On Sun, Jul 08, 2012 at 07:30:48PM -0400, Ted Ts'o wrote:
> So in answer to your question, there are plenty of Android devices
> which are trivially unlockable. (And once a Nexus phone is unlocked,
> it's you can get a root shell trivially; no jail-breaking necessary.
> Of course this is true for
Le mardi 10 juillet 2012 13:08:57, Russell Coker a écrit :
> On Tue, 10 Jul 2012, "Thomas Preud'homme" wrote:
> > When the flaws was exploited, then the attacker had sufficient access to
> > change e.g. EFI and could thus have done whatever nasty things he wanted
> > on the system. And as long as
On Tue, 10 Jul 2012, "Thomas Preud'homme" wrote:
> When the flaws was exploited, then the attacker had sufficient access to
> change e.g. EFI and could thus have done whatever nasty things he wanted
> on the system. And as long as the system is not rebooted, nothing can
> prevent it to do so.
htt
Le lundi 2 juillet 2012 18:42:13, Steve McIntyre a écrit :
> Hey folks,
>
> As you might have seen from recent discussions about the Fedora and
> Ubuntu strategies for how to deal with EFI and Secure Boot, there are
> potentially major issues in the area. In Debian we don't (yet) have a
> plan, so
On Mon, Jul 09, 2012 at 12:26:49PM -0400, Ted Ts'o wrote:
> On Mon, Jul 09, 2012 at 04:48:38PM +0100, Matthew Garrett wrote:
> > Hey, it's hardly my fault that nobody else bothered turning up to the
> > well-advertised events where this got discussed...
>
> If it's documented on paper, it didn't h
On Mon, Jul 09, 2012 at 04:48:38PM +0100, Matthew Garrett wrote:
> In article <20120708235244.gb24...@thunk.org> Ted Ts'o wrote:
> > Matthew Garret believes that this is a requirement; however, there is
> > no documented paper trail indicating that this is actually necessary.
> > There are those w
In article <20120708235244.gb24...@thunk.org> Ted Ts'o wrote:
> Matthew Garret believes that this is a requirement; however, there is
> no documented paper trail indicating that this is actually necessary.
> There are those who believe that Microsoft wouldn't dare revoke a
> Linux key because of t
On Fri, Jul 06, 2012 at 05:32:44AM +0100, Ben Hutchings wrote:
>
> 2. Upstream kernel support: when booted in Secure Boot mode, Linux would
> only load signed kernel modules and disable the various debug interfaces
> that allow code injection. I'm aware that David Howells, Matthew
> Garrett and o
On Sun, Jul 08, 2012 at 10:00:05AM -0600, Paul Wise wrote:
> On Sun, Jul 8, 2012 at 7:15 AM, Wookey wrote:
> > Will Android machines make secure boot turn-offable or another key
> > installable, or will thay follow the Microsoft lead and lock
> > everything down too?
>
> Are there any Android devi
Paul,
am Sun, Jul 08, 2012 at 10:00:05AM -0600 hast du folgendes geschrieben:
> On Sun, Jul 8, 2012 at 7:15 AM, Wookey wrote:
> > Will Android machines make secure boot turn-offable or another key
> > installable, or will thay follow the Microsoft lead and lock
> > everything down too?
> Are there
On Sun, Jul 8, 2012 at 7:15 AM, Wookey wrote:
> Will Android machines make secure boot turn-offable or another key
> installable, or will thay follow the Microsoft lead and lock
> everything down too?
Are there any Android devices that aren't *already* bootloader locked
or require jailbreaking to
On Sun, 2012-07-08 at 14:15 +0100, Wookey wrote:
[...]
> A competition case is much harder to bring here because Windows has
> almost zero share on ARM and can use that as an excuse. Of course, as
> we know in Debian architecture is really irrelevant to the question of
> 'is this OS dominant and us
On Sun, 8 Jul 2012, Wookey wrote:
> > The distinction is between x86 and ARM, and the Windows 8 cert
> > requirements for ARM appear to have as their goal to prevent any other
> > OS to be bootable on that hardware.
>
> Which is pretty outrageous IMHO and may well become a serious problem
> once
+++ Steve Langasek [2012-07-07 15:58 -0600]:
> On Sat, Jul 07, 2012 at 11:09:57PM +0200, Andreas Barth wrote:
> > * Steve Langasek (vor...@debian.org) [120707 22:54]:
> > > On Fri, Jul 06, 2012 at 10:14:01AM +0200, Josselin Mouette wrote:
> > > > If OTOH we have to pay a fee just for our software
On Sat, Jul 07, 2012 at 11:09:57PM +0200, Andreas Barth wrote:
> * Steve Langasek (vor...@debian.org) [120707 22:54]:
> > On Fri, Jul 06, 2012 at 10:14:01AM +0200, Josselin Mouette wrote:
> > > If OTOH we have to pay a fee just for our software to work on platforms
> > > that just happen to be usin
On Sat, Jul 07, 2012 at 02:48:59PM -0600, Steve Langasek wrote:
> On Fri, Jul 06, 2012 at 10:14:01AM +0200, Josselin Mouette wrote:
> > If OTOH we have to pay a fee just for our software to work on platforms
> > that just happen to be using Microsoft’s certificate, this is clearly
> > abusive. I w
* Steve Langasek (vor...@debian.org) [120707 22:54]:
> On Fri, Jul 06, 2012 at 10:14:01AM +0200, Josselin Mouette wrote:
> > If OTOH we have to pay a fee just for our software to work on platforms
> > that just happen to be using Microsoft’s certificate, this is clearly
> > abusive. I would object
On Fri, Jul 06, 2012 at 10:14:01AM +0200, Josselin Mouette wrote:
> Le vendredi 06 juillet 2012 à 05:32 +0100, Ben Hutchings a écrit :
> > 1. General consensus in the project that supporting the option of Secure
> > Boot, including purchase of a Microsoft-signed certificate, is
> > worthwhile and
On Sat, 2012-07-07 at 08:46 -0600, Ansgar Burchardt wrote:
> Hi,
>
> Ben Hutchings writes:
> > 2. Upstream kernel support: when booted in Secure Boot mode, Linux would
> > only load signed kernel modules and disable the various debug interfaces
> > that allow code injection. I'm aware that David
Hi,
Ben Hutchings writes:
> 2. Upstream kernel support: when booted in Secure Boot mode, Linux would
> only load signed kernel modules and disable the various debug interfaces
> that allow code injection. I'm aware that David Howells, Matthew
> Garrett and others are working on this.
That makes
On Fri, Jul 6, 2012 at 5:41 AM, Carlos Alberto Lopez Perez wrote:
> This are the FSF recommendations:
>
> http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/whitepaper-web
These seem much more in line with the Debian social contract than any
the actions of other distributions or of the s
On 06/07/12 06:32, Ben Hutchings wrote:
> 1. General consensus in the project that supporting the option of Secure
> Boot, including purchase of a Microsoft-signed certificate, is
> worthwhile and not entirely objectionable. (I am assuming that it would
> be a waste of time to use our own platform
Le vendredi 06 juillet 2012 à 05:32 +0100, Ben Hutchings a écrit :
> 1. General consensus in the project that supporting the option of Secure
> Boot, including purchase of a Microsoft-signed certificate, is
> worthwhile and not entirely objectionable.
Not entirely objectionable indeed, but it r
On Thu, 2012-07-05 at 22:27 -0400, Theodore Ts'o wrote:
> On Wed, Jul 04, 2012 at 12:51:01PM +, Tanguy Ortolo wrote:
> > Tanguy Ortolo, 2012-07-04 14:13+0200:
> > > A blog post explaining how to set up Debian to boot via UEFI:
> > >http://tanguy.ortolo.eu/blog/article51/debian-efi
> > > A m
On Wed, Jul 04, 2012 at 12:51:01PM +, Tanguy Ortolo wrote:
> Tanguy Ortolo, 2012-07-04 14:13+0200:
> > A blog post explaining how to set up Debian to boot via UEFI:
> >http://tanguy.ortolo.eu/blog/article51/debian-efi
> > A message to this list detailing the UEFI boot procedure and what is
Tanguy wrote:
>Steve McIntyre, 2012-07-02 18:42+0200:
>> As you might have seen from recent discussions about the Fedora and
>> Ubuntu strategies for how to deal with EFI and Secure Boot, there are
>> potentially major issues in the area. In Debian we don't (yet) have a
>> plan, so it's high time t
Tanguy Ortolo, 2012-07-04 14:13+0200:
> A blog post explaining how to set up Debian to boot via UEFI:
>http://tanguy.ortolo.eu/blog/article51/debian-efi
> A message to this list detailing the UEFI boot procedure and what is
> required to support it:
>
>http://lists.debian.org/debian-dev
Steve McIntyre, 2012-07-02 18:42+0200:
> As you might have seen from recent discussions about the Fedora and
> Ubuntu strategies for how to deal with EFI and Secure Boot, there are
> potentially major issues in the area. In Debian we don't (yet) have a
> plan, so it's high time that we had some dis
On Mon, Jul 02, 2012 at 05:42:13PM +0100, Steve McIntyre wrote:
> As you might have seen from recent discussions about the Fedora and
> Ubuntu strategies for how to deal with EFI and Secure Boot, there are
> potentially major issues in the area. In Debian we don't (yet) have a
> plan, so it's high
29 matches
Mail list logo
