lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 12 Jul 2012 10:13:58 +0300
From: Georgi Guninski <guninski@...inski.com>
To: full-disclosure@...ts.grok.org.uk
Subject: The right to read,
	debuggers and building future Fedora kernels

I know this is old.

In The Right to Read RMS writes "In 2047, Frank was in prison, not for pirate reading, but for possessing a debugger." [1]

Helped by m$, Fedora are actively working this to become true [2] [3]

Q: What if I want to build a custom kernel or load 3rd party kernel modules?
A: You will need to disable Secure boot, or setup your own keys and sign everything with them. 

Q: what about ARM?
A: On ARM Microsoft Windows 8 ready requirements say that Secure boot should be enabled by default and cannot be disabled. Fedora has no plans to support secure boot on that platform and suggests buying Non Windows 8 ready hardware.

Q: Whats this about a $99 fee?
A: There is a one time fee of $99 to access the Microsoft sysdev portal in order to get your binaries signed by the Microsoft key (shipped by default in all Windows 8 ready devices). 

[4] That could lead to a lot of key churn, especially if, as Alan Cox suggests, every kernel hole will require that its certificate be revoked.

[1] http://www.gnu.org/philosophy/right-to-read.html
[2] https://fedoraproject.org/wiki/Secureboot
[3] http://mjg59.dreamwidth.org/12368.html
[4] http://lwn.net/Articles/500231/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists