On Wed, Jun 6, 2012 at 2:38 AM, Matthew Seaman <matt...@freebsd.org> wrote:
> On 06/06/2012 09:45, Bruce Cran wrote: > > On 06/06/2012 08:32, Matthew Seaman wrote: > >> On deeper thought though, the whole idea appears completely unworkable. > >> It means that you will not be able to compile your own kernel or > >> drivers unless you have access to a signing key. As building your own > >> is pretty fundamental to the FreeBSD project, the logical consequence is > >> that FreeBSD source should come with a signing key for anyone to use. > > > It just means that anyone wishing to run their own kernels would either > > need to disable secure boot, or purchase/create their own certificate > > and install it. > > Indeed. However disabling secure boot is apparently: > > * too difficult for users of Fedora > > * not possible on all platforms (arm based tablets especially) > > and purchasing your own certificate currently means paying $99 to > Microsoft, or else getting a key from the hardware manufacturer (which I > very much suspect will not be free either). > > While I would expect the typical FreeBSD user to be quite capable of > disabling secure boot, I know that this is something that will result in > realms of questions by new users, alarmist claims that "FreeBSD is not > secure" and general glee amongst the "FreeBSD is dying" crowd. > > This is just another misconceived DRM scheme and suffers from all the > same old flaws. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. > PGP: http://www.infracaninophile.co.uk/pgpkey > > > http://www.infoworld.com/t/hacking/tech-behind-flame-attack-could-compromise-microsoft-update-194867 Thank you very much . Mehmet Erol Sanliturk _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
