Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linus Torvalds Clarifies His Position on Signed Modules

Posted by Unknown on from the sarah-palin-vs-tcpa's-ugly-head dept.

An anonymous reader writes "No one, but no one, in the Linux community likes Microsoft's mandated deployment of the Unified Extensible Firmware Interface (UEFI) Secure Boot option in Windows 8 certified PCs. But, how Linux should handle the fixes required to deal with this problem remains a hot-button issue. Now, as the debate continues hot and heavy, Linus Torvalds, Linux's founder and de facto leader, spells out how he thinks Linux should deal with Secure Boot keys." And it's not in the control of Microsoft: distros should sign only the modules they provide with their key, with user built modules signed by locally generated keys (since, as SSL certification authority break-ins have shown, centralized trust systems are prone to abuse and offer dubious security benefits). Basically, no love for proprietary kernel modules.

3 of 208 comments (clear)

  1. Oh, Linus; so adorable when you are angry. by Anonymous Coward · · Score: -1, Troll

    I like how Linus (and a lot of the more security paranoid amongst us) have been talking about securing the boot chain for a few decades now, but now that it appears that they've finally won the day and convinced the wider world to get this going it's suddenly TEH EVIL and NOT FREE.

    Sorry, dudes, Secure Boot is actually a pretty nice technology, you can load keys of your choice, and you know what? You probably weren't going to buy a surface RT anyway.

    1. Re:Oh, Linus; so adorable when you are angry. by fustakrakich · · Score: 0, Troll

      You're confusing him with Assange

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:Oh, Linus; so adorable when you are angry. by Anonymous Coward · · Score: -1, Troll

      Different AC here. You don't need any special talents to be able to identify an egomaniac, especially one who acts like Torvalds. Taking Linux to where it is today does not give him, or anyone, carte blanche to act like his wants and opinions are more important than anyone else's.

      If Linus doesn't like the Intel/MS control over UEFI then let him conjure up a viable alternative and get it to market. Complaining that those who created a technology have final word over how it is implemented is fruitless, just as complaining that Torvalds holds final control over Linux is a waste of time.