Slashdot Mirror
FSF Criticises Ubuntu For Dropping Grub 2 For Secure Boot
sfcrazy writes "The Free Software Foundation (FSF) has published a whitepaper suggesting how free operating systems can deal with UEFI secure boot. In the whitepaper, the foundation has criticized the approach Canonical/Ubuntu has taken to deal with the problem. The paper reads: 'It is not too late to change. We urge Ubuntu and Canonical to reverse this decision, and we offer our help in working through any licensing concerns. We also hope that Ubuntu, like Fedora, will actively support users generating and using their own signing keys to run and share any versions of the software, and not require users to install a key from Canonical to get the full benefit of their operating system.'"
... for someone to hack the secure boot BIOS and provide an easy way for users to reflash theirs from Windows or whatever OS is preinstalled on the machine when bought new. No doubt this will prevent windows being reinstalled but unless you want a dual boot machine I doubt this matters much.
On a related note, how will this affect linux being booted from within windows (if anyone still uses that approach)?
I would like to refer every single person who henceforth asks the question "Why hasn't Linux ever gone mainstream?" to the parent post.
What political party do you join when you don't like Bible-thumpers *or* hippies?
And my dick is bigger then your dick.
I believe Torvalds said that he likes Ubuntu (although he prefers Fedora for work purposes), as did ESR.
This is my signature. There are many like it, but this one is mine.
Sure does like to dictate what people use, kinda funny that way
Go ask Novell how well chasing that Microsoft interoperability trains works.
not as much, but still (for planning to use the MS key). It's a very bad position we (Free Software) are in with Restricted/Secure boot. I think it's time the Linux friendly vendors really get behind CoreBoot [http://www.coreboot.org/Welcome_to_coreboot] and let us be truly independent.
As it is setup right now:
Binaries can only be signed with one key. If you use Microsoft's key, you can't use your own.
Not all vendors may support letting users add their own keys. (and even if they do it certainly complicates a fresh install).
ARM will be completely locked down if vendors want MS to run on it.
If you use the Microsoft key, they can revoke your access (they likely need cause, but still)
Linux users in general are just Unix posers. If you aren't running HPUX on a home Itanium server, then you're just using watered down bullshit.
Also, my dick is bigger than yours.
Microsoft is being reprehensible as usual. Hardware vendors have always been cowed by them - now Ubuntu is following their lead.
I switched from SuSe to Ubuntu, now it looks like I'll switch to Fedora. At lease Linux, from the source, remains free of the the manipulations of the monopolists.
Linux will never go mainstream because there are trolls on the internet? Gosh.
[Disclaimer: I’m always posting anonymously, since I consider the /. moderation system fundamentally broken.]
Grub 2 is vastly over-engineered, and even though it is more complex, it’s more limited. (Example: The whole multi-boot mess.)
For the sole purpose of making it "easier" on the Windows crowd that can't even be expected to edit a config file (or tie their shoes?). Which is a huge fallacy, since that's already way beyond the point of maximum efficiency, deep down in "so easy, it's less efficient” territory, where it's actually harder again if you have any ambitions or half a brain.
And it results in a vicious cycle of dumbing down the thing and users adapting to it by becoming dumber, until it ends up being something like Clippy, MS Bob, or the iPad in a Idiocracy...
Anyone who can handle a general-purpose computer, which I think anyone here can, has less hassle staying with Grub 1, and be done with it. (Or choosing something else, of course.) :)
There is no point in changing a running system that does everything that's needed. And we definitely don’t need a script generating really stupid config files for us, since we got the working brain, and so can handle writing text that follows rules ourselves.
Grub 2 is the same cancer that is killing Linux, that is Ubuntu Unity, Gnome 3, KDE 4, recent versions of Firefox, etc.
"If you aren't running HPUX on a home Itanium server, then you're just using watered down bullshit."
Please stop insulting Larry Ellison. He owns an Hawaiian Island, you don't.
"National Security is the chief cause of national insecurity." - Celine's First Law
Linux is mainstream everywhere except the desktop, and I heard the desktop is dead anyway.
Ubuntu/Canonical has been the worst type of Karma whores since the beginning. They built a following by pimping the philosophy of freedom, only to abandon these ideals once the foundation was set. They have enouraged people to accept non-free video and wireless drivers, while companies like RedHat have tried to work with Vendors and educate folks about why this is a bad thing. Now with their app store with non-free projects; they've even undone this feat with kneeling towards Redmond (secureboot). I know not all Linux users care about freedom, but it is sad how even prominent linux users feel like they've accomplished something by getting their local school or whatever to use Ubuntu. People may complain about the free software philosophy all they want, but soon if Ubuntu continues, its going to be a much lesser degree of the early iterations of Windows with lots of propreitary-ness with bits and pieces of freedom (Windows started out using some BSD code). tl:dr Shuttleworth and Canonical are hypocrites and karmawhores.
Linux has gone mainstream... Just not on the desktop. Where is remains a distant 3rd behind Windows and OS/X.
With Android, Linux is quite popular with mobile. Linux is also strong on the server side too.
Linux never made it to the desktop, because there were too many drivers to support. When you luck out and get a System that is well supported by Linux... Linux rocked on that system. However if you try to put Linux on a poorly supported system, it usually sucked, and felt like a cheap OS.
If Microsoft make "Windows 9" a Linux Distribution with a Windows themed UI. It would probably be just like Vista, many people complaining about hardware compatibility, systems crashing all the time (due to improper drivers)
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
This is the start of a sea change in who controls our computers. Yes, for now you can turn it off (oh, sorry, unless you're using an ARM system), but this is just the first step. They can't go the entire way all at once. They've tried before, and learned they have to go one step at a time. Each step doesn't seem so bad, until finally, all the cards fall into place.
Already most of our mobile devices no longer belong to us, unless you manage to defeat the device's security that is meant as security against YOU, the owner of the device. Bought anything with iOS, or about 95% of the Android devices? Or WP7? Sorry, someone else owns it even after you purchased it. That's the world that many powers like Microsoft and many governments desire for the whitebox PC. A locked down device that obeys other masters, only booting "trusted" OSs that let those masters have the final say over what your computer does. Because a world where a billion individuals had control over their own computers could not be allowed to persist. It threatens too many corporations and governments.
Of course, people will buy these increasingly locked down PCs just like they are falling all over themselves to buy tablets, so this world WILL come to pass. All we can do is figure out how to deal with it.
And my dick is bigger then your dick.
