On 06/01/2012 03:32 PM, Chris Murphy wrote: > On Jun 1, 2012, at 1:14 PM, Gerry Reno wrote: > >> That would be much easier accomplished by having the OS reside on a >> read-only device that could only be written to by >> the user actively using hardware to enable the write during installation. > Except this hardware does not exist, and it only took about a decade to get > 512e AF drives from concept to ship. Ergo not only not easier, not possible > (practically anyway as people want to use SSDs and HDDs). > > And also except that your premise that all users, by default, have the > competency to determine what software is to be trusted, and push a button on > hardware typically located inside of an enclosure, is flawed. You're > basically requiring a.) all users with laptops have the ability to physically > open their laptops to push this button; or b.) a laptop case design that > exposes this button, as if that isn't fraught with all sorts of potential > problems. > >> Forensic firms have been using these types of read-write controllable drive >> interfaces for years. Hardware already exists. > And the commonality in environment, workflow, and user competency between > forensic firms and Fedora users is maybe 5%? I mean, if we're going to just > throw spaghetti at a wall, I get to make wild guesses too. > > It appears not even remotely practical, let alone in a ~6-12 month time > frame. And there's zero incentive for drive manufacturers to do this and pass > the cost onto all of their consumers. > > > Chris Murphy
Drive manufacturers need to do nothing. One drive probably SSD at this point, gets dedicated to OS. Other drive to everything else. The read-write controllable interfaces already exist as I pointed out and are in use by forensic firms. There are plenty of buttons/keys on machines right now that can be used to toggle this interface. It's 100% doable today with existing hardware. . -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
