Slashdot Mirror

Mozilla employs people from Xiph such as Chris Montgomery, Timothy Terriberry, Jean-Marc Valin, and Thomas Daede. I don't think paying the bills is laughable. Mozilla has funded development of Opus, Daala, and AV1.

If it helps, here's a recent blog post from Chris Montgomery on AV1's contstrainted directional enhancement filter.

Some guy no one has heard of also has terrible ideas for Star Wars 7-9!

An alternate Star Wars 7 plot
Ideas for Episodes 8&9 after seeing Episode 7
Could the Phantom Menace be Fixed?
And, um, Frog Wars.

Read and enjoy. Or don't.

Some guy no one has heard of also has terrible ideas for Star Wars 7-9!

An alternate Star Wars 7 plot
Ideas for Episodes 8&9 after seeing Episode 7
Could the Phantom Menace be Fixed?
And, um, Frog Wars.

Read and enjoy. Or don't.

Some guy no one has heard of also has terrible ideas for Star Wars 7-9!

An alternate Star Wars 7 plot
Ideas for Episodes 8&9 after seeing Episode 7
Could the Phantom Menace be Fixed?
And, um, Frog Wars.

Read and enjoy. Or don't.

Some guy no one has heard of also has terrible ideas for Star Wars 7-9!

An alternate Star Wars 7 plot
Ideas for Episodes 8&9 after seeing Episode 7
Could the Phantom Menace be Fixed?
And, um, Frog Wars.

Read and enjoy. Or don't.

Do you have any examples of him doing this? Because what we have in the lawsuits from both Chevalier and Damore is:

In a culture where itâ(TM)s common to respond to diversity initiatives with âwe canâ(TM)t lower the barâ(TM), implying a baseline assumption that women, non-binary people, and men of color are incompetent, itâ(TM)s equally important that we donâ(TM)t do the reverse: that we donâ(TM)t insist on white male competence even in the face of clear evidence to the contrary.

David, I'm transsexual. Mike Pence tried to enact legislation to force kids just like me-when-I-was-a-kid to undergo conversion therary (e.g. electroshock therapy) to make them cis. I have a uterus. Mike Pence put a woman in jail for having a miscarriage. His policies include women being forced to hold funerals for their miscarriages. I have chronic health conditions. Donald Trump wants to make it impossible for me to get health care if I start a business or become a freelancer. Don't you dare gaslight me be telling me that I'm not in a hated and despised minority the week that the voting populate of my country declared war on me.

Additionally, here is his blog: https://tim.dreamwidth.org/

While quite forthright he doesn't call anyone a Nazi, racist or rapist in these messages. If he did, I'm at a loss to explain why Damore didn't include such examples in his lawsuit, since they would demonstrate a hostile workplace.

This movie review was also supposed to be satire...

The USSR national anthem plays in the background as Mark Zuckerberg, wearing a star-pinned beret and a Che Guevara shirt, reports to the Politburo in an awful fake Russian accent.

        "The ten year plan is working, Comrades. The capitalists give us all of their personal information, and when the signal comes we can round them up and deport them to the re-education camps. Then our glorious doctrine shall rule the world! Ha ha ha ha ha!"

Commentary: Another very good movie based on real-life events is The Socialist Network which describes the true origin of Facebook as a Communist plot to destroy freedom. This movie deserves its Academy Award nomination, with very good performances by... hold on.

(The reviewer takes a note from off-camera and reads it)

Commentary: The movie The Socialist Network is right-wing propaganda produced by the Zionists of Hollywood to slander the progressive movement. There is no truth to the right-wing lies that Facebook collects customer data. These lies manufactured by the right-wing are patently false. Whoever would see this right-wing movie or promote this work of right-wing propaganda and its lies is a right-wing conservative and will be... oh. So, about The Socialist Network, I have to say, "Skip it".

Now compare to Wayland's license which is a drop in replacement for X11. It's a no brainer why Canonical's support dried up.

"It just works." -> "It just doesn't really work _for_me_ any more."

I suspect you've been around the computer industry at least as long as I have. If so, that makes you a power user who has a very well-established set of tastes for the way things should behave.

You and I have not been the target market for Apple for about ten years now. Basically ever since the iPhone came out and Apple realized that it was a digital appliance company and Steve dropped the " Computer" off the name "Apple Computer". It wasn't a subtle move; he did it in front of the largest press event Apple hosted, directly following major product announcements.

For ten years Apple has been veering away from the customer base it always had. You and I have taken a journey, from VIP seats at the restaurant, with the ear of the maître d' ... to a bench in the back alley next to the dumpster, waiting for scraps.

Or hey, let me put it in even stronger terms. We're the engineers working at the local mill. Apple used to love living in our modest home and folding our laundry exactly the way we like it. But then, on a whim, she took part in a variety show, and Ed Sullivan happened to be in town, and he put her on live TV for five minutes and she wore a killer dress and sang with an incredible voice and now, ten years later, we are a long distant memory, still punching the clock at the local mill, while Apple lives in Beverly Hills behind a very tall fence designed to keep her millions of ravenous fans at bay.

That is our situation.

You can call the current range of Apple products "disappointing in terms of actual usability", but that strikes me as the perspective of someone who is used to interacting with their machines a certain way to do certain things, and doesn't actually care about all the other zillion things people use their machines to do.

The Apple restaurant no longer cares about our tastes in food. The Apple girlfriend no longer cares about what we do at the steel mill. She's gone, man. We can watch her sing on TV and hopefully enjoy that and wish her well, and recognize that it doesn't matter that she can't fold laundry worth a damn any more, because her laundry days are done. But that's the extent of our involvement here.

Even a MILLION geeks, all screaming in unison about the headphone jack, ... is irrelevant now. Last year Apple passed the one BILLION mark for iPhones sold, before introducing the iPhone 7. Then, in the ensuing year, they sold A QUARTER BILLION MORE. Those devices are "working", for many people. It's senseless to even try arguing the other way. But are they working for us? For you and me?

Well, perhaps if we get docking stations. And if bluetooth audio quality stops sucking...

Oh, you mean the one that virtue signalling cuckold SJW asshole Matthew Garrett tried "FOR GREAT SOCIAL JUSTICE" because Sarah Sharp got butthurt right?

"This branch is 18 commits ahead, 105103 commits behind torvalds:master."

Even SJWs that can code cannot bring the other talented people with them because they're the most toxic people on the planet. Matthew Garrett in particular is a prime example of the SocJus fascist poisonous human garbage that needs to be kept as far away from your organization or project as possible.

I'm currently debugging an i915 driver issue on Linux that appears to cause a fairly wide variety of Skylake laptops to freeze after their screens blank for some period of time.

I've heard a lot of complaints about power management under Skylake, including from Matthew Garrett:

https://mjg59.dreamwidth.org/4...

Are you denying the Radiant Unity of Zuck's Social(ist) Future? Only hateful misfit extremists would question his wisdom.

"The Socialist Network" was supposed to be a joke! It was a joke, Mark! You were not supposed to take it seriously!

The Facebook Panopticon series suggests that they already have this and have been doing it for years. And their cell phones listen in on nearby conversations to serve you targeted ads, and they check for nearby phones so they can connect journalists to their confidential sources. And all of your personal data may have made its way to foreign intelligence agencies through those "marketing" networks, but that is another story.

The original poster's point stands, that this does not affect consumer-grade PCs. Most people can happily ignore this vulnerability.

Why is this user's Thinkpad listening on AMT ports, meaning exposing an AMT attack surface, even with AMT turned off?

I don't see why the AMT ME software should expose an attack surface that may contain bugs even when it's turned off. We've seen NSA hide backdoors behind plausible bugs, both on Linux ('if uid = 0') and Juniper (DUAL_EC_DRBG), so strange technical choices that increase attack surface are suspicious: it looks like they are presenting a front door for a vulnerability we haven't discovered yet. Even regardless of intent, it does increase risk for no reason, but I think the lack of trust is justified here.

Let's not forget you have to enable it to be affected so calling it a hidden backdoor is hyperbole at it's best and fraudulent at the worst.