Good for you. At least you have one thing going for you, since you appear to be semi-literate.
Have anyone read the FULL FSF papper before posting the same "WinxLinxMacOS" or the "DRM FLAME" on this topic?
Novell made a killing and and was an industry powerhouse for decades. Much of their wealth came from making the Microsoft environment easier to use.
Also many of Microsoft's biggest competitors started of by being compatible with Microsoft. Google providing Exchange protocol services, Office file format compatibility, same with Apple, OpenOffice, etc. And that hasn't worked out too bad for them.
Itanium ? That sell-out of a processor ? PA-RISC foreva' !!! No-one will prevent me from booting anything i want on that platform ... :-)
1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
Canonical is making the right choice for their users.
Funny how when I was growing up, free/libre software meant that the users did not have to rely on companies like Canonical to make their choices for them.
Palm trees and 8
My big concern is corporate computers. If your company is issuing you a computer, and they don't realize that some engineers want to run Linux, they may not let you install new keys or disable the secure boot. This is where it's a good idea to have one vendor using the Microsoft key, and other vendors using their own keys (and hopefully getting major PC sellers to include those keys). That way we at least have one solution that will work even on a locked-down system.
I think Red Hat's strategy is to be the Linux distribution that will work without having to mess with any secure boot issues, which is why they're going to use the Microsoft key.
We have always been at war with Eastasia.
OS/X? Finally, the successor to OS/2 the market has been waiting for!
They can call it WARP 10!
Syslinux FTW!
Hell, even this is an oversized bloated bootloader if all you need to do is always boot ONE system and leave it running until the cleaning crew takes your power outlet. GRUB1 was horrible thought at least it was reasonably well documented, eventually. GRUB2 was worse, and depricated GRUB1 even before they had the equivalent docs out. And LILO is not even in the running. There are a couple micro boot loaders around that work on PCs, and those would be good.
Sure, there are some people around that want dual boot or more (I've built a machine with 36 OSes on it ... yup, you can do more partitions in GPT ... so I know what that's like). Those people might need GRUB2. But I still did the 36 OS box with Syslinux (all OSes wear Linux ... no Redmond garbage here).
A shim should be a basic and simple as possible. GRUB just isn't even close.
now we need to go OSS in diesel cars
I refute your argument by identifying it as the "one true Scotsman" fallacy.
FC Closer
I don't understand how Intel supports this. They have pumped a lot of money and support into Linux in the past. Why would they now produce products that freeze it out?
Is there any way to get editors who know enough English to at least filter out sentences like:
It's not like it would have been hard to change it to:
BLOCKQUOTE>The Free Software Foundation (FSF) has published a whitepaper recommending ways for free operating systems to deal with UEFI secure boot.
And yes, I know that being a grammar nazi is unfashionable. But illiteracy really does work to convince people you have nothing to say worth reading...
"I do not agree with what you say, but I will defend to the death your right to say it"
they may take away the capability to disable it entirely
They already are taking it away on ARM based systems. "On an ARM system, it is forbidden to enable Custom Mode. ... Disabling Secure MUST NOT be possible on ARM systems" (page 122 of Windows Hardware Certification Requirements)
True geeks would never ask the question: 'Why hasn't Linux ever gone mainstream?'.
or lobby groups with an agenda
You seem to be errantly conflating "true geek" with "anal self-important elitist prick".
Many geeks use Ubuntu as there are various places where it is the right tool (or at least one of the appropriate options) for the job.
I spend an awful lot of time fixing Ubuntu to think of it as "watered down" linux.
Slaps AC with a cold wet trout of sarcasm.
Also, my dick is bigger than yours.
That is probably the most common logical phallusy.
SJW n. One who posts facts.
Although it was obvious the FSF would take this position, as it should, isn't it strategically wise to have multiple solutions for users to load a (mostly) free software OS on hardware with UEFI? For similar reasons, I think it's good to have Android devices running ClockworkMod so that they may boot CyanogenMod/Replicant. I understand that we (free software advocates) should always be encouraging consumers to make smart choices and purchase devices that will run free software (and a complete free software stack, when that's possible).
However, free software would become an "oasis in a desert", rather than a large and thriving ecosystem, if binary blobs, non-free drivers, non-free BIOS's, firmware hacks, etc. weren't around. It would become increasingly difficult to bring in more users. Those who have developed free software implementations to replace proprietary ones originate from all over the free software spectrum, so the pool of developers would also shrink.
I think you always want both: the hardcores who will run free software and free software only, and those who will make compromises on devices until (if/when) stable free software is developed for those devices. The FSFE's advice on installing CyanogenMod seems like a sensible approach that takes this into consideration. Likewise, why not help someone install as much free software as possible on a device with a non-free BIOS/bootloader?
It seems to me that UEFI will die a quick death if we A) fight very vocally against it, B) convince powerful corporations and governments that it's bad for them, C) ignore it where/when we can, and D) help others to circumvent it when necessary. It doesn't seem much different than the DRM problem in that way.
I would be very happy with Canonical's UEFI strategy if the following from this past /. comment can be done:
- Canonical will get efilinux signed with microsoft keys. So GRUB2 has to be made bootable from efillinux (efilinux is rather primitive, it just loads a kernel from a set collection of blocks from the device and run it. It shouldn't be too much difficult to have efilinux load and execute a GRUB2's "stage 1.5" or "stage 2"). Thus efilinux is the part that needs to be signed with microsoft's key (and efilinux's license makes it possible. Although that also means that you won't be able to hack it).
...
- GRUB2 can load coreboot (an opensource firmware) payloads, so it could also load SeaBIOS (a legacy BIOS implementation as a coreboot payload). - GRUB2 can also load windows XP's boot loader. So if any of the above is possible (either chainloading efilinux to grub2, or signing grub2 in a gplv3 compatible way). That means that grub2 could be used to boot windows XP on secure-boot hardware. (with seabios providing the legacy bios compatibility, and windows XP's ntldfr being loaded from grub2).
That unfortunately-complex method of chaining together multiple bootloaders seems to allow for any OS, even legacy ones, to boot (or at least attempt to boot) on UEFI hardware. Such a door might be closed if Canonical decides it won't play ball with Microsoft, and that seems like a door worth having open. However, I welcome any rebuttals...I don't know nearly enough about the issue.
Geeks like to think that they can ignore politics, you can leave politics alone, but politics won't leave you alone.-rms
Intel knows where they can make money from GNU/Linux: servers. That is not the target of this restricted boot system, and even if these restrictions come to servers, nobody will complain -- professional IT workers can put a $99 signing key purchase on their budget and continue to deploy whatever they want. Desktop GNU/Linux is not going to make Intel all that much money, and they know it -- Windows and Mac OS X are where all the desktop money is.
Intel and everyone else knows that restricted boot environments for personal computers (desktops and laptops) will be hugely profitable. Entertainment companies love it -- they can deploy a new kind of DRM that won't be defeated for years (see: PS3). Software companies love it, because they can stop people from applying cracks to evade DRM. ISPs love it because they can better lock-down their networks if they can control the computers that can be connected to those networks. The potential for money-making deals is HUGE, and Intel knows that when their chips are the center of these profitable systems, they make lots of money.
At the end of the day, Intel could not care less about hackers or computing freedom; they exist to make money, and there is no money to be made in allowing desktop and laptop users to have freedom.
Palm trees and 8
Grub2?!?
What happened to LILO?
is that game sales subsidize console sales.
You don't have to have all of GRUB. And since GRUB is modular these days, the parts you're not using aren't even loaded. Disk space is cheap, but you can always delete the modules you don't have room for in space-limited environments.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Drivers are only a part of the problem. The biggest is the fragmentation, of well, everything. The UI is different for every distro, every version, and every update. The configuration files are different for every distro, version and update. Besides a few very well known apps, compatibility of binaries and apps are a real crap-shoot.
Linux will become mainstream the second that the number of CSE graduates outnumbers any other major in society.
Think about it another way -- there are probably more copies of "Windows 7 for dummies" sold then there are installs of Linux being used as a desktop. With configurability, comes the loss of the mainstream. And plus, most UI/UX/usability in most Linux based apps don't follow the KISS method...
The problem, again, is not UEFI but secure boot. The two are not inextricably linked.
You'll have an uphill battle. Apple is transparently convincing people that DRM is good.
Can't happen. If any point has a flaw then the key gets revoked. From the UEFI platform down to the kernel needs to be "trusted" to betray the user, and the kernel must be secured against local exploits that allow bypassing of the chain.
then get ready for a case where a porn game get's locked out of the app store and they sue for there 1st amendment rights
That sounds kind of like a story I read once ... Is Mordor anywhere near Redmond?
Nae true Scotsman uses proprietary software!
Half-joking, but I wonder if contracting out a community-speced and community-funded motherboard would be possible. It might be worthwhile if for no other reason than to possibly catch MS leaning on contract manufacturers from even considering fabbing a motherboard outside of their control.
If secureboot gets the boot (har har), Im hoping extlinux is here to stay. After working with syslinux et al for some time, Ive grown to love their flexibility and simplicity.
At least for this round, FSF is saying that Fedora is using Grub 2 and Ubuntu is not. Both will be able to do 'SecureBoot' without divulging private keys, even though the former is using a GPLv3 bootloader. In a hypothetical where someone ships Red Hat Enterprise Linux on a system, they say the onus is on the hardware/firmware vendor and *not* Red Hat to facilitate the load. For that reason, Canonical also would not be forced to release keys, just that Canonical preloaded systems must include a contingency for disabling or user loaded keys.
I could see a scenario where this could be weird:
-Vendor ships an ostensibly Windows-only tablet, without option to replace keys or disable signing in firmware (I know, MS currently doesn't allow, but this is hypothetical)
-Fedora can still be installed, the boot loader they ship is signed.
-User has no signing key that would permit them to load without the approval of MS, and whatever costs are associated with that.
I presume from the writing that this is considered outside the scope of the anti-tivoization clause of GPLv3, which I now understand to specifically apply to preloaded GPLv3 software, and the software provider has no obligation to divulge signing secrets they use to work on the hardware vendor product. If all of x86 ecosystem one day was entirely MS signed and never pre-loaded Linux, would that prevent end-user freedom (a sort of holistic tivoization of an entire platform)?
XML is like violence. If it doesn't solve the problem, use more.
That's odd, FSF doesn't seem to be complaining that Canonical is making choices, it seems to be complaining that they made the "wrong" choice. You don't have to rely on Canonical unless you want to use their product, which is essentially what choosing software is, you use someone's software (maybe your own) over someone else's because of the choices they made.
I honestly don't understand how you have a problem with the concept of distros deciding to do certain things certain ways? Did you write your own package manager and kernel? In which case why are you using Ubuntu anyway? Why are you even using Linux, they've made all sorts of choices for you.
Actually no.
The linux kernel is the choice of most of the embedded community (which Google Android is part of) and has garnered its mainstream acceptance in this market since the kernel was first introduced. Google picked the Linux kernel to host the Android OS not only because it was free, but because the Linux kernel was already prevalent in the embedded market and was compatible with the ARM processor. Android OS may have increased the number of units sold with the Linux kernel installed, but it DID NOT make Linux mainstream in the embedded market.
Android didn't even make Linux mainstream to the general public. The consumer has no direct contact with the kernel, nor is Linux mentioned in any marketing done by Google to the general public. In this case, the linux kernel is just a part of a much bigger OS being installed on a mobile phone. I think when most people think of Linux they think of the Linux kernel with the Posix compliant runtime environment. Android does not fit this definition.
Nitpicks aside... Linux only has mainstream acceptance in the embedded and server market. People purposely choose a Linux OS to run on a server. People do NOT choose a Linux OS to run their phone (well not a lot of them), they instead choose Android OS which Google spent large amounts of money to market it. My point being that in order to be considered "mainstream" the community at large would consider picking your product directly versus as an internal part of a much more popular product.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
You DO know that the first amendment doesn't apply to private organizations, right?
To ensure perfect aim, shoot first and call whatever you hit the target
ANd that's why, when you were growing up, nobody used free/libre software.
Exactly. Android is not GNU/Linux. Android is Java/Linux and is every bit the turd that sounds like.
I'm a linux fan, and I build a LOT of custom systems for people (and sell them for a living).
So pissing me off costs a manufacturer a few hundred sales a year.
SO lets multiply that by a few thousand "linux fans" who are also responsible for corporate purchases, hardware sales at local shops, etc.
It adds up.
Let's have a look at the numbers:
In terms of annual sales figures, ASUS emerged as the highest grossing motherboard vendor with 21.6 million units sales in calendar year 2010, followed by Gigabyte with 18 million units.
ASRock Third Largest Motherboard Vendor
ASRock sold eight million motherboards in 2011, compared with ECS and MSI who sold seven million apiece.
