On Wednesday 06 Jun 2012 20:50:38 Michael Mol wrote:
> On Wed, Jun 6, 2012 at 3:40 PM, Mick wrote:
>
> [snip]
>
> > This is my CPU, a first generation i7:
> >
> > cat /proc/cpuinfo
> > processor : 0
> > vendor_id : GenuineIntel
> > cpu family : 6
> > model : 30
> > mo
On 7 June 2012, at 00:50, William Kenworthy wrote:
> ...
> I dont mean cpu power management, I meant under the kernel config option
> which you may not have enabled. As for the Dell iDREC, google it.
>
> This stuff is "old" in enterprise equipment, and I suspect not widely
> used but it is out th
> power management:
>
> You note that "power management:" above is empty.
>
> grep-ping the /proc tree for remoteaccess does not bring up anything.
I dont mean cpu power management, I meant under the kernel config option
which you may not have enabled. As for the Dell iDREC, google it.
This stu
On Wed, Jun 6, 2012 at 3:40 PM, Mick wrote:
[snip]
>
> This is my CPU, a first generation i7:
>
> cat /proc/cpuinfo
> processor : 0
> vendor_id : GenuineIntel
> cpu family : 6
> model : 30
> model name : Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
> stepping
On Wednesday 06 Jun 2012 02:14:45 Bill Kenworthy wrote:
> On Tue, 2012-06-05 at 10:21 -0400, Michael Mol wrote:
> > On Tue, Jun 5, 2012 at 8:52 AM, Mick wrote:
> > > On Monday 04 Jun 2012 13:57:11 Michael Mol wrote:
> > >> On Mon, Jun 4, 2012 at 8:48 AM, Mick wrote:
> > >> > On Saturday 02 Jun 20
On Tue, 2012-06-05 at 10:21 -0400, Michael Mol wrote:
> On Tue, Jun 5, 2012 at 8:52 AM, Mick wrote:
> > On Monday 04 Jun 2012 13:57:11 Michael Mol wrote:
> >> On Mon, Jun 4, 2012 at 8:48 AM, Mick wrote:
> >> > On Saturday 02 Jun 2012 23:50:58 pk wrote:
> >> [snip]
> >>
> >> >> I'm putting on my t
On Tue, Jun 5, 2012 at 8:52 AM, Mick wrote:
> On Monday 04 Jun 2012 13:57:11 Michael Mol wrote:
>> On Mon, Jun 4, 2012 at 8:48 AM, Mick wrote:
>> > On Saturday 02 Jun 2012 23:50:58 pk wrote:
>> [snip]
>>
>> >> I'm putting on my tinfoil hat now and I'm going to pretend it's
>> >> raining... :-/
>>
On Monday 04 Jun 2012 13:57:11 Michael Mol wrote:
> On Mon, Jun 4, 2012 at 8:48 AM, Mick wrote:
> > On Saturday 02 Jun 2012 23:50:58 pk wrote:
> [snip]
>
> >> I'm putting on my tinfoil hat now and I'm going to pretend it's
> >> raining... :-/
> >
> > Can I please join you if you have a spare hat
On Mon, Jun 04, 2012 at 10:34:58AM -0400, Michael Mol wrote
> On Mon, Jun 4, 2012 at 9:33 AM, BRM wrote:
>
> > We'll see if SecureBoot actually even makes it to market; if it
> > does, expect some Class Action lawsuits to occur.
>
> We'll see. Don't forget _you can turn the thing off_. I expect
On Mon, 2012-06-04 at 10:34 -0400, Michael Mol wrote:
> On Mon, Jun 4, 2012 at 9:33 AM, BRM wrote:
> >> From: Michael Mol
> >
> >>On Sat, Jun 2, 2012 at 10:04 PM, BRM wrote:
> From: Michael Mol
> >>[snip]
> >>> In theory that's how key signing systems are suppose to work.
...
