's exposure to directors individual
liabilities eg fraud laws perhaps in some scenarios, not
wanting to be struck off listed as somone not allowed to
be a director of other companies.

Otherwise one of us would purchase a key for $99, then publish
the key so we could all forever more compile boot our own kernels.
But that would presumably break the trap Microsoft Verisign seek
to impose.

Could it really be that simple?

I doubt it. Even if so, best avoid one individual in the firing line.

It's not nice being a small company director personaly
targeted by lawyers of a rich malicious company. Being in
another country gives little protection, remote lawyers hire
local lawyers to harass. They don't even need a good
chance of winning, inventive threats, stress costs unpleasant.

Best activate officials with big budgets manpower to fight back.
We should unite with other Free Source groups approach inform eg
the Competition Commisioner of the European Union (which has already fined MS
heavily before on anti monopoly issues)
http://en.wikipedia.org/wiki/European_Union_Microsoft_competition_case

http://www.msnbc.msn.com/id/23366103/ns/business-world_business/t/eu-fines-microsoft-record-billion/

I recall George Bush junior quashed the last go at breaking up
Microsoft, but maybe the present USA govt. could be encouraged to
fine MS, even if they don't fancy breaking the monopoly aka
http://en.wikipedia.org/wiki/Standard_Oil

Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Reply below not above, cumulative like a play script, indent with .
Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

 From owner-freebsd-questi...@freebsd.org  Wed Jun  6 18:13:09 2012
 Date: Thu, 07 Jun 2012 00:09:54 +0100
 From: Bruce Cran br...@cran.org.uk
 To: Robert Bonomi bon...@mail.r-bonomi.com
 Cc: freebsd-questions@freebsd.org
 Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware
  of?

 On 06/06/2012 20:27, Robert Bonomi wrote:
  Suppose I put up a web app that takes an executable as input, signs it 
  with my key, and returns the signed filt to the submitter. I don't 
  divulge the key to anyone, just use it on 'anything'. Anybody 
  attempting to revoke on _that_ basis is asking for a lawsuit.

 To me it would be perfectly reasonable to revoke the key as soon as you 
 signed the first piece of malware.

It may seem reasonable to you, but is there -legal- basis to do so? 

'signing' only provides assurance of the identity of the signer. I did
sign it.  The key has not been compromised.  The software in question 
is tracable to the signer, but the signer never claimed it was 'error free',
what conract or statute did they breach by doing the signing?  

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

2012-06-06 Thread Chuck Swiger

On Jun 6, 2012, at 4:54 PM, Robert Bonomi wrote:
[ ... ]
 It may seem reasonable to you, but is there -legal- basis to do so? 

Go ask your lawyer.  freebsd-questions isn't qualified to provide you with 
legal advice.

Regards,
-- 
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

 From owner-freebsd-questi...@freebsd.org  Wed Jun  6 19:01:14 2012
 From: Chuck Swiger cswi...@mac.com
 Date: Wed, 06 Jun 2012 16:59:36 -0700
 To: Robert Bonomi bon...@mail.r-bonomi.com
 Cc: freebsd-questions@freebsd.org
 Subject: Re: Is this something we (as consumers of FreeBSD) need to be
 aware  of?

 On Jun 6, 2012, at 4:54 PM, Robert Bonomi wrote:
 [ ... ]
  It may seem reasonable to you, but is there -legal- basis to do so? 

 Go ask your lawyer.  freebsd-questions isn't qualified to provide you with 
 legal advice.

Thank you for your opinion.  However, if you had bothered to read the thread
you woul understand that it was not a solicitation of legal advice.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this something we (as consumers of FreeBSD) need to be aware of?