Garrett: Responsible stewardship of the UEFI secure boot ecosystem
source link: https://lwn.net/Articles/900886/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Garrett: Responsible stewardship of the UEFI secure boot ecosystem
So, to have Microsoft, the self-appointed steward of the UEFI Secure Boot ecosystem, turn round and say that a bunch of binaries that have been reviewed through processes developed in negotiation with Microsoft, implementing technologies designed to make management of revocation easier for Microsoft, and incorporating fixes for vulnerabilities discovered by the developers of those binaries who notified Microsoft of these issues despite having no obligation to do so, and which have then been signed by Microsoft are now considered by Microsoft to be insecure is, uh, kind of impolite?
(Log in to post comments)
Color me shocked...
Posted Jul 12, 2022 15:27 UTC (Tue) by dskoll (subscriber, #1630) [Link]
Wasn't this always the MSFT end-game? I mean, who is really surprised by this?
Color me shocked...
Posted Jul 12, 2022 16:11 UTC (Tue) by ermo (subscriber, #86690) [Link]
It's certainly possible.
It is, however, also possible that something happened behind the scenes internally at MSFT that the rest of us aren't (yet) privy to.
Hence, it might pay to hold fire until MSFT is given a chance to respond?
"Never ascribe to malice that which is adequately be explained by incompetence" as the saying goes.
Color me shocked...
Posted Jul 12, 2022 16:28 UTC (Tue) by khm (subscriber, #108825) [Link]
Does that matter? It's the same end result, the inevitable outcome of anyone engaging in good faith with a massive corporation is always betrayal, generally the moment it becomes possible. The Microsoft apologists knew it was a scorpion, and decided to cross the river with it. I'm not sure that the complicated internal politics of bad behavior are relevant to the resulting bad behavior, unless we're looking to make more excuses.
Color me shocked...
Posted Jul 12, 2022 16:37 UTC (Tue) by bpearlmutter (subscriber, #14693) [Link]
This makes sense regardless of whether or not it was accidental.
Color me shocked...
Posted Jul 12, 2022 16:54 UTC (Tue) by donbarry (guest, #10485) [Link]
The only solution is to demand a public trust hold these and administer them on behalf of computer users everywhere.
This is a time when Microsoft stands exposed (again) and such a demand can be raised and escalated. To defer endlessly to Microsoft is to once again lose the moment and either lose the battle now or set up one for a future loss -- nowhere is anything other than a perpetuation of the stalemate of the status quo ante a possibility without fighting for the control to be given up by Microsoft.
Color me shocked...
Posted Jul 12, 2022 16:18 UTC (Tue) by paulj (subscriber, #341) [Link]
This is what you get when you dance with the (monopolistic) devil.
Color me shocked...
Posted Jul 12, 2022 16:59 UTC (Tue) by donbarry (guest, #10485) [Link]
The usual boogymen are trotted out to justify this -- if one can run one's own OS and one's own preferred programs under it, why the terrorists, child pornographers, and drug lords win. Only a criminal or maladjusted type (clearly a future criminal in their thoughtcrime) would be conspiracy mongering against the great corporations and governments in their control of our computing platforms.
Garrett: Responsible stewardship of the UEFI secure boot ecosystem
Posted Jul 12, 2022 16:56 UTC (Tue) by mcon147 (subscriber, #56569) [Link]
Garrett: Responsible stewardship of the UEFI secure boot ecosystem
Posted Jul 12, 2022 17:14 UTC (Tue) by neggles (subscriber, #153254) [Link]
Of course, turning it off doesn’t fix all the other "Secure" Boot issues and bypass methods, so it’s a bit lame and half-assed, but that goes for everything related to W11 in my opinion…
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK