Microsoft tries to block Linux off Windows 8 PCs
D. Hugh Redelmeier
hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org
Thu Sep 22 16:50:01 UTC 2011
| From: Scott Elcomb <psema4-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
| On Thu, Sep 22, 2011 at 11:33 AM, D. Hugh Redelmeier <hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org> wrote:
| > | From: Scott Elcomb <psema4-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
| >
| > | My question is what will happen when relevant Certificate Authorities
| > | get "hacked" - ala DigiNotar and Comodo?
| >
| > There is no CA, at least according to the article referenced in the
| > first post.
|
| OK, you got me... I didn't read the article Colin referred to - but
| had read several other articles before noticing the thread.
|
| Here's a relevant quote from The H:
|
| "This requires any firmware and boot process software – including boot
| loaders as well as elements such as UEFI drivers for on-board
| components and expansion cards – to be signed by a trusted Certificate
| Authority (CA)."
|
| Source: <http://www.h-online.com/open/news/item/Community-fears-Windows-8-Secure-Boot-will-block-Linux-1347997.html>
A public-key cryptosystem does not require certificates (certificates
are almost always X.509 these days). Most people don't realize this.
So much so that, as far as I know, FreeS/WAN (and its successors) are
the only IPSec implementations that support bare public keys.
(I bought a Linksys WRV200 because the manual said it supported bare
public keys -- I knew that it had my code in it. When I got the
router, it did not support them. It was running my code but they had
blocked the feature (and didn't release the source for a long time,
violating the GPL).)
So: it was plausible that no CA was involved. But it may not be the
case. I've not read the standard.
| > And hacking like this gets you thrown in jail in the US (DMCA) and
| > soon to be in Canada (on this fall's legislative agenda by all
| > accounts). Hardly a basis for an above-board company's business
| > model.
|
| Oh, agreed. But, as evidenced by the DigiNotar hack (and plenty of
| other examples), that won't stop those who are not above-board.
Right. My point was that the desktop Linux vendors would be driven
out of business since they cannot reasonably base a business on
illegal circumvention.
More information about the Legacy
mailing list