> >>I see som
On Mon, Jun 4, 2012 at 5:13 PM, BRM wrote:
>> From: Michael Mol
>
>>On Mon, Jun 4, 2012 at 9:33 AM, BRM wrote:
From: Michael Mol
>>>
On Sat, Jun 2, 2012 at 10:04 PM, BRM wrote:
>> From: Michael Mol
[snip]
> Honestly, I don't expect SecureBoot to last very long.
> Either
> From: Michael Mol
>On Mon, Jun 4, 2012 at 9:33 AM, BRM wrote:
>>> From: Michael Mol
>>
>>>On Sat, Jun 2, 2012 at 10:04 PM, BRM wrote:
> From: Michael Mol
>>>[snip]
In theory that's how key signing systems are suppose to work.
In practice, they rarely implement the blacklists a
On 2012-06-04 14:48, Mick wrote:
> Can I please join you if you have a spare hat?
Sure, got lots of (virtual) hats... here's one: ^ (may be a bit small) ;-)
> On a 3 year old Dell laptop manufactured by the famous and well
> known Winbond Electronics I see this under lshw:
>
> *-remoteaccess U
On Mon, Jun 4, 2012 at 9:33 AM, BRM wrote:
>> From: Michael Mol
>
>>On Sat, Jun 2, 2012 at 10:04 PM, BRM wrote:
From: Michael Mol
>>[snip]
>>> In theory that's how key signing systems are suppose to work.
>>> In practice, they rarely implement the blacklists as they are (i) hard to
>>> ma
> From: Michael Mol
>On Sat, Jun 2, 2012 at 10:04 PM, BRM wrote:
>>> From: Michael Mol
>[snip]
>> In theory that's how key signing systems are suppose to work.
>> In practice, they rarely implement the blacklists as they are (i) hard to
>> maintain,
>> and (ii) hard to distribute in an effecti
On Mon, Jun 4, 2012 at 8:48 AM, Mick wrote:
> On Saturday 02 Jun 2012 23:50:58 pk wrote:
[snip]
>> I'm putting on my tinfoil hat now and I'm going to pretend it's
>> raining... :-/
> Can I please join you if you have a spare hat?
>
> On a 3 year old Dell laptop manufactured by the famous and we
On Saturday 02 Jun 2012 23:50:58 pk wrote:
> On 2012-06-02 22:10, Michael Mol wrote:
> > I expect the chief mechanism is at the manufacturer's end; blacklisted
> > keys get included on shipment.
>
> Makes sense.
>
> > It's also probable that the OS kernel can tell the UEFI BIOS about new
> > keys
Am 03.06.2012 08:57, schrieb Walter Dnes:
> On Sat, Jun 02, 2012 at 07:36:51PM -0400, Michael Mol wrote
>
>> The BIOS will only load a signed bootloader. The signed bootloader
>> will only load a signed kernel.
>
> OK, so I sign LILO. What code is in there that prevents LILO from
> loading wha
On Sat, Jun 02, 2012 at 07:36:51PM -0400, Michael Mol wrote
> The BIOS will only load a signed bootloader. The signed bootloader
> will only load a signed kernel.
OK, so I sign LILO. What code is in there that prevents LILO from
loading whatever kernel I've compiled?
> The signed kernel will.
On Sat, Jun 2, 2012 at 10:04 PM, BRM wrote:
>> From: Michael Mol
>
[snip]
>
> In theory that's how key signing systems are suppose to work.
> In practice, they rarely implement the blacklists as they are (i) hard to
> maintain,
> and (ii) hard to distribute in an effective manner.
Indeed. Whi
> From: Michael Mol
> On Sat, Jun 2, 2012 at 8:35 PM, Florian Philipp
> wrote:
>> Am 03.06.2012 01:36, schrieb Michael Mol:
>>> On Sat, Jun 2, 2012 at 6:50 PM, pk wrote:
On 2012-06-02 22:10, Michael Mol wrote:
>>>
>>> [snip]
>>>
>> [...]