"How bad is this
That depends. Unless you've explicitly enabled AMT at any point, you're probably fine. The drivers that allow
local users to provision the system would require administrative rights to install, so as long as you don't have
them installed then the only local users who can do anything are the ones who are admins anyway. If you do have it enabled, though"


http://mjg59.dreamwidth.org/48...

Apparently you just have to make sure the LMS service in Windows is not installed or is disabled. Or not run Windows? That's the software that passes the requests to the firmware.

Not according to this analysis:

When AMT is enabled, any packets sent to the machine's wired network port on port 16992 or 16993 will be redirected to the ME and passed on to AMT - the OS never sees these packets. AMT provides a web UI that allows you to do things like reboot a machine, provide remote install media or even (if the OS is configured appropriately) get a remote console.

So the firmware is intercepting the traffic before the OS gets it. Turning off the LMS service would stop the remote console, but not the ability to reboot the machine into a remote ISO. At that point, your files would be visible unless you encrypted your drive.

As for not running Windows, that won't help. Further down the page linked above, it has instructions for Linux on how to see whether you are vulnerable. It also says:

However, an attacker who enables emulated serial support may be able to use that to configure grub to enable serial console. Remote graphical console seems to be problematic under Linux but some people claim to have it working, so an attacker would be able to interact with your graphical console as if you were physically present. Yes, this is terrifying.

Some help is here

http://mjg59.dreamwidth.org/48...

That was in one of the articles

Many IOT devices have some kind of incoming data stream from the internet so that you can control them from your phone. This might be is via some company run cloud service, with questionable security.

For example,

it's a device that infringes my copyright, gives you root access in response to trivial credentials, has access control that depends entirely on nobody ever looking at the packets, is sufficiently poorly implemented that you can crash both it and the bulbs, has a cloud access protocol that has no security whatsoever and also acts as an easy mechanism for people to circumvent your network security

Urgh, broke the link: Skylake's power management under Linux is dreadful and you shouldn't buy one until it's fixed

Another good link with info from Matthew Garrett:

http://mjg59.dreamwidth.org/44694.html

Matthew Garrett wore informative article on this one: http://mjg59.dreamwidth.org/44...

If you want to keep up with a very smart person who does some really interesting analysis on the security of "smart" devices, try Matthew Garret. He posts most of his finding in conversational format on twitter at

@mjg59.

You can see more of his "reported" results on his website at
http://mjg59.dreamwidth.org/.

Enjoy!

Why drop systems with 32bit efi? they can run 64 bit windows and with boot loader hacks 64 bit mac os.

https://mjg59.dreamwidth.org/26734.html - short answer: because it's a bloody dumb idea not to drop it.

Yes, how's that working on Skylake laptops out for quite a few months now?
One of many issues.

Oh. This guy? https://mjg59.dreamwidth.org/

The one who forked the linux kernel in 'solidarity' with sarah sharp?

Hundreds of other strangers and the lights in their hotel rooms!

Then, how do I recompile a custom kernel and with UEFI Boot and Secure Boot run it?

Depends on how your distro of choice has implemented Secure Boot.

All of the distros with official support are using a shim derived from Red Hat's. That shim is a very simple bootloader which maintains compliance with Secure Boot by only chaining on to verified binaries, but it allows the use of an additional public key which has been compiled in to the binary. Anyone who finds it worth the $99 can have their build signed by Microsoft and will then be able to boot anything signed with the associated private key on top of anything signed with the Microsoft keys the system has built in. It also provides a method to pass the public key down the chain so the next stage bootloader, kernel, and beyond can verify with it as well.

Fedora and Ubuntu stop here. Fedora signs GRUB2 with their key which then verifies the kernel, which then verifies the modules. ( http://mjg59.dreamwidth.org/12... ) Ubuntu jumped on a loophole in the wording of the Secure Boot spec to just use their key to sign a bootloader which will then happily launch an unsigned kernel. ( https://lists.ubuntu.com/archi... )

Suse took things a step further and expanded the shim to support a local key list in the UEFI configuration area. ( https://www.suse.com/communiti... ). Now even a system that lacks the ability to add keys to the firmware's verification process can run a fully signed boot process with custom keys.

Finally one of the main original developers on the shim who has since left Red Hat took Suse's key management code, mixed it with his own continued tinkering, and added a user interface that comes up if you attempt to boot a signed binary that doesn't match an approved key, allowing the user to browse for a key on any accessible storage and add it to the system. ( http://mjg59.dreamwidth.org/20... )

---

So the answer depends on your distro. If you're running Ubuntu, you just compile your new kernel and go have fun because Ubuntu's not yet verifying the kernel (this is apparently becoming optional in 16.04). If you're running Suse, you use whatever tool they offer to add a key to their shim's list. If you're running Fedora, you replace their shim with one of the other variants and either add a key of your own or just go Ubuntu-style and drop it at the kernel.

Of course this is all assuming your system doesn't allow you to change the keys, which I know is a valid theoretical possibility but I still haven't encountered in the real world.

Then, how do I recompile a custom kernel and with UEFI Boot and Secure Boot run it?

Depends on how your distro of choice has implemented Secure Boot.

All of the distros with official support are using a shim derived from Red Hat's. That shim is a very simple bootloader which maintains compliance with Secure Boot by only chaining on to verified binaries, but it allows the use of an additional public key which has been compiled in to the binary. Anyone who finds it worth the $99 can have their build signed by Microsoft and will then be able to boot anything signed with the associated private key on top of anything signed with the Microsoft keys the system has built in. It also provides a method to pass the public key down the chain so the next stage bootloader, kernel, and beyond can verify with it as well.

Fedora and Ubuntu stop here. Fedora signs GRUB2 with their key which then verifies the kernel, which then verifies the modules. ( http://mjg59.dreamwidth.org/12... ) Ubuntu jumped on a loophole in the wording of the Secure Boot spec to just use their key to sign a bootloader which will then happily launch an unsigned kernel. ( https://lists.ubuntu.com/archi... )

Suse took things a step further and expanded the shim to support a local key list in the UEFI configuration area. ( https://www.suse.com/communiti... ). Now even a system that lacks the ability to add keys to the firmware's verification process can run a fully signed boot process with custom keys.

Finally one of the main original developers on the shim who has since left Red Hat took Suse's key management code, mixed it with his own continued tinkering, and added a user interface that comes up if you attempt to boot a signed binary that doesn't match an approved key, allowing the user to browse for a key on any accessible storage and add it to the system. ( http://mjg59.dreamwidth.org/20... )

---

So the answer depends on your distro. If you're running Ubuntu, you just compile your new kernel and go have fun because Ubuntu's not yet verifying the kernel (this is apparently becoming optional in 16.04). If you're running Suse, you use whatever tool they offer to add a key to their shim's list. If you're running Fedora, you replace their shim with one of the other variants and either add a key of your own or just go Ubuntu-style and drop it at the kernel.

Of course this is all assuming your system doesn't allow you to change the keys, which I know is a valid theoretical possibility but I still haven't encountered in the real world.

"Did the Linux Foundation just drop all semblance of community representation because it's afraid of GPL enforcement? ref ref

I'm not sure if this will be useful in the specific context you describe, but I do think that this might capture some of the possible issues you did not directly consider. I wrote the submission to the 'other' site and got back maybe 3-4 interesting responses. Here is what I wrote with a link to the comments below:

We recently discussed reddit's woes and the hiring of a new CEO. However, we have seen communities come and go for many years.

Clay Shirky wrote about his experience in 1978:
"Communitree was founded on the principles of open access and free dialogue... And then, as time sets in, difficulties emerge. In this case, one of the difficulties was occasioned by the fact that one of the institutions that got hold of some modems was a high school. ... the boys weren't terribly interested in sophisticated adult conversation. They were interested in fart jokes. They were interested in salacious talk. ... the adults who had set up Communitree were horrified, and overrun by these students. The place that was founded on open access had too much open access, too much openness. They couldn't defend themselves against their own users. The place that was founded on free speech had too much freedom."

There are two clear trends. One is that less input and customization tends to grow bigger. Note how Geocities was replaced with Myspace which was then replaced with Facebook and Twitter. These newer systems take away personal freedom of expression and makes people follow a 'prescribed' system, albeit an easier one to use. The other trend is that communities that try to be truly free and open end up either stifled by that openness or give up. The only obvious exception is a platform that allows us to simply filter out everything we don't want to see, which becomes a series of the feared echo chamber. With the excessive amount of data and the build up of complex rules on how information is shared, where does this leave us? It seems that like the famous iron triangle allowing free (and legal) speech with the possibility of diverse opinions, a cohesive group, and growth only allows you to pick two.

It seems to me this is a wicked problem, perhaps unsolvable. But I wonder if the community thinks there are other design options? Is this even possible with human nature as it is?

https://soylentnews.org/article.pl?sid=15/07/18/0821234

- JCD

Not long ago I was reading a recent discussion on reddit's woes and the hiring of a new CEO. It made me think how we have seen communities come and go for many years.

Clay Shirky wrote about his experience in 1978: "Communitree was founded on the principles of open access and free dialogue... And then, as time sets in, difficulties emerge. In this case, one of the difficulties was occasioned by the fact that one of the institutions that got hold of some modems was a high school. ... the boys weren't terribly interested in sophisticated adult conversation. They were interested in fart jokes. They were interested in salacious talk. ... the adults who had set up Communitree were horrified, and overrun by these students. The place that was founded on open access had too much open access, too much openness. They couldn't defend themselves against their own users. The place that was founded on free speech had too much freedom."

There are two clear trends. One is that less input and customization tends to grow bigger. Note how Geocities was replaced with Myspace which was then replaced with Facebook and Twitter. These newer systems take away personal freedom of expression and makes people follow a 'prescribed' system, albeit an easier one to use. The other trend is that communities that try to be truly free and open end up either stifled by that openness or give up. The only obvious exception is a platform that allows us to simply filter out everything we don't want to see, which becomes a series of the feared echo chamber. With the excessive amount of data and the build up of complex rules on how information is shared, where does this leave us? It seems that like the famous iron triangle allowing free (and legal) speech with the possibility of diverse opinions, a cohesive group, and growth only allows you to pick two.

It seems to me this is a wicked problem, perhaps unsolvable. But I wonder what you think regarding what other design options exist? Is this even possible with human nature as it is? Which do you value most: free speech, a cohesive group or growth?

Don't forget where he replaced any arguments against a contentious view he holds with "fart fart fart".

He and Sarah Sharp apparently took the same "Juvenile mockery of anyone that disagrees" course. I'm sure it'll be much better working with this kernel fork with that sort of childishness in control.

It's been linked already, but this guy is pretty much going to be a mad whiner no matter.

http://mjg59.dreamwidth.org/33...

"It's natural to write software to satisfy our own needs, but in doing so we write software that doesn't provide as much benefit to people who have different needs. We need to listen to others, improve our knowledge of their requirements and ensure that they are in a position to benefit from the freedoms we espouse. And that means building diverse communities, communities that are inclusive regardless of people's race, gender, sexuality or economic background."

Ok, so that means...

"We are a community that is disproportionately male, disproportionately white, disproportionately rich. This is made strikingly obvious by looking at the composition of the FSF board, a body made up entirely of white men. In joining the board, I have perpetuated this. I do not bring new experiences. I do not bring an understanding of an entirely different set of problems. I do not serve as an inspiration to groups currently under-represented in our communities. I am, in short, a hypocrite." ...oh so it doesn't count as "regardless of gender" if you are white. That doesn't count.

This guy is a self flagellating loudmouth dripping with white guilt, and subscribes to a specific type of racism that, in opposition to the dictionary and common sense, defines his OWN kind of racism as not ACTUALLY racist, so he can get away with it. He lays into himself (but obviously he can't really, it's just words) and other white men, and makes it their fault that they are busy writing free software, instead of somehow making a bunch of people who are neither white nor male do that work for them. Wait a minute...

Anyway, the whole thing drips with social justice babbles. It's good that this guy isn't on the linux kernel proper- Linus and others shouldn't have to waste their time with these whiners.

Nope. No talent is valuable to a group effort if it comes with emotional baggage that cannot tolerate direct, blunt communication when needed. This mathew garrett guy is a prime example of a prima donna that projects could do without.

http://mjg59.dreamwidth.org/35...
http://mjg59.dreamwidth.org/36...
http://mjg59.dreamwidth.org/33...

Bitching about 'cis' white men *check*
Bitching about 'privilege' *check*
deprecating towards women like he's some kind of hero *check*
'reverse discrimination' isn't a valid criticism of my brand of discrimination *check*
comments disabled "because I don't trust you guys" *check*

These and other posts by him read like first year student polysci essays. It makes perfect sense that linus and co want to keep diseased politics like this out of their community. I'm sure they wouldn't want bible thumper 'developers' telling them they're shits for not integrating jesus into their group culture either.

Nope. No talent is valuable to a group effort if it comes with emotional baggage that cannot tolerate direct, blunt communication when needed. This mathew garrett guy is a prime example of a prima donna that projects could do without.

http://mjg59.dreamwidth.org/35...
http://mjg59.dreamwidth.org/36...
http://mjg59.dreamwidth.org/33...

Bitching about 'cis' white men *check*
Bitching about 'privilege' *check*
deprecating towards women like he's some kind of hero *check*
'reverse discrimination' isn't a valid criticism of my brand of discrimination *check*
comments disabled "because I don't trust you guys" *check*

These and other posts by him read like first year student polysci essays. It makes perfect sense that linus and co want to keep diseased politics like this out of their community. I'm sure they wouldn't want bible thumper 'developers' telling them they're shits for not integrating jesus into their group culture either.

Nope. No talent is valuable to a group effort if it comes with emotional baggage that cannot tolerate direct, blunt communication when needed. This mathew garrett guy is a prime example of a prima donna that projects could do without.

http://mjg59.dreamwidth.org/35...
http://mjg59.dreamwidth.org/36...
http://mjg59.dreamwidth.org/33...

Bitching about 'cis' white men *check*
Bitching about 'privilege' *check*
deprecating towards women like he's some kind of hero *check*
'reverse discrimination' isn't a valid criticism of my brand of discrimination *check*
comments disabled "because I don't trust you guys" *check*

These and other posts by him read like first year student polysci essays. It makes perfect sense that linus and co want to keep diseased politics like this out of their community. I'm sure they wouldn't want bible thumper 'developers' telling them they're shits for not integrating jesus into their group culture either.

Well, there is this:
https://mjg59.dreamwidth.org/3...

Whatever judgement call you want to make (I hate the phrase SJW because it is pretty much used indiscriminately toward folks who have legitimate gripes and those who are senselessly whining).

I personally have found Linus' perspective a bit refreshing. He will call out bad code, erring on the side of brutal honesty. I've seen way too many projects fall pray to the other phenomenon, everyone is too polite and in fear of discouraging folks, and ends up accepting mediocre stuff rather than offend. It's generally not a problem for a small project, but the bigger the project is and the more interest attracts, the more dangerous this can get.

I know if I can get code in easily without a lot of commentary/debate, I take it as a sign that the project is being too nice.

The victim in question is Matthew Garrett. Whatever his reasons for backing down in that particular public conversation the dude is very militant about social justice; look at his blog, for instance.

http://mjg59.dreamwidth.org/

I don't necessarily disagree in a lot of cases, but this siege mentality isn't very constructive (god forbid you bring up a "tone argument" with these people, though).

You need to go into the BIOS and disable secure boot.

You don't even need to do that if you pick your linux version properly. I just finished installing Sabayon/Linux on my Lenovo U430p laptop after I decided I was going to reformat it anyway because of the recent Superfish fiasco. We've had a working secure boot shim for over 2 years now. No need to disable secure boot. Red Hat and Ubuntu both support it as well if you're looking for something a little more mainstream. At worst you may need to register a key with the BIOS (I did for Sabayon), but I'm not sure you even need to do that with Red Hat since their shim is actually signed by MS.

When you root, you almost always neuter Android security model. So goodbye to any security.
You can always do the flashing properly, with signing and stuff, but the procedure is major PITA: http://mjg59.dreamwidth.org/31...

This issue is now impacting Linux kernel development. Matthew Garrett has decided to stop resolving issues related to Intel products.

• Chromebooks are actually locked down, unlike the Surface Pro
• Google's Chromebooks actually use the same hardware, including the same WI-Fi card
• There are actually no problems with using Surface Pro 1 or 2 hardware under Linux. Everything works.

It's actually thousands of dollars, donated over ten years mainly to anti-gay candidate Tom McClintock http://tim.dreamwidth.org/1845...

Does anyone else think that Intel should introduce power states like you get in embedded systems where you have 'rules' like "reprogram the SDRAM controller and bus interface controller. Oh and make sure there's no AHB bus activity (e.g. access to SDRAM or Flash memory) at all when you do it, otherwise the whole system will lock up hard". Traditionally these rules are discovered empirically and are documented by sweary comments in check ins.

The reason is

1) It'll keep those bastards at the OEMs on their toes.

2) More work for consultants working on Bioses, the ACPI standard etc.

Actually support for ARM systems means this sort of thing will probably happen

http://mjg59.dreamwidth.org/26...

Supporting Device Tree would require Microsoft to rewrite large parts of Windows, whereas mandating UEFI and ACPI allowed them to reuse most of their existing Windows boot and driver code. As a result, largely at Microsoft's behest, ACPI 5 has grown a range of additional features for describing things like GPIO pinouts and I2C connections. Whatever your weird device layout, you can probably express it via ACPI.

Obviously doing this sort of thing via ACPI methods adds and additional - and from a consultancy point of view entirely welcome - level of fuck to "reprogram the SDRAM controller and bus interface controller. Oh and make sure there's no AHB bus activity (e.g. access to SDRAM or Flash memory) at all when you do it, otherwise the whole system will lock up hard".

I.e. if you didn't have ACPI but rather just had a hard coded chipset specific hacks file, you could just have a few lines of assembler to poke the hardware in the right order and stick in in TCM (or if you're in a bad mode cunningly aligned to a cache line). Now with ACPI you're supposed to use AML bytecode which is run by - I shit you not - an interpreter in the OS.

To be fair, some of the behaviour that's been seen has been down to underlying bugs in the Xorg drivers that were never triggered under normal use but are hit by XMir. Others are down to implicit assumptions made in the drivers that XMir happens to violate. The problem is that there doesn't appear to have been enough room in the schedule to deal with these interactions, presumably because nobody accounted for the inevitable "This thing we thought would be easy turns out to be difficult" part of the project.

Source: Matthew Garrett, The state of XMir

I seriously doubt that exchange ever got him fired for anything. He is known for being vocal about the people around him. If there was anything he was being vocal about that might have forced him to quit Red Hat, it would have been him calling Ted Ts'o a rape apologist. But the truth of the matter is that MG left of his own will to go work for Nebula to advise on their Open Stack solution.

Now it is true that he still sits on the Fedora board, and you have a point about maybe just maybe, that influences his post a bit. That was the whole point of posting the story. Is this a case of Red Hat influence or is MG painting a pretty honest picture? I have no idea where you were going with the first paragraph of your comment and I wish it wasn't there because it diminishes the part of your comment that's got a valid argument.

I seriously doubt that exchange ever got him fired for anything. He is known for being vocal about the people around him. If there was anything he was being vocal about that might have forced him to quit Red Hat, it would have been him calling Ted Ts'o a rape apologist. But the truth of the matter is that MG left of his own will to go work for Nebula to advise on their Open Stack solution.

Now it is true that he still sits on the Fedora board, and you have a point about maybe just maybe, that influences his post a bit. That was the whole point of posting the story. Is this a case of Red Hat influence or is MG painting a pretty honest picture? I have no idea where you were going with the first paragraph of your comment and I wish it wasn't there because it diminishes the part of your comment that's got a valid argument.

Can you provide a reference for the Seagate failure you mentioned? Offhand, it almost sounds like you're thinking of the Samsung laptop UEFI bug:

http://mjg59.dreamwidth.org/22855.html

Or just use a key that has already been leaked...

pardon me but, can't you pretty much boot anything with the shim? thus defeating the purpose.

from what I can see freebsd could just use the linux shim as well. which is what makes i a shim, that there is no necessity to sign with microsoft everything you boot.

http://mjg59.dreamwidth.org/20303.html