El vie, 21-09-2012 a las 08:58 +0200, Mateusz Marzantowicz escribió:
> On 21.09.2012 07:42, Heinz Diehl wrote:
> > On 21.09.2012, Eddie G. O'Connor Jr. wrote:
> >
> >>> To be able to boot any other system than Windows, you have to turn
> >>> off secure boot or you could use your own keys signed
On 21.09.2012, Eddie G. O'Connor Jr. wrote:
> >Sorry for my maybe stupid question but why there must my Microsoft's key
> >on motherboard and not Fedora's one?
Because Microsoft dominates the hardware market, if you like it or
not.
> Why Linux vendors don't intend to
> >install theirs keys to
On 09/21/2012 02:58 AM, Mateusz Marzantowicz wrote:
On 21.09.2012 07:42, Heinz Diehl wrote:
On 21.09.2012, Eddie G. O'Connor Jr. wrote:
To be able to boot any other system than Windows, you have to turn
off secure boot or you could use your own keys signed by Microsoft.
It's not (U)EFI which i
On 21.09.2012 07:42, Heinz Diehl wrote:
> On 21.09.2012, Eddie G. O'Connor Jr. wrote:
>
>>> To be able to boot any other system than Windows, you have to turn
>>> off secure boot or you could use your own keys signed by Microsoft.
>>> It's not (U)EFI which is the problem, it's the "secure boot".
>
On 21.09.2012, Eddie G. O'Connor Jr. wrote:
> >To be able to boot any other system than Windows, you have to turn
> >off secure boot or you could use your own keys signed by Microsoft.
> >It's not (U)EFI which is the problem, it's the "secure boot".
> AAAhhh!! NOW I think I understand!..
Yo
On 2012/09/20 19:38, JD wrote:
On 09/20/2012 07:56 PM, Eddie G. O'Connor Jr. wrote:
On 09/20/2012 08:24 AM, jdow wrote:
On 2012/09/20 04:45, Matthew Miller wrote:
On Thu, Sep 20, 2012 at 04:29:47AM -0700, jdow wrote:
That is why I like my unique to the machine key that is supplied to the
use
On 09/20/2012 07:56 PM, Eddie G. O'Connor Jr. wrote:
On 09/20/2012 08:24 AM, jdow wrote:
On 2012/09/20 04:45, Matthew Miller wrote:
On Thu, Sep 20, 2012 at 04:29:47AM -0700, jdow wrote:
That is why I like my unique to the machine key that is supplied to
the
user along with the board serial nu
On 09/20/2012 08:24 AM, jdow wrote:
On 2012/09/20 04:45, Matthew Miller wrote:
On Thu, Sep 20, 2012 at 04:29:47AM -0700, jdow wrote:
That is why I like my unique to the machine key that is supplied to the
user along with the board serial number. So he can make changes. But
the
changes for his
On 09/20/2012 07:27 AM, Heinz Diehl wrote:
On 20.09.2012, Eddie O'Connor wrote:
Right? And the only way to be able to iunstall/boot
another OS would be to turn the UEFI offbut without the proper
keythat is impossible?
To be able to boot any other system than Windows, you have to turn
o
nomnex wrote:
> I also read that (most?) vendor will allow Secure boot to be switch off
> on the BIOS.
>
> When I purchase a notebook (Prior to Secure boot), I erase the
> partition. I boot from a Live CD. If everything seems to work, and if I
> like the DE, I install the OS.
>
> And that's my qu
Once, long ago--actually, on Thu, Sep 20, 2012 at 06:39:59AM CDT--Alan Cox
(a...@lxorguk.ukuu.org.uk) said:
> Clearly because the firmware vendors do it but with access to all the
> needed documentation and signing arrangements that may be present.
Note that there are already open-source BIOS ver
On 2012/09/20 04:45, Matthew Miller wrote:
On Thu, Sep 20, 2012 at 04:29:47AM -0700, jdow wrote:
That is why I like my unique to the machine key that is supplied to the
user along with the board serial number. So he can make changes. But the
changes for his system cannot affect other systems. Th
On Thu, Sep 20, 2012 at 04:29:47AM -0700, jdow wrote:
> That is why I like my unique to the machine key that is supplied to the
> user along with the board serial number. So he can make changes. But the
> changes for his system cannot affect other systems. That would make
> custom signed Linux kern
> But it IS possible no?..providing one has the required information
> about how to do it?
Clearly because the firmware vendors do it but with access to all the
needed documentation and signing arrangements that may be present.
--
users mailing list
users@lists.fedoraproject.org
To unsubs
On Thu, 20 Sep 2012 07:10:00 -0400
Matthew Miller wrote:
> On Thu, Sep 20, 2012 at 12:06:08PM +0100, Alan Cox wrote:
> > On ARM systems the requirement is the reverse - it must not be possible
> > to disable it, so those devices will be locked to Windows if shipped that
> > way.
>
> Locked to bo
> So then basically there's no REAL way to get a "modern" PC / laptop WITHOUT
> this UEFI on it? Right? And the only way to be able to iunstall/boot
> another OS would be to turn the UEFI offbut without the proper
> keythat is impossible? Just trying to understand what this means when
> it'
On 2012/09/20 04:13, Eddie O'Connor wrote:
On Thu, Sep 20, 2012 at 7:10 AM, Matthew Miller mailto:mat...@fedoraproject.org>> wrote:
On Thu, Sep 20, 2012 at 12:06:08PM +0100, Alan Cox wrote:
> On ARM systems the requirement is the reverse - it must not be possible
> to disable it,
On 20.09.2012, Eddie O'Connor wrote:
> Right? And the only way to be able to iunstall/boot
> another OS would be to turn the UEFI offbut without the proper
> keythat is impossible?
