Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Linus: Guys, this is not a dick sucking contest.
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  
Author Message
Bones McCracker
Veteran
Veteran


Joined: 14 Mar 2006
Posts: 1566
Location: U.S.A.

PostPosted: Thu Feb 28, 2013 5:00 am    Post subject: Linus: Guys, this is not a dick sucking contest. Reply with quote

Linus got the red ass at the secure boot devs... :lol:
Quote:
Guys, this is not a dick-sucking contest.

If you want to parse PE binaries, go right ahead. If Red Hat wants to deep-throat Microsoft, that's *your* issue. That has nothing what-so-ever to do with the kernel I maintain. It's trivial for you guys to have a signing machine that parses the PE binary, verifies the signatures, and signs the resulting keys with your own key. You already wrote the code, for chrissake, it's in that f*cking pull request.

Why should *I* care? Why should the kernel care about some idiotic "we only sign PE binaries" stupidity? We support X.509, which is the standard for signing.

Do this in user land on a trusted machine. There is zero excuse for doing it in the kernel.

Linus

http://arstechnica.com/information-technology/2013/02/linus-torvalds-i-will-not-change-linux-to-deep-throat-microsoft/
_________________
pjp wrote:
I didn't misquote you, I just misunderstood you.
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Thu Feb 28, 2013 5:06 am    Post subject: Reply with quote

Fuck Windows 8 compatible machines.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
sikpuppy
n00b
n00b


Joined: 12 Jun 2012
Posts: 34
Location: Central Coast, NSW

PostPosted: Thu Feb 28, 2013 6:09 am    Post subject: Reply with quote

notageek wrote:
Fuck Windows 8 compatible machines.

No, because I get metal burrs on my penis.
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Thu Feb 28, 2013 6:26 am    Post subject: Reply with quote

Literally?
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
sikpuppy
n00b
n00b


Joined: 12 Jun 2012
Posts: 34
Location: Central Coast, NSW

PostPosted: Thu Feb 28, 2013 6:38 am    Post subject: Reply with quote

notageek wrote:
Literally?

I do love my machines.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16114
Location: Colorado

PostPosted: Thu Feb 28, 2013 11:49 pm    Post subject: Reply with quote

BoneKracker wrote:
Linus got the red ass at the secure boot devs... :lol:
A little shed work could fix that.
_________________
lolgov. 'cause where we're going, you don't have civil liberties.

In Loving Memory
1787 - 2008
Back to top
View user's profile Send private message
dmitchell
Veteran
Veteran


Joined: 17 May 2003
Posts: 1159
Location: Austin, Texas

PostPosted: Fri Mar 01, 2013 2:21 am    Post subject: Reply with quote

A lot of disappointed kernel devs, I bet.
_________________
Your argument is invalid.
Back to top
View user's profile Send private message
Bones McCracker
Veteran
Veteran


Joined: 14 Mar 2006
Posts: 1566
Location: U.S.A.

PostPosted: Fri Mar 01, 2013 2:25 am    Post subject: Reply with quote

:lol:
_________________
pjp wrote:
I didn't misquote you, I just misunderstood you.
Back to top
View user's profile Send private message
salahx
Guru
Guru


Joined: 12 Mar 2005
Posts: 420

PostPosted: Fri Mar 01, 2013 7:04 am    Post subject: Reply with quote

UEFI is a lot of things: Some good, some bad, and some ugly. One of the "ugly" things being its adopted FAR too many of Microsoft conventions (RTC in local time, PE/COFF, even the API looks far too much like the Win32 API - CamelCase, typedefs galore, opaque objects like handles and GUID's, functions that take dozens of arguments at least half of which aren't used)

Because of limitation of UEFI Secure boot (we can't define additional authentication mechanisms, thus for "shim" to work it has to do all the work UEFI does - parse the PE/COFF structures, validate signatures, do relocations as PE/COFF is not position-independent, map it into memory then jump to start point, etc), and Microsoft asinine signing policies (will only sign PE/COFF binaries wrapped in MS Cabinet format) - it seems that the naysayers were right - Secure boot is just another MS lockin tool.

