Date: Wed, 6 Jun 2012 02:46:38 -0700 From: Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com> To: Matthew Seaman <matthew@freebsd.org> Cc: Bruce Cran <bruce@cran.org.uk>, Jerry <jerry@seibercom.net>, FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? Message-ID: <CAOgwaMv9uRguo9j70_jYG3-FXCT4e0%2BJ3X05DD39E58YOmWLLQ@mail.gmail.com> In-Reply-To: <4FCF2521.6090006@FreeBSD.org> References: <CADy1Ce7MihpmMowc265%2BS_RKorMO3KEKsCgr=pdnjg2jzq-dYQ@mail.gmail.com> <20120605203717.5663bdf7.freebsd@edvax.de> <Pine.GSO.4.64.1206051653120.5642@nber6> <20120605181055.4af65fdb@scorpio> <4FCF0772.8000609@FreeBSD.org> <4FCF1891.9020006@cran.org.uk> <4FCF2521.6090006@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 6, 2012 at 2:38 AM, Matthew Seaman <matthew@freebsd.org> wrote: > On 06/06/2012 09:45, Bruce Cran wrote: > > On 06/06/2012 08:32, Matthew Seaman wrote: > >> On deeper thought though, the whole idea appears completely unworkable. > >> It means that you will not be able to compile your own kernel or > >> drivers unless you have access to a signing key. As building your own > >> is pretty fundamental to the FreeBSD project, the logical consequence is > >> that FreeBSD source should come with a signing key for anyone to use. > > > It just means that anyone wishing to run their own kernels would either > > need to disable secure boot, or purchase/create their own certificate > > and install it. > > Indeed. However disabling secure boot is apparently: > > * too difficult for users of Fedora > > * not possible on all platforms (arm based tablets especially) > > and purchasing your own certificate currently means paying $99 to > Microsoft, or else getting a key from the hardware manufacturer (which I > very much suspect will not be free either). > > While I would expect the typical FreeBSD user to be quite capable of > disabling secure boot, I know that this is something that will result in > realms of questions by new users, alarmist claims that "FreeBSD is not > secure" and general glee amongst the "FreeBSD is dying" crowd. > > This is just another misconceived DRM scheme and suffers from all the > same old flaws. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. > PGP: http://www.infracaninophile.co.uk/pgpkey > > > http://www.infoworld.com/t/hacking/tech-behind-flame-attack-could-compromise-microsoft-update-194867 Thank you very much . Mehmet Erol Sanliturk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOgwaMv9uRguo9j70_jYG3-FXCT4e0%2BJ3X05DD39E58YOmWLLQ>