To be able to boot any other system than Windows, you have to turn
off secure boot or you could use your o
On Thu, Sep 20, 2012 at 7:10 AM, Matthew Miller wrote:
> On Thu, Sep 20, 2012 at 12:06:08PM +0100, Alan Cox wrote:
> > On ARM systems the requirement is the reverse - it must not be possible
> > to disable it, so those devices will be locked to Windows if shipped that
> > way.
>
> Locked to bootlo
On Thu, Sep 20, 2012 at 12:06:08PM +0100, Alan Cox wrote:
> On ARM systems the requirement is the reverse - it must not be possible
> to disable it, so those devices will be locked to Windows if shipped that
> way.
Locked to bootloaders signed with the Microsoft key, not _necessarily_ to
Windows,
On Thu, Sep 20, 2012 at 7:09 AM, Alan Cox wrote:
> > In that case, I feel that many people will start building open source
> > bioses for a limited set of mobos. They will provide the software to
> > burn the bios into the mobo's eeprom or will even sell mobo's which
> > them modify and install t
> In that case, I feel that many people will start building open source
> bioses for a limited set of mobos. They will provide the software to
> burn the bios into the mobo's eeprom or will even sell mobo's which
> them modify and install their own bios prom on. I think nature abhors
> vaccum.
Th
> The question I have is, can the buyer simply choose NOT to
> use uefi (i.e. blow it off the system) and boot any OS of choice
> which will not insist on the presence of any UEFI?
No.
> I think the answer to this question is more important as it provides
> an "opt-out" choice to the consumer.
T
On 09/19/2012 11:06 PM, JD wrote:
On 09/19/2012 08:50 PM, Eddie G. O'Connor Jr. wrote:
On 09/19/2012 10:47 PM, JD wrote:
On 09/19/2012 08:30 PM, Eddie G. O'Connor Jr. wrote:
On 09/19/2012 02:05 PM, Mike Wright wrote:
And in today's news:
http://www.theregister.co.uk/2012/09/19/win8_rootkit
On 09/19/2012 08:50 PM, Eddie G. O'Connor Jr. wrote:
On 09/19/2012 10:47 PM, JD wrote:
On 09/19/2012 08:30 PM, Eddie G. O'Connor Jr. wrote:
On 09/19/2012 02:05 PM, Mike Wright wrote:
And in today's news:
http://www.theregister.co.uk/2012/09/19/win8_rootkit/
A few things in particular stood
On 09/19/2012 10:47 PM, JD wrote:
On 09/19/2012 08:30 PM, Eddie G. O'Connor Jr. wrote:
On 09/19/2012 02:05 PM, Mike Wright wrote:
And in today's news:
http://www.theregister.co.uk/2012/09/19/win8_rootkit/
A few things in particular stood out to me:
1) "Writing a bootkit couldn't be an easi
On 09/19/2012 08:30 PM, Eddie G. O'Connor Jr. wrote:
On 09/19/2012 02:05 PM, Mike Wright wrote:
And in today's news:
http://www.theregister.co.uk/2012/09/19/win8_rootkit/
A few things in particular stood out to me:
1) "Writing a bootkit couldn't be an easier task for virus writers
with the
On 09/19/2012 02:05 PM, Mike Wright wrote:
And in today's news:
http://www.theregister.co.uk/2012/09/19/win8_rootkit/
A few things in particular stood out to me:
1) "Writing a bootkit couldn't be an easier task for virus writers
with the UEFI framework available, much easier than before when
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/19/2012 06:43 PM, JD wrote:
>
>
> The question I have is, can the buyer simply choose NOT to
> use uefi (i.e. blow it off the system) and boot any OS of choice
> which will not insist on the presence of any UEFI?
> I think the answer to this que
> On Wed, 19 Sep 2012 11:05:39 -0700
> Mike Wright wrote:
>
> And in today's news:
>
> http://www.theregister.co.uk/2012/09/19/win8_rootkit/
>
> A few things in particular stood out to me:
>
> 1) "Writing a bootkit couldn't be an easier task for virus writers
> with the UEFI framework availabl
On 09/19/2012 05:00 PM, Alan Cox wrote:
The proper way to do this is to issue a unique key for each board
that has the private signing key included for the users who wish to
add personally signed software. Their key does not work on any other
machine, of course. Distros could sign their material
> The proper way to do this is to issue a unique key for each board
> that has the private signing key included for the users who wish to
> add personally signed software. Their key does not work on any other
> machine, of course. Distros could sign their material. And if the user
> wishes to recom
On 2012/09/19 14:52, Alan Evans wrote:
On Wed, Sep 19, 2012 at 11:05 AM, Mike Wright wrote:
Great! MS shoots self in foot, others in head. We saw it coming :/
Shoots themselves in the foot? Limiting user choice sounds like it's
working just the way they wanted. (Shooting everyone else in the
On Wed, Sep 19, 2012 at 11:05 AM, Mike Wright wrote:
> Great! MS shoots self in foot, others in head. We saw it coming :/
Shoots themselves in the foot? Limiting user choice sounds like it's
working just the way they wanted. (Shooting everyone else in the head
was a part of their plan.)
--
user
And in today's news:
http://www.theregister.co.uk/2012/09/19/win8_rootkit/
A few things in particular stood out to me:
1) "Writing a bootkit couldn't be an easier task for virus writers with
the UEFI framework available, much easier than before when they needed
to code in pure assembly."
2
35 matches
Mail list logo