This patch, and other patches floating around (to prevent a signed Linux kernel from being hijacked and used to chain-load Windows malware) - that disable hibernation, kexec and lots of other things (if you want Secure boot to be effective you have to make sure no "untrusted" code runs in supervisor mode) - drive the point home that Secure Boot is a best a feel-good measure, and at worst an MS lockin tool.
Back to top
View user's profile Send private message
Prenj
n00b
n00b


Joined: 20 Nov 2011
Posts: 13

PostPosted: Fri Mar 01, 2013 7:13 am    Post subject: Reply with quote

Torvalds sounds angry that it wasn't a dick-sucking contest.
Back to top
View user's profile Send private message
Bones McCracker
Veteran
Veteran


Joined: 14 Mar 2006
Posts: 1566
Location: U.S.A.

PostPosted: Fri Mar 01, 2013 8:15 am    Post subject: Reply with quote

salahx wrote:
UEFI is a lot of things: Some good, some bad, and some ugly. One of the "ugly" things being its adopted FAR too many of Microsoft conventions (RTC in local time, PE/COFF, even the API looks far too much like the Win32 API - CamelCase, typedefs galore, opaque objects like handles and GUID's, functions that take dozens of arguments at least half of which aren't used)

Because of limitation of UEFI Secure boot (we can't define additional authentication mechanisms, thus for "shim" to work it has to do all the work UEFI does - parse the PE/COFF structures, validate signatures, do relocations as PE/COFF is not position-independent, map it into memory then jump to start point, etc), and Microsoft asinine signing policies (will only sign PE/COFF binaries wrapped in MS Cabinet format) - it seems that the naysayers were right - Secure boot is just another MS lockin tool.

This patch, and other patches floating around (to prevent a signed Linux kernel from being hijacked and used to chain-load Windows malware) - that disable hibernation, kexec and lots of other things (if you want Secure boot to be effective you have to make sure no "untrusted" code runs in supervisor mode) - drive the point home that Secure Boot is a best a feel-good measure, and at worst an MS lockin tool.

Linux users should make this hurt where it counts: in the wallet. The Linux community may not have economic clout, but sometimes in the past when Microsoft has done such things (borderline anti-competitive practices), it has actually hurt their reputation with users and caused people to choose other products (Internet Explorer being a case in point, after they shat on Netscape and others). Another example is the office document formats.

At the moment, Microsoft is engaged in a big-time marketing campaign to make themselves "Cool", so they can compete against Apple in the tablet and hand-held space and against Google in the cloud space. A well-coordinated and viral communication effort conveying the message that what they're doing here is "Not Cool" at all, leveraging the "Anonymous" crowd and social media, could force them to the table to agree to a more open standard, perhaps with an independent signing authority. Also, maybe Red Hat should understand they're bending over too easy, and that's Not Cool either. Various governments who wanted to avoid vendor lock-in, in order to fulfill their public obligation to competitive procurement, were the main reason MS caved in on the document formats, so they should be made to understand that this is the same situation. Formal organizations such as The Linux Foundation, EFF, major distributions, can't really engage in such a thing, so I don't know who could make it happen.
_________________
pjp wrote:
I didn't misquote you, I just misunderstood you.
Back to top
View user's profile Send private message
Crooksey
Apprentice
Apprentice


Joined: 26 Apr 2006
Posts: 239
Location: Vatican City

PostPosted: Fri Mar 01, 2013 12:45 pm    Post subject: Reply with quote

Prenj wrote:
Torvalds sounds angry that it wasn't a dick-sucking contest.


Thank you for making my day :P
Back to top
View user's profile Send private message
jonnevers
Veteran
Veteran


Joined: 02 Jan 2003
Posts: 1593
Location: Gentoo64 land

PostPosted: Fri Mar 01, 2013 1:44 pm    Post subject: Reply with quote

http://www.zdnet.com/torvalds-clarifies-linuxs-windows-8-secure-boot-position-7000011918/
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum