http://www.pcworld.com/article/2029542/ ... -plan.html
Finally....it is said, long overdue, and happy it is said by Torvalds himself.
ps :warning. Website contains course language. Viewer discretion is advised.
Quite frankly, this is f*cking moronic. The whole thing seems to be
designed around stupid interfaces, for completely moronic reasons. Why
should we do this?
....if the LF wanted to support this whole code signing
insanity. (Which I really think is completely overblown...
If Red Hat wants to deep-throat Microsoft, that's *your* issue. That
has nothing what-so-ever to do with the kernel I maintain. It's
trivial for you guys to have a signing...
....Do this in user land on a trusted machine
- why do you bother with the MS keysigning of Linux kernel modules to
begin with?
Your arguments only make sense if you accept those insane assumptions
to begin with. And I don't.
On Mon, Feb 25, 2013 at 7:42 PM, Matthew Garrett <mjg59 <at> srcf.ucam.org> wrote:
>
> The user Microsoft care about isn't running Linux
How f*cking hard is it for you to understand?
Stop arguing about what MS wants. We do not care. We care bout the
*user*. You are continually missing the whole point of security, and
then you make some idiotic arguments about what MS wants you to do.
It's irrelevant. The only thing that matters is what our *users* want
us to do, and protecting *their* rights. As long as you seem to treat
this as some kind of "let's please MS, not our users" issue, all your
arguments are going to be crap.
- a distro should sign its own modules AND NOTHING ELSE by default.
And it damn well shouldn't allow any other modules to be loaded at all
by default, because why the f*ck should it? And what the hell should a
microsoft signature have to do with *anything*?
.
.
.
Because it really shouldn't be about MS blessings, it should be about
the *user* blessing kernel modules.
.....but on the other hand the default should definitely
*not* be "enable random third party modules signed indirectly by MS",
which is what your crazy world-view seems to be.
.
.
The *second* order should be: "we encourage and tell people how to add
their own keys and sign modules they trust".
.
.
The third order should...
....But by the time you get this far,
you've already failed the first few normal levels.
Users browsing this forum: No registered users and 1 guest