ASRock
It is a good bet, I think, that corporate buyers will be looking for a board that does support Secure Boot.
s/geek/masochist/. There, FTFY.
I've been uswing Linux for ten years, exclusively for maybe seven. I 'm not a programmer, but I'm comfortable at the command line, and I even released my own live CD, a modified version of Slax. So I'm competant, but I also have limitations. I like to keep a debian-based distro on one machine, and slackware based distro on the other, and among debian-based distros, ubuntu is the one that works, within my limitations, with my hardware. Again and again. I used to hate Ubuntu, because I had cut my teeth on Debian, and I didn't know enough to negotiate the ways in which Ubuntu was different, but as a long-time Debian fanboy, I now love Ubuntu for having the vision to bet on debian as the template for mainstream Linux success, at a time when everybody was raving about Fedora. This is what I discovered by luck, as a newbie who installed Debian Sarge, and what I'd been telling everybody. Nobody believed me because Debian still had the reputation of being for geeks. I was lucky enough to come along at the birth of the new installer for Debain. Installing Woody, the previous version, was a long ordeal, with about 50 impenetrable questions I had to bluff through. Sarge was easy to install, and it came with an automatic connection to a ridiculous amount of software, and finding and installing software (and its dependancies) was the problem for a newbie. I saw the opportunity, and so did Shuttleworth. Ubuntu proved me wrong, and then it proved me right. It's still Debian at the core, the powerful system that used to be strictly for geeks.
'nuff said.
If Canonical doesn't care about users, why is Ubuntu is the only Linux distribution to win a measurable share of the mass-market desktop?
You don't have to rely on Canonical unless you want to use their product, which is essentially what choosing software is, you use someone's software (maybe your own) over someone else's because of the choices they made.
Sure, that's the way things work right now. When UEFI restrictions come into play, things start to work differently. I can choose not to use Ubuntu and Fedora, and then what? I get stuck jumping through hoops just to install anything else -- and while I have the technical expertise and patience needed to do so, it is still annoying, and for some people it is either too annoying or too difficult to do.
That is the choice this situation forces you into: either you accept the code written by Fedora or Ubuntu, or you have to work hard to get something else up and running / pay for the right to do so. You are not able to simply reject those distros whose choices you disagree with; you must decide if those accepting those choices would be as bad as trying to get something else to work. A few months ago, I stopped using Fedora because of a disagreement I had with their choices (completely unrelated to the boot process); now I have to reevaluate that, because getting the distros I like to run on the next laptop I buy might require more of a time commitment than I can make.
I honestly don't understand how you have a problem with the concept of distros deciding to do certain things certain ways? Did you write your own package manager and kernel? In which case why are you using Ubuntu anyway? Why are you even using Linux, they've made all sorts of choices for you.
I am free to accept or reject the choices that other people made. I can always fork a project if I do not like the direction it is taking. Except, of course, if I need a digital signature from the project in order to run my fork on my own computer / if I have to get some company's permission (i.e. by paying a fee).
It is not about other people making decisions; it is about my freedom to accept those decisions. Maybe I like everything in Ubuntu, except for the bootloader -- maybe I really want to run grub2. Now I am stuck jumping through all sorts of hoops to get that to work -- either buying a key and agreeing to contracts, or putting the system in custom mode and instructing anyone who wants to use my code to do the same. Forking a distro in this model sounds like a giant pain, with extra hurdles and hoops that just push people to use the handful of distros that can pay to play.
Palm trees and 8
chaining Can't happen
This is the part where things seem very muddy. RH/Fedora seem to be along this line of thinking by pushing things down even to the module signing bit. However I wonder if even that is sufficient, what's to stop a rootkit from using KVM to start over again and ultimately land in the Windows environment with a 'fake' secure boot indication?
Canonical seems to be assuming they can boot unsigned kernel or at least a kernel that loads unsigned modules. Are they mistaken, will MS have Canonical keys revoked should they push a UEFI boot loader that can execute EFI binaries without verifying signatures?
What is materially different between the bootloader chaining and having a Linux system do KVM? Is it just matter of complexity of constructing a rootkit giving some subjective comfort? Is it some specific display behaviors on boot that would be obvious to the *user* that something is not acting the way they would expect it to? If the former, that seems pretty weak and useless as a strategy. If the latter, that would make sense and in which case chaining all-day long would be acceptable, so long as the entry point made some very visible indication of its existtance (e.g. a splash screen with the vendor logo on it for a second).
XML is like violence. If it doesn't solve the problem, use more.
^ Please see the above wall of text for an example of the type of user who finds Linux usable on the desktop.
There's no -1 for "I don't get it."
But the configuration and operation of GRUB is a total bitch. I could not even find a document to describe the config file. And NO ... I do NOT configure things by running programs. I have more involved setups that just running programs cannot figure out. For example MY installer scripts need to generate the config files, NOT run some program that can't run in that minimalist installer environment.
Syslinux fits like a glove. GRUB is like trying to wrap a coat around your hand to keep it warm.
now we need to go OSS in diesel cars
Good for you. At least you have one thing going for you, since you appear to be semi-literate.
Why yes. As a matter of fact, I AM semi-literate. Thank you for noticing.
Linux has gone mainstream on the Mobile devices... GNU/Linux hasn't.
Linux is the kernel.
GNU/Linux, Android are the Operating Systems that use the kernel.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
>I get stuck jumping through hoops just to install anything else
You're using Linux and you can say this with a straight face? Kwitcherbitchin; it's one lousy step to disable secure boot.
Not immediately. At first it was a bit of a challenge.
Yeah, it's like last week old. Bah obsolete... Instead of just reinventing the lower half of the wheel, we should also reinvent the axle. I mean, what could be more important for the community than this? I don't think there's anything with bigger priority than being modern, sleek and trendy. Everyone else's doing it so we should bet our money and time in it, right? Right? ... Guys?
uhm...
but by law you can hack a phone for any software and any network.
So that may just have to come to pc's as well.
You mean WARP TIGER, WARP SEA LION or TURBO JAGUAR... People will really be engaged with the experience
uhm...
but anti trust comes into view with signed code?
Who controls the singing?
Who controls the app store?
What about banning apps based on content (not code)?
What about free OS (you can't go MS only)
What about older software and older hardware?
Let's get practical - where's an Ask Slashdot when you need it?