>>>
>>> The BIOS will only load a signed b
On Sat, Jun 2, 2012 at 8:35 PM, Florian Philipp wrote:
> Am 03.06.2012 01:36, schrieb Michael Mol:
>> On Sat, Jun 2, 2012 at 6:50 PM, pk wrote:
>>> On 2012-06-02 22:10, Michael Mol wrote:
>>
>> [snip]
>>
> [...]
>>
>> The BIOS will only load a signed bootloader. The signed bootloader
>> will only
Am 03.06.2012 01:36, schrieb Michael Mol:
> On Sat, Jun 2, 2012 at 6:50 PM, pk wrote:
>> On 2012-06-02 22:10, Michael Mol wrote:
>
> [snip]
>
[...]
>
> The BIOS will only load a signed bootloader. The signed bootloader
> will only load a signed kernel. The signed kernel will...do whatever
> you
On Sat, Jun 2, 2012 at 6:50 PM, pk wrote:
> On 2012-06-02 22:10, Michael Mol wrote:
[snip]
>> It's also probable that the OS kernel can tell the UEFI BIOS about new
>> keys to blacklist. I expect that'll be a recurring thing in the
>> Monthly batch of security updates Microsoft puts out. (Makes
On 2012-06-02 22:10, Michael Mol wrote:
> I expect the chief mechanism is at the manufacturer's end; blacklisted
> keys get included on shipment.
Makes sense.
> It's also probable that the OS kernel can tell the UEFI BIOS about new
> keys to blacklist. I expect that'll be a recurring thing in th
On Sat, Jun 2, 2012 at 3:51 PM, pk wrote:
> On 2012-06-02 15:12, Florian Philipp wrote:
>
>> According to [1] it is SHA-256 and RSA-2048. If I understand it
>> correctly, there are means to blacklist compromised keys. That's
>> why
>
> Just curious, how is a "compromised" key supposed to be blackl
On 2012-06-02 15:12, Florian Philipp wrote:
> According to [1] it is SHA-256 and RSA-2048. If I understand it
> correctly, there are means to blacklist compromised keys. That's
> why
Just curious, how is a "compromised" key supposed to be blacklisted?
Does the bios contact Microsoft, or is it th
Am 02.06.2012 15:00, schrieb Michael Mol:
> On Sat, Jun 2, 2012 at 3:43 AM, Florian Philipp wrote:
>> Am 02.06.2012 04:26, schrieb William Kenworthy:
>>> http://boingboing.net/2012/05/31/lockdown-freeopen-os-maker-p.html
>>>
>>> and something I had not considered with the whole idea was even boota
On Sat, Jun 2, 2012 at 3:43 AM, Florian Philipp wrote:
> Am 02.06.2012 04:26, schrieb William Kenworthy:
>> http://boingboing.net/2012/05/31/lockdown-freeopen-os-maker-p.html
>>
>> and something I had not considered with the whole idea was even bootable
>> cd's and usb keys for rescue will need th
On 2012-06-02 09:43, Florian Philipp wrote:
> You don't have to be "blessed". You could call your distribution
> BallmerSucks and still get a certificate. You just have to
> register, authenticate and pay the fee. Anything else would earn
> them an antitrust law suite they wouldn't forget.
...
Am 02.06.2012 04:26, schrieb William Kenworthy:
> http://boingboing.net/2012/05/31/lockdown-freeopen-os-maker-p.html
>
> and something I had not considered with the whole idea was even bootable
> cd's and usb keys for rescue will need the same privileges ...
>
> BillK
>
>
>
>
I find this art
http://boingboing.net/2012/05/31/lockdown-freeopen-os-maker-p.html
and something I had not considered with the whole idea was even bootable
cd's and usb keys for rescue will need the same privileges ...
BillK
32 matches
Mail list logo