On 06/05/2012 05:10 AM, JD wrote:
I wonder if China will go along with the MS plans!
Much of our HW is made in China. What's to prevent
China from inserting back door code in the HW? I
mean that would totally make secure boot a laughable
thing.
Well this scheme where the manufacturer inserts a stealth certificate
actually makes sense, unfortunately. Secure boot or no secure boot,
anyone concerned with security and privacy should always trust the
manufacturer of the hardware one uses, unless it is open hardware.
This is much like the difference between proprietary software and open
source software, where you need to trust the proprietary software
developer, whereas you don't need to for open source software (because
anyone, including you, can review the source).
>> But, I thought secure meant that the owner could secure access to the
>> machine any time he wanted. The owner is the manufacturer, isn't it?
>>
>> {O.o}
> I have not seen your assertion made by anyone in this thread,
> especially when it comes to MS and windows.
> Surely, it is possible (or should be possible) to make and install
> your own keys for any of the open source OS'es. Perhaps Sam or
> Thibault or Alan will have more to say about this.
In the context of motherboards, a good OEM would allow you to install
your own keys. Microsoft's "Windows Ready" requirements for OEMs also
force them to provide this "custom mode" feature (the document is freely
available), but only for x86 platforms.
--
t
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
