Linus Torvalds Explodes at Red Hat Developer

sfcrazy writes "Quite a lot of people raised their eyebrows the way ex-Red Hat developer Matthew Garrett made Microsoft the 'universal' control of any desktops PCs running with UEFI secure boot. Though the intentions of Garrett were clear — to enable GNU/Linux to be able to run Linux on Windows 8 certified PCs with secure boot; it was clearly putting Microsoft in a very powerful position. Linus, while a supporter of secure boot, exploded at Garrett and Howells when they proposed its inclusion in the kernel. Linus responded: 'Guys, this is not a d*#@-sucking contest. If you want to parse PE binaries, go right ahead. If Red Hat wants to deep-throat Microsoft, that's *your* issue. That has nothing what-so-ever to do with the kernel I maintain. It's trivial for you guys to have a signing machine that parses the PE binary, verifies the signatures, and signs the resulting keys with your own key. You already wrote the code, for chissake, it's in that f*cking pull request.'" Update: 02/25 17:24 GMT by U L : The headline/article are misleading, since mjg seems to agree that the patch is a bit complicated : "(I mean, *I'm* fine with the idea that they're *@#$ing idiots and deserve to be miserable, but apparently there's people who think this is a vital part of a business model)". The issue at hand is a set of patches to load and store keys inside of a UEFI PE binary which is then passed to the kernel, which then extracts the keys from the binary. It's absurd, it's messy, and it's only needed because Microsoft will only sign PE binaries so not supporting it makes restricted boot even more difficult to support.

Linux i like. Linus not so, after seeing a talk..

Posting anonymous just to be sure..

Since i saw a Google Tech Talk with Linus on stage, i certainly like him less.
http://www.youtube.com/watch?v=4XpnKHJAok8 (mostly about Git but nonetheless showcasing his persona)

Linux is great and all, but i am certainly not a fan of Linus anymore. Respect though for his incredible achievements.
He's a dick the same way Jobs was (also sharing similar strengths regarding vision), and i now realize he basically is a real life Sheldon Cooper, ego humor and everything.

Re:Where should we start?

[gweihir]

Good summary. A better way to do this is to a) make it easy for users to add keys, like a really obvious box on boot-up: "Do you really, really want to add keys for this new OS you are installing?" and b) have BIOS makers and main-board vendors include the keys for most Linux distros.

The problem with that is however that secure boot is broken as soon as a single OS maker/distro gets compromised. So while this is better, it still sucks badly, security-wise. "secure" boot is one of the ideas that looks good on first glance, but when you really get into the details it turns out to be fundamentally broken. Its only really reliable function is to make booting/installing anything but Windows harder and possibly infeasible for the average user. And, yes, that includes recovery CDs, utility CDs for restoring backups, hardware diagnostic CDs, etc. MS does not care that it screws over the user as long as their market-share increases. Plain old massively unethical business practices disguised as security feature.