I build my own Linux boxes. How do I opt out of this and use what I've always been using? I don't care about secure boot. I don't want it. Will Gigabyte or someone build a motherboard without it? In the future, will this be optional and I can just disable it, or will I have to work around it and get a key to install to use hardware?
In 2015, when I build a replacement for my Core i7 development machine, what do I do?
Platform fragmentation that keeps developers and publishers away, tons of UI/UX rough edges, very powerful customization that is never backed by some serious graphical utility just configuration files so that newcomers can get scarred of screwing up (or screwing up again and again), cool technologies and flashy features that changes the environment every Thursday or so, being pushed before stabilizing core software, plethora the apps each written in a dozen programming languages, widget set, frameworks, dozens of libraries to parse command-line parameters or whatnot, lack of proper contingencies when screwing up (especially when dealing with xorg)
I still love the platform even if it's all over the place. Linux isn't popular because one of it's strengths, diversity, is being prioritized more than anything. Many people can't see that scratching an itch in three different places has no chance of 100% effectiveness.
uhm...
Why not? You rely on Linus making your choices for you.
Also, you have a choice - don't use Unbuntu if you don't like their plan....easy, peasy.
Or, don't use X, Y, or Z. Choices! Choices everywhere!
See, this is why the corporate overloads invented the term "Reasonable And Non-Discriminatory" (RAND). It is an antitrust violation if your competitors have no way to install their software; it is not a violation if you provide a "RAND" path to do so, like charging $100 for a signing key. Even more so when you can provide real justification for the system -- which in this case is "security from malware!" and in a few years "security from pirates!"
Palm trees and 8
You and your silly Itanium. IRIX on MIPS is the way! (Much nicer then Solaris on SPARC too...)
I'm starting to think GNU is the problem with "GNU/Linux" these days.
No but it does apply to the government that also enforces the DMCA.
The thing is based on the concept of trust. There are two different users of the 'trust' in a system like this.
The first user of 'trust' is the owner of the machine trusting that his software has not been modified. UEFI/SecureBoot helps with this by making sure that the thing being booted has been properly signed by someone you trust. It can further help out by stopping the boot process and alerting the user when the thing being booted differs from the last thing that was booted. So, even if you trust Canonical, if someone managed to slip a Canonical-signed boot loader on your system you can still be alerted to the change.
However, the trust that you can have that your software was not modified extends only so far as the trust is unbroken. If you install a signed bootloader that will run unsigned or invalid kernels then your trust stops at the bootloader, and you can't trust anything it loads.
The second user of 'trust' is people who have data you want to access. In that case, they can request that you system attest as to the state of the software on it. If any of the software is untrusted (by the owner of the data), they can refuse to serve the data.
People have suggested that the second case is easily worked around by installing a hypervisor and using it to boot a modified system, skipping/faking out the secure boot step. However, that fails because the remote attestation relies on data that has been correctly 'sealed' by a piece of hardware (the TPM) which itself is using a trusted key. If the UEFI/bootloader/kernel/modules/apps etc don't correctly verify the signatures of things they load, and report that status to the TPM, the correct attestation will not be received.
From what you wrote, it appears that Red Hat wants to be considered 'trusted' by owners of data, and Canonical just wants to provide a method around Secure Boot without worrying about establishing trust.
If you're running HP-UX at home or anywhere else, I pity you.
but when it's the only app store then the issue is not so doesn't apply.
It will be like small town cable and phone only offering some channels and finding away to lock out satellite tv and other cable system in that town.
Engaged Emu?
$2000?? some server are desktop like at price as low as $300
http://www.tigerdirect.com/applications/Category/guidedSearch.asp?CatId=30&sel=Detail%3B112_727_9505_9505
http://www.tigerdirect.com/applications/Category/guidedSearch.asp?CatId=30&sel=Detail%3B112_727_8915_8915
intel will have to look out for AMD as they can say RUN Linux on a AMD system with NO $99 signing key needed.
My impression was that TPM's relationship to SecureBoot was, well, non-existant. That discussions of TPM data sealing and SecureBoot are necessarily compeletly separate as neither infrastructure currently says much about the other...
XML is like violence. If it doesn't solve the problem, use more.
Torvalds' "fuck you" to nVidia kinda sums the whole thing up.
/* No Comment */
The correct name is, "WARP WALRUS"
/* No Comment */
My initial response was : "who cares, as long as it's fun" .
And Linux is fun .
There's no "Java" part in the OS (the part that actually runs on the machine).
Android has Dalvik, which is a very different VM with a different bytecode. The only Java part runs in the developer's desktop.
Dilbert RSS feed
The biggest is the fragmentation, of well, everything. The UI is different for every distro, every version, and every update
Only someone who hasn't done years of work on Microsoft systems could seriously claim this as a drawback for Linux. How many different GUI toolkits in its various OS versions is Microsoft up to now? 4? 5? It probably depends on how you count...
Linux has gone mainstream... Just not on the desktop. Where is remains a distant 3rd behind Windows and OS/X...
Linux never made it to the desktop, because
What is ironic is that most people (not companies or their employees, but private individuals) that personally use Linux use it for a desktop.
The Admin and the Engineer
Not in Canada. As of this week, if there is even the slightest trace of a digital lock that protects ANY copyrighted information your phone, it is not illegal to root it. EVEN if you have a full legal right to do access the data (or you plan to remove the data).
"If you aren't running HPUX on a home Itanium server, then you're just using watered down bullshit.
Also, my dick is bigger than yours."
This thread is useless without screenshots and pics.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
I hear this often, which leads me to believe that I and nearly all my *nix buddies are the luckiest people alive. I have installed various flavors of Linux on well over 1000 different machines over the years with no problems that couldn't be solved fairly quickly via an internet search (which would suck if it was the NIC driver not working...). Many of those times it was because the current version of Windows available at the time literally WOULD NOT install correctly, so I would test with Linux to verify problematic hardware. The times when it wasn't catastrophic hardware failure, I never had any showstopping problems.
Who buys these mythical machines that completely fail to run Linux? I will trade you your machine for one of my (many) boxes that has never successfully installed Windows, but runs Linux like a dream :)
You're just jealous because he got Dragon NaturallySpeaking to work in wine.
Wrong. Fedora has an ever bigger share.
I think you are a bit optimistic with the "no issues" but things have gotten a lot better since I started using Linux with Ubuntu 7.04. Every laptop I have installed on has had some minor issue at least. It is not an issue anymore now that we have the BumbleBee project but before that you didn't really have any choices for Optimus enabled laptops. With that said, the main reason you won't see GNU/Linux take off on the desktop is because companies like Dell, HP, ASUS, and Lenovo are not pushing Linux machines. Most people will not go out of the way to install a new OS on their machine even if that new OS is just an upgrade to Windows. I think we are more likely to see some sort of Android/Linux take over the home desktop market as the lines between mobile and PC get more blurred. Also Google didn't choose Linux just because it was free they choose it because it is a very good kernel. What else would they have chosen?
"Don't Panic!"
It used to be a lot worse. These days (> 2003) the problems seem to be getting better, and now it's usually a case of unsupported graphics cards meaning slow unaccelerated graphics, or unsupported wifi chipsets for a while until they're reverse engineered.
Tools like ndiswrapper helped along the way, and now that the buying decisions are being noticed, we're getting better help... But we've left many completely unsupported network cards, usb devices, webcams, and bluetooth devices, and graphics cards in our wake. (Some will eventually be supported, when someone with enough time to waste reverse engineers something, or when some vendor donates some code to, or drops some binary blob on, the community - but many will not...)
"Go to CNN [for a] spell-checked, fact-checked summary" -- CmdrTaco
You've almost created a toungue twister. Try this, "Where's the warped walrus pit?" Say that lots of times fast. (Hint: Fernando was found in a Cambodian drainpipe)
The Free Software Foundation should work harder with commercial GNU/Linux vendors to help fund free software development and create a market. That is what could ultimately fix these types of issues. The majority of people will pay for GNU/Linux hardware. While nobody should be forced to go through these steps on a Microsoft Windows certified machines it's time we stop thinking about GNU/Linux as something that replaces Microsoft Windows or works alongside it. It's an operating system with its own merit and if people are told they need XYZ hardware from XXXX.com they will get that hardware and create a market force that ultimately fixes the problem. Screw politics. Make the difference by boycotting HP, Dell, Toshiba, Lenovo, and the other big players who are already LOCKING out GNU/Linux from machines through digital restrictions on the incompatible wireless cards that are allowed to be installed.
Nobody else is making an effort to ship freedom friendly hardware. They have even declared war on "Trusted Computing Technology" and non-free binary blobs so not only do you get a machine that is compatible with GNU/Linux you get one that has generally excellent support across distributions AND there isn't any risk from a vendor discontinuing support for a particular chipset. We can't rely on companies whom continuously let us down and ship hardware that isn't really even GNU/Linux compatible and yet advertise "Linux" on the box. It's the one thing that drives me nuts about ZaReason, System76, and others. They don't care. They simply are out to make a buck. They might ship with a free OS if you ask them to- but they won't make a concerted effort to further free software / GNU/Linux support or provide a decent system that will work going forward. System76 doesn't even do anything other than advertise Microsoft Windows systems and then ship with Ubuntu (I did a little research and was disgusted how they operate).
There's a new Windows OS every 2-5 years, each with relatively minor changes from the older version.
In comparison, there are dozens of active concurrent Linux distros all releasing new versions with often jarring UI differences (hello, Unity!).
Windows is usually very conservative and stable in its UI design.
While they have some similar goals, TPM and UEFI are different things. Almost all PC hardware in existance now is already capable of remote attestation since TPM modules have been around for years now. You can even set up a linux OS so that it can only mount an encrypted volume if it was booted via the trusted path - if you boot from a CD and chroot to the root volume it won't be able to mount the encrypted volume. Ditto if you change the bootloader or kernel. Google for trusted grub sometime.
THIS.
god forbid if you're interested in playing with a more interesteing multiboot microkernel, the "docs" are actually WORSE. They spoon feed you just enough to boot linux and windows. Anything else, nothing. The reailty is the GNU project, with Grub2 is almost as bad as what they complain about, anti-Tivoization clauses not withstanding.
And that's another point. the GNU project has, with the adoption of a license which has additional restrictions above and beyond the GPL v2 (GPL v3), proven they cannot be trusted to be consistant in future releases. They are what they complain about from BSD (and other more liberal licenses)!
Frankly if a small UEFI-complient, multiboot-complient bootloader became the dominant bootloader, I wouldn't shead a tear.
Should I wrap that naive fischer price comment up in a ribbon for you?
mass-market desktop?
The people included in that demographic are too busy or ignorant to properly configure a running distribution.
While you have a point ( not complete, but still a point ) for the binary issue, the rest is IMHO wrong.
People do not seems to have a problem with having a different UI for every other consumer products, like a VCR, DVD player, Set top box. In fact, even in windows world, every scanner maker, or digital camera vendor bundle different software, wanting to add value and feature. Do people leave Windows and consumers electronics because of that ?
Not at all. But maybe that's because few people see this, because people cannot afford having 5 new differents digital camera in a month, and then complain on internet about it ( so everybody start to think that must be true, even if that's not that rational ), while that's the case for linux distributions.
One of the real problem is that software are changing too much for mainstream, so there is no time to have a industry around it to address the need of people who are not in the arm race. On the other hand, there is distribution like RHEL Desktop, SLES, etc that provides binary compatibility, long term support ( aroung 10 year for RHEL ) and are fucking cheaper than windows + associated software, but no one talk of them because "OMG, I need the new firefox 45 and latest version of everything". Some users do not care about that ( and i think most do not care about that, that's why after all Firefox try to make people use the latest version, because that's not compeling by itself for most users ). See how many people are still happy with windows xp.
On the other hand, if you take the free software movement as what it is, ie a offsrping of academic research trying to improve knowledge by sharing, the fast path of innovation is good, and so changing too much just mean doing more research, and that's the goal.
Maybe the issue is just misplaced expectations.
Not entirly true.
Gnu gcc is used to compile various bits and pieces. GNU Userland bits and pieces may be included as well. So Anrdoid/GNU/Linux would be its name!
Please proofread your posts.
"Those who consume the bulk of goods are those who make them. We must never forget this secret of our prosperity."
It's too late for AMD to push Coreboot for Windows 8. If they want to ship Windows systems with Coreboot, they will need to set it up such that Coreboot loads a UEFI foundation like Tiano and use that to boot Windows.
I have no idea whether such a combination would meet WinLogo requirements or not, however. I don't believe Coreboot currently supports the TPM, so AMD would likely have to add the code for it themselves. Coreboot's original target is compute clusters and datacenters where TPM support is not wanted or needed.
You forgot to take a stab at Metro.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
No it wouldn't. Despite what that egotistical twat Stallman would have you believe, having one or two applications developed by you on the system does not give you some god-given right to have your name prepended (not even appended, prepended) onto the product name. Otherwise, every PC you buy from Dell would be running BonziBuddy/Norton/Windows. Personally, I don't even subscribe to the belief that Linux should be called GNU/Linux.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Wrong. Fedora has an ever bigger share.
and has made an even bigger commitment to support Secure Boot.
Whilst being as good as h264 as an improvement over MPEG2.
It will get cracked/leaked, whatever.
trust me, somewhere, someone will find a mole to get into some deep dark whole to spill the secrets/keys, like bluray.
even if it is the secret service from china to spite/destabalize the wests security.
if its got 500 million in sales a year, it will get hacked in 1 day, just for the glory to say, 'eat shit fuckers'
Liberty freedom are no1, not dicks in suits.
you can boot of the network too dude.
if they left floppy boot on, open the pc and plug in a floppy drive if you can.
if no one is watching, pull the hardrive out and access it from your laptop's sata->usb cable, replace the 'recovery partition' with a linux installer.
Then boot to recover windows, which will install linux.
Liberty freedom are no1, not dicks in suits.
dual boot? I just run ESXi, and have 5-20 vms running of my choosing.
Direct Metal booting is so yesterday, in the future with 1ns flash ram, computers will NEVER reboot, unless theres an ESXi update.
Your VMs can reboot if needed, but else can run forever, even if all power is off, the future ram will have instant on-resume-mode.
Liberty freedom are no1, not dicks in suits.
It's true that Coreboot is pretty rare at present, but that's set to change drastically, as AMD is using Coreboot for all its new platforms. They started the process this 1st of June past.
Remember to sign this important FSF petition:
https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/statement
I think you just named Ubuntu 15.10...
End of line..
The last I knew getting a key will cost $99 for UEFI secure boot. I absolutely refuse to buy anything related to this whole problem, so my first step will be to disable UEFI secure boot and not even worry about it. I will probably use the Fedora or Ubuntu supplied key if I install GNU/Linux on other PCs that might be dual booting for other people, but disabling this technology seems like the best way to me to avoid all of these problems. If users want to buy a key feel free, but why would you want to? I understand that FSF wants to totally eliminate proprietary software, but I don't know how they can in this case. It's unfortunate that this even happened. This is one more reason I refuse to use Microsoft software, just too invasive.
Well, 10 years ago, everyone figured the Browser wars had ended (Netscape a pile or rubble, Opera a piddling 0.01%, websites that were IE only) and MS got complacent and then out of nearly nowhere (for the average consumer) Firefox came out and has, over the past years, taken a HUGE bite out of MS. Now, this bite was not profit, as MS gave IE away for free technically, but it added costs to MS's business since they now had to do more support (including being more standards compliant) and had to justify those changes to businesses that latched onto IE 6's non-standard way of doing things. All-in-all, MS has LOST a lot of money do to this fiasco, and they can't give it up without giving up many other tie-ins that keep their overall architecture Locked-in (and thus very profitable overall).
So, looking at things long term is where MS is coming from, right now they are dominate in the OS Market (just like they were dominate in the Browser Market), but what about 10 years from now? Will people, all of a sudden say, "Hey, I run android on my phone, my TV, my tablet, so I want Android from my PC too?". Well, how many people bought an iPod, iPad, iTouch, iWhatever, and then moved and bought a iMac for their next computer? Even if the count is 10% this is NOT good for MS since, from what I can gather, Android phones/tablets are selling at a far larger rate and Google does have the ability to be the "supplier" for an Android OS that could run any application that runs on the Android phone/tablet.
However, if MS can make it difficult for people to change OS and/or make it so that only through OEMs can you get an OS then this is to their advantage as they can then "redefine" the pricing of Windows to be almost free (or even negative)*1 and thus keep the OEMs from wanting to try any other offering.
*1 = If MS sells Windows for $10 per copy to an OEM, and the OEM then bundles software packages (they get paid for the lite versions to be installed) then it may/should be possible for an OEM to sell a Windows PC below physical cost and still make a profit... MS Could sell a "basic" version and then using nickle-and-dimeing techniques get their money like Apple does by selling addons for additional costs. Technically, they already do this with their 5-7 different versions of Windows based on what functionality you need (there was a time, W2K, when everything was in one package....)
Now, is this a conspiracy, no, this is prudent business planning (long term) that more businesses should do; however, it just sucks for the 1% niche that want "more" for/from their computer....
They aren't. http://distrowatch.com/table.php?distribution=mint
Windows assumes you are an idiot...Linux demands proof.
Who cares what toreballs says.
People who like to see a "fuck you !" said on camera by the interviewee.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
The FSF: we don't like how Ubuntu uses UEFI instead of Grub 2. We think this is bad for these reasons . . .
They don't like Ubuntu's *switch from Grub2 to efilinux* (in the wake of UEFI).
It comes from a problem with licensing.
The GPL license are made to allow each and every end user of some GPLed code to get/study/modify/hack/replace said code.
So if your Linux installation use a GPLed bootloader to load, you should be able to patch your very own custom version of said bootloader (to add support for whatever shit you want).
The GPLv3 was written to avoid "tivoization", situation where the code providers litteraly play by the rules of GPLv2 (make the source-code available for download on the website), but in practice don't follow the spirit of GPL and prevent the replacement of some firmware, because the device only boots signed code, and without the signing keys, there's no way to create a replacement which will be accepted by the device. You can get and study the code (from the website), you can eventually play a little bit around (on your PC or with an emulator) but you can't really modify and replace the copy on the device.
Grub2 happens to use GPLv3 license.
Canonical (and Fedoras)'s interpretation of the license:
- out-of-the-box, a lot of windows machine are able only to boot code signed by microsoft, because that's the only key loaded into them and because they are in secure-boot mode by default.
- to get a linux bootloader able to boot straight on such a machine (without requiring the user to play around with the BIOS), we need to provide at least one boot-loader signed with microsoft's key.
- signing GPLv3 code means that we must provide some way for the end users to replace said bootloader (like publishing the keys or something similar).
- on the other hand, microsoft explicitely forbids publishing their keys, etc.
- so no way to use GPLv3 code while still letting users replace the signed module.
- let's move to some more liberally signed code: let's switch from grub2 to efilinux and get efilinux microsoft-approved.
- microsoft signs the code, efilinux is booted, and then can chain load to anything we want. (eventually chain to grub2 too, because efilinux is seriously lacking in the "networking and other boot alternatives" department.)
Note that this (including the "chain efilinux to grub2") works not only on x86 hardware (which is mandated by microsoft to include non-secure boot), but also on ARM hardware (the Windows RT license require the device to be in full locked mode, only).
So if you want to get Ubuntu running on a microsoft surface, this works too.
In addition to that, Canonical plans to offer its own signing infrastructure, in a much more open-source friendly way. They'll petition manufacturer to include Canonical's key next to microsoft's key into the keychain on the TPM chip. So such machines can boot not only Windows 8, but can also boot anything signed by Canonical.
FSF criticism:
- it's sad that canonical drops support for Grub2 after so many release supporting it. (It's a piece of code that the FSF likes~)
- there are alternative way to use Grub2 with secure boot which are GPLv3 compliant in FSF's mind:
- get a Grub2 bootloader stage1 (the "efi executable" part) signed by microsoft.
- have regular users boot using grub2
- using a nice userfirendly GUI application, offer the possibility to upload new additioinnal keys into the TPM's keychain: the end user's key, canonical's key, or the key of any other opensource friendly signing infrastructure...
- a user wishing to modifiy/hack/replace grub2 can now do it, simply using the new key to get the custom grub2 booted instead of the key from microsoft.
- in that way the ability of users to hack/replace isn't prevented, even if it requires playing a bit around with the keychain on the TPM chip.
Note that I'm really not sure if it could work on ARM hardware. Windows RT's license explicitely requires that the device must be locked, and I don't know if adding new key into the keychain is among the stuff authorized by them. (Maybe it's not possible to load canonical's key into Microsoft Surface's TPM keymanager).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Binaries can only be signed with one key. If you use Microsoft's key, you can't use your own.
Well technically, you could provide several different binaries each signed with a different key. At worst you can always put a different bootloader on each CD.
The problem is that currently, there is only one key that you are guaranteed to find on almost every single UEFI system out-there: Microsoft's.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Why CoreBoot?
Because CoreBoot is a firmware, designed to initialise your hardware.
It exists already now, it's supported on several mainboards, and has some big name backing (AMD decided to support them actively, and starting from their next hardware iteration, CoreBoot will be their main focus for a firmware to boot their platforms).
It's a piece of binary code that you can flash to your motherboard.
What's wrong with stuff like OpenFirmware ?
OpenFirmware is a standard regarding how to handle booting, option roms, etc. all this in a clean and cross-platform way. It's not an actual firmware.
Supporting openfirmware means that a hardware manufacturer has to write their own openfirmware implementation (although it's not that complicated, when compared to monstruosities like UEFI) or port one of the existing one (which most of them target non-x86 platforms. So not much to leverage beside the Forth virtual machine)
In fact, coreboot *can* use openfirmware as an optional payload. Meaning that you can put support for that standard on coreboot, and then plug some hardware using openfirmware (like a PCI card from a PowerPC Mac) and have its option rom interpreted on coreboot (well, technically, on the Forth virtual machine running in the openfirmware payload in coreboot) and get the hardware initialized by coreboot.
Coreboot supports also other payloads: It can use SeaBIOS to provide a legacy BIOS interface (to boot a DOS or an older Windows). It can use TianoCore to provide UEFI standard compliance. It can also straight chain to Grub2 and use that as a boot menu. Etc.
So coreboot is a piece of code that current hardware manufacturer can already grab, which is very likely to support the hardware with which they want to build a motherboard (specially if they use latest generation of chips from AMD), and gives a lot of choice as to what standard to expose.
The best part is that coreboot is opensource. So if you, the end user, aren't happy with your firmware, you can still roll your own. (So if you like openfirmware that much, and have bought a motherboard running already on coreboot (or at least supported by coreboot), just roll your own coreboot+openfirmware)
There's no reason to ask HW manufacturers to adopt some completely new firmware stack when there are already-working ones which are more than "open" enough.
Also BTW: I'm under the impression that CoreBoot+openfirmware is currently the only openfirmware available stack for x86 hardware. Am I right ? Or are there other implementation of this standard on x86?
The only real problem here is with this new Secure Boot add-on, but there is no reason to throw the baby out with the bathwater. OpenFirmware / EFI can replace BIOS just fine and not have any restrictions. They already exist and manufacturers already know how to use them.
The problem is that Windows 8 license for x86 requires that the firmware be UEFI compliant, and has SecureBoot enabled by default (but asks for the option to disable it, or add new keys to the TPM chip).
And Windows RT license is even worse: Windows RT can only be shipper on tablets and netbooks where UEFI *IS LOCKED* in Secureboot mode.
So from now on, you now that the market will be flooded with motherboard and device which run on a UEFI compliant firmware, with UEFI in Secureboot mode, and only Microsoft's key in the TPM chip.
If you buy such a board, but that the board supports coreboot (because, for example, it's an AMD board, and runs coreboot+tiano core to provide the UEFI compliance), can just say "fuck it" to the whole story and flash instead a BIOS with coreboot + something saner.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Linux on the desktop has always tended to be for people who think....and they are a niche market in any walk of life. Your post implicitly acknowledges that in implying that these concerns are esoteric and irrelevant....when they are actually quite important. But most people not knowing what is important is nothing new. Linux now on the phones and every other thing because the thinkers helped shape the environment. Google's "Do No Evil" played a big part in that....preserving the freedom of users by default - whether thye know it or not.
Only boring people are ever bored.
You have heard of Citizens United, right?
Wow, can't believe I missed that one!
s/not illegal/illegal/ :(
The biggest is the fragmentation, of well, everything. The UI is different for every distro, every version, and every update
Only someone who hasn't done years of work on Microsoft systems could seriously claim this as a drawback for Linux. How many different GUI toolkits in its various OS versions is Microsoft up to now? 4? 5? It probably depends on how you count...
ROFL! Wow... You shills just amaze me. Yes, it probably does depend on how you count. If you're a freetard with nothing but M$ contempt, then maybe it is 4 or 5. If you're a normal non-tin-foil-wearing computer user, it's basically been the exact same UI for 10+ years. I can still go back to Windows XP and figure out / fix anything. I cannot go back to RHEL 3 and figure out much.
I don't need or want an operating system with it's own fucking shell just to boot my operating system with it's own shell.
Grub2 is the emacs of the boot loader world. It does everything you could possibly want, provided you want to spend 12 hours customizing it.