:: Re: [DNG] ..another new(?) step tow…
Página Principal
Delete this message
Reply to this message
Autor: Edward Bartolo
Data:  
Para: Didier Kryn
CC: dng
Assunto: Re: [DNG] ..another new(?) step towards Debian systemd: linux-image-4.6.0-1[-rt]-amd-signed, with MSTF keys...
Hi,

In line with: <<
That way only the big distros will be able to provide a bootable OS
and the poor DIY guy will be definitely disgusted. This EFI thingy
will in no way improve the security. It is a pure fallacy.

    We can survive as long as the BIOS allows non-EFI boot. I hope
they will be forced by law to keep this option.

>>


I have been 'told' that any kernel can still be booted under UEFI
Secure Boot. This was told to me on forurms.debian.net. The respondent
insisted any kernel can be booted even custom compiled ones.

Refer to forums.debian.net thread:
http://forums.debian.net/viewtopic.php?p=609579&sid=c65ab3dc5f980e0c1f79b7b7a5116511#p609579

Edward

On 12/06/2016, Didier Kryn <kryn@???> wrote:
> Le 12/06/2016 09:14, Jaromil a écrit :
>> On Sun, 12 Jun 2016, Adam Borowski wrote:
>>
>>> Until systemd gets some DRM components, that is.
>> I suspect this is going to happen sooner than later. This is just
>> speculation of course, but the sort of vertically integrated
>> architecture systemd is implementing goes in the direction of playing
>> the DRM dirty game. Anyway I have no doubts it will be cracked open by
>> some clever hacker for a good show at CCC.
>>
>>
>      EFI is one of the inventions of M$ to keep free software out. But
> since this is illegal, they are forced to sign the Linux bootloaders to
> allow them to start, hence, AFAIU the concept of a shim. Now signatures
> are going everywhere to make M$ happy, even down to the kernel, and all
> this becomes entangled in a way that's more and more difficult to handle
> and even understand for the bare human. That way only the big distros
> will be able to provide a bootable OS and the poor DIY guy will be
> definitely disgusted. This EFI thingy will in no way improve the
> security. It is a pure fallacy.

>
>      We can survive as long as the BIOS allows non-EFI boot. I hope they
> will be forced by law to keep this option.

>
>      Didier

>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
>