If you don't have secure boot turned on, how do you know that the GRUB you are loading is not compromised to load an unsigned kernel? In fact, if secure boot is not turned on GRUB will NOT verify the kernel.
With secure boot turned off, the shim can't be trusted. If the shim can't be trusted then GRUB can't be trusted. If GRUB can't be trusted then the kernel can't be trusted. And if the kernel can't be trusted then any verification of signed code that it does can't be trusted.
Saying secure boot is not about security is nuts. It IS about security. The fact that is can ALSO be used for other purposes does not diminish its security usefulness.
Nonsense. It does not verify the signature agains a list of 'approved vendors'. It verifies the signature against a list of approved signers. While some crappy consumer brands may have built-in keys that can't be changed, real computers (servers) allow you, the machine owner, to install your own keys.
As to what happens once booted, that depends on what you booted. GRUB will verify the signature of the kernel and initrd before it loads them. If Linux is configured for IMA (Integrity Management Architecture) it will verify the signature of files upon an 'open', including the kernel modules. And it you use remote attestation you can verify that you are not running previously signed but vulnerable code.
The amount of FUD surrounding secure boot is astounding.
Everything is simple when you don't know what you're talking about.
If the manufacturer is responsible for making the thing repairable, then the manufacturer has to supply the parts. That means the manufacturer has to BUY the parts, which he may never be able to sell. Carrying inventory is not cheap.
Also, the parts inside two identical products may be different, depending on things like component vintage, minor design changes, etc. Every little change means more part numbers and more inventory. Attempts to reduce this result in less flexibility for the manufacturer, and that can greatly increase costs.
And that is not even considering the actual manufacturing processes. How much more does a machine that can pick up, orient, and drive tiny screws (especially if you must avoid 'weird' screws designed for such things) cost than one that squirts a dollop of glue? How much more maintenance does such a machine require? How much more of an opportunity for something to go wrong is there? How much does the increased waste from problems cost? How much more line-down time is there when small changes (screw must be moved by.5MM) must be made? How much does warranty cost increase as a result of an otherwise unnecessary connector failing?
I just took a little, unscientific, poll of 10 coworkers. Out of those 10, the oldest phone was 3 years. Out of those 10, only 2 people had EVER had a phone longer than 2 years. Exactly 1 person had EVER replaced a phone because it was unrepairable/too expensive to repair.
In 2016 there were approx 2.1B smart phones in use, up from 1.86B the year before. In 2016 there were approx 1.5B smart phones sold. Approx 250M of those went to new users, so 1.25B people replaced their phone. In other words, approx 2/3 of the worlds phone users replaced their phones. I am willing to be the vast majority of those phones were replaced simply because people wanted a new phone, not because the old one was broken.
Why would any sane person want to pay for a phone that lasts 5 years, when they will probably junk it after 2?
The problem is not how clear you are, but that you make no sense. Let's take an easy example, the lefts favorite whipping boy, Walmart. The average employee is low paid, but the CEO makes $21M. Clearly an outrage, right?
My understanding of your position is that if he was not making $21M, that money would be used to get his employees out of poverty, and that his $21M represents 'most of the proceeds', and the rest of the employees are living off 'crumbs'.
Let's make the insane assumption that every employee, other than the CEO, makes $8/hr, works half time (1000 hrs/yr), and has no benefits (paid time off, insurance, employee discounts, etc) at all. Since they have 2.1M employees, that means a payroll of $16.8B. The CEOs compensation represents 1/8 of 1% of the payroll. Please explain how that is 'most of the proceeds' and the 99 and 7/8% of money going to the employees is 'the crumbs'.
Now, as for cutting his compensation and using that money to get the employees out of poverty. If you cut his compensation to $0, and distribute it to the employees, you have given each employee $10. Per YEAR. Are you really going to claim that $10/yr is the difference between poverty and not poverty?
McDonald's CEO has total compensation of about $15M. If you cut that to zero and distributed it to the 375,000 people that work for McDonalds, you would give each of them a $40 raise. Not $40/hour. Not $40/week. Not even $40/month. $40 per YEAR. That is not going to get anyone out of poverty.
They go to pay the labor of building the structure, and the labor of getting the materials for the structure, and the profit to the landlord or mortgage holder.
All expenses are either for your own labor and profit, or your suppliers (and their suppliers, etc) labor and profit. There is nothing else. And before someone gets the bright idea to say 'taxes!', taxes are to pay for the governments labor.
So in your ever so enlightened country water flows on the outside of the pipes? Because that is the only way that sizing pipe by external dimensions makes any sense.
Being threatened IS 'actual' harm, legally speaking. And once again, you are not being punished for your speech, you are being punished for the consequences of your speech.
And your last sentence is just silly. ALL threats, including pointing a gun at someone, are dependant 'on a state existing in the head...'. The question becomes 'what did YOU do to cause that state?'
Nobody said that there aren't any consequences. The question is whether or not it is ILLEGAL to say or write those words. And it is not. Sure, you may get a visit from some not too friendly Secret Service types. You may be put on a watch list. You may be surveilled day and night for indications that you are putting your threat into action (which is of course illegal). Won't you WON'T be is arrested, tried, and convicted of merely saying or writing some words.
Trademarks don't work like that. First, they apply to only a specific field (for instance, professional football). More importantly, you must USE the trademark commercially in that field, or you lose it.
It does not matter if you truncate it not, it is equally wrong in both cases.
There is a difference between your speech and the consequences of your speech. There are no laws against yelling fire in a theater, whether or not there is a fire. But there ARE laws against things like reckless endangerment. If you yell fire and cause a stampede and people are injured, then you are likely to be charged with reckless endangerment, not because you said some prohibited word but because you actually endangered people.
So you're saying that there are EULAS today where the developers ACCEPT liability? No, today EULAS deny liability, just like FOSS. As far as liability is concerned, today proprietary and FOSS are equivalent.
But you are talking about a situation where they are unequal - proprietary software can be held legally responsible while FOSS cannot. In that case, one would have to be nuts to choose FOSS.
Uh, no. Given a choice between "use product from A and if there is a problem they are liable" and "use FOSS product and if there is a problem I am liable", who do you think is going to go with the second option?
Why does it matter if 'at the end' you have nothing to show for it? Have you never eaten a meal that provided flavor or nutrition above mere sustenance? Have you never attended a concert or gone to a movie? Have you never taken a vacation? All of those things leave you with 'nothing at the end to show for your expense'.
A more sane approach would be 'how much value do you get from owning vs renting'? For me, and I suspect a lot of other people, the value of an entertainment dollar comes from how much enjoyment you get from it. I can spend $10/month on a subscription movie service and watch a different movie every weekend. Or, I can spend the $10 buying a copy of a movie, watching it one weekend and spending the other three weekends diving into my collection of movies like Scrooge McDuck saying 'look how much I own!'. I would get much more enjoyment, thus value, out of the first.
As another poster said, people used to rent movies from brick-and-mortar stores. That business started dying off when the price to own a movie came down low enough. But the reason owning was seen as preferable wasn't so much 'look at all the stuff I own' as it was simple convenience. If you wanted to rent a movie you had to go to the store, hope they had a movie you wanted to see, go home and watch it, then return it to the store. By purchasing it you could watch it when you wanted, even if it was only once, and not have to deal with that hassle. That was worth money. When Netflix came out with DVD rentals that provided convenience at an even lower price than owning. Then when streaming came out it was even easier and cheaper to watch movies.
While it is possible that the Echo is 'always listening and transmitting', nothing in your anecdote illustrates that. It is entirely possible that they are recording the last minute or two ON DEVICE, and when a 'trigger' is received THEN it transmits the buffered data and the data for a minute or two AFTER the device is triggered.
It has never meant that. As for your second sentence, you do know that is quite common, right? Every hear of auto financing? Or gas credit cards? Or the fact that damn near every business gave credit to customers before Visa and Mastercard, etc became popular?
Company store has a specific meaning - that an employee of a company has virtually NO CHOICE but to spend his income only on products offered BY HIS EMPLOYER. That is not even remotely the case here.
Slashdot Mirror
If you don't have secure boot turned on, how do you know that the GRUB you are loading is not compromised to load an unsigned kernel? In fact, if secure boot is not turned on GRUB will NOT verify the kernel.
With secure boot turned off, the shim can't be trusted. If the shim can't be trusted then GRUB can't be trusted. If GRUB can't be trusted then the kernel can't be trusted. And if the kernel can't be trusted then any verification of signed code that it does can't be trusted.
Saying secure boot is not about security is nuts. It IS about security. The fact that is can ALSO be used for other purposes does not diminish its security usefulness.
Nonsense. It does not verify the signature agains a list of 'approved vendors'. It verifies the signature against a list of approved signers. While some crappy consumer brands may have built-in keys that can't be changed, real computers (servers) allow you, the machine owner, to install your own keys.
As to what happens once booted, that depends on what you booted. GRUB will verify the signature of the kernel and initrd before it loads them. If Linux is configured for IMA (Integrity Management Architecture) it will verify the signature of files upon an 'open', including the kernel modules. And it you use remote attestation you can verify that you are not running previously signed but vulnerable code.
The amount of FUD surrounding secure boot is astounding.
And where there used to be a healthy appliance market, there are now 2-3 manufacturers. And that is really great for consumers and workers.
Everything is simple when you don't know what you're talking about.
If the manufacturer is responsible for making the thing repairable, then the manufacturer has to supply the parts. That means the manufacturer has to BUY the parts, which he may never be able to sell. Carrying inventory is not cheap.
Also, the parts inside two identical products may be different, depending on things like component vintage, minor design changes, etc. Every little change means more part numbers and more inventory. Attempts to reduce this result in less flexibility for the manufacturer, and that can greatly increase costs.
And that is not even considering the actual manufacturing processes. How much more does a machine that can pick up, orient, and drive tiny screws (especially if you must avoid 'weird' screws designed for such things) cost than one that squirts a dollop of glue? How much more maintenance does such a machine require? How much more of an opportunity for something to go wrong is there? How much does the increased waste from problems cost? How much more line-down time is there when small changes (screw must be moved by .5MM) must be made? How much does warranty cost increase as a result of an otherwise unnecessary connector failing?
I just took a little, unscientific, poll of 10 coworkers. Out of those 10, the oldest phone was 3 years. Out of those 10, only 2 people had EVER had a phone longer than 2 years. Exactly 1 person had EVER replaced a phone because it was unrepairable/too expensive to repair.
In 2016 there were approx 2.1B smart phones in use, up from 1.86B the year before. In 2016 there were approx 1.5B smart phones sold. Approx 250M of those went to new users, so 1.25B people replaced their phone. In other words, approx 2/3 of the worlds phone users replaced their phones. I am willing to be the vast majority of those phones were replaced simply because people wanted a new phone, not because the old one was broken.
Why would any sane person want to pay for a phone that lasts 5 years, when they will probably junk it after 2?
The problem is not how clear you are, but that you make no sense. Let's take an easy example, the lefts favorite whipping boy, Walmart. The average employee is low paid, but the CEO makes $21M. Clearly an outrage, right?
My understanding of your position is that if he was not making $21M, that money would be used to get his employees out of poverty, and that his $21M represents 'most of the proceeds', and the rest of the employees are living off 'crumbs'.
Let's make the insane assumption that every employee, other than the CEO, makes $8/hr, works half time (1000 hrs/yr), and has no benefits (paid time off, insurance, employee discounts, etc) at all. Since they have 2.1M employees, that means a payroll of $16.8B. The CEOs compensation represents 1/8 of 1% of the payroll. Please explain how that is 'most of the proceeds' and the 99 and 7/8% of money going to the employees is 'the crumbs'.
Now, as for cutting his compensation and using that money to get the employees out of poverty. If you cut his compensation to $0, and distribute it to the employees, you have given each employee $10. Per YEAR. Are you really going to claim that $10/yr is the difference between poverty and not poverty?
McDonald's CEO has total compensation of about $15M. If you cut that to zero and distributed it to the 375,000 people that work for McDonalds, you would give each of them a $40 raise. Not $40/hour. Not $40/week. Not even $40/month. $40 per YEAR. That is not going to get anyone out of poverty.
They go to pay the labor of building the structure, and the labor of getting the materials for the structure, and the profit to the landlord or mortgage holder.
All expenses are either for your own labor and profit, or your suppliers (and their suppliers, etc) labor and profit. There is nothing else. And before someone gets the bright idea to say 'taxes!', taxes are to pay for the governments labor.
So in your ever so enlightened country water flows on the outside of the pipes? Because that is the only way that sizing pipe by external dimensions makes any sense.
Being threatened IS 'actual' harm, legally speaking. And once again, you are not being punished for your speech, you are being punished for the consequences of your speech.
And your last sentence is just silly. ALL threats, including pointing a gun at someone, are dependant 'on a state existing in the head...'. The question becomes 'what did YOU do to cause that state?'
Well then you should not be offended, because it isn't.
Nobody said that there aren't any consequences. The question is whether or not it is ILLEGAL to say or write those words. And it is not. Sure, you may get a visit from some not too friendly Secret Service types. You may be put on a watch list. You may be surveilled day and night for indications that you are putting your threat into action (which is of course illegal). Won't you WON'T be is arrested, tried, and convicted of merely saying or writing some words.
Trademarks don't work like that. First, they apply to only a specific field (for instance, professional football). More importantly, you must USE the trademark commercially in that field, or you lose it.
It does not matter if you truncate it not, it is equally wrong in both cases.
There is a difference between your speech and the consequences of your speech. There are no laws against yelling fire in a theater, whether or not there is a fire. But there ARE laws against things like reckless endangerment. If you yell fire and cause a stampede and people are injured, then you are likely to be charged with reckless endangerment, not because you said some prohibited word but because you actually endangered people.
Completely wrong on both
So you're saying that there are EULAS today where the developers ACCEPT liability? No, today EULAS deny liability, just like FOSS. As far as liability is concerned, today proprietary and FOSS are equivalent.
But you are talking about a situation where they are unequal - proprietary software can be held legally responsible while FOSS cannot. In that case, one would have to be nuts to choose FOSS.
Uh, no. Given a choice between "use product from A and if there is a problem they are liable" and "use FOSS product and if there is a problem I am liable", who do you think is going to go with the second option?
Why does it matter if 'at the end' you have nothing to show for it? Have you never eaten a meal that provided flavor or nutrition above mere sustenance? Have you never attended a concert or gone to a movie? Have you never taken a vacation? All of those things leave you with 'nothing at the end to show for your expense'.
A more sane approach would be 'how much value do you get from owning vs renting'? For me, and I suspect a lot of other people, the value of an entertainment dollar comes from how much enjoyment you get from it. I can spend $10/month on a subscription movie service and watch a different movie every weekend. Or, I can spend the $10 buying a copy of a movie, watching it one weekend and spending the other three weekends diving into my collection of movies like Scrooge McDuck saying 'look how much I own!'. I would get much more enjoyment, thus value, out of the first.
As another poster said, people used to rent movies from brick-and-mortar stores. That business started dying off when the price to own a movie came down low enough. But the reason owning was seen as preferable wasn't so much 'look at all the stuff I own' as it was simple convenience. If you wanted to rent a movie you had to go to the store, hope they had a movie you wanted to see, go home and watch it, then return it to the store. By purchasing it you could watch it when you wanted, even if it was only once, and not have to deal with that hassle. That was worth money. When Netflix came out with DVD rentals that provided convenience at an even lower price than owning. Then when streaming came out it was even easier and cheaper to watch movies.
That is also in TFA. Banks consider small merchants a bad risk.
While it is possible that the Echo is 'always listening and transmitting', nothing in your anecdote illustrates that. It is entirely possible that they are recording the last minute or two ON DEVICE, and when a 'trigger' is received THEN it transmits the buffered data and the data for a minute or two AFTER the device is triggered.
It has never meant that. As for your second sentence, you do know that is quite common, right? Every hear of auto financing? Or gas credit cards? Or the fact that damn near every business gave credit to customers before Visa and Mastercard, etc became popular? Company store has a specific meaning - that an employee of a company has virtually NO CHOICE but to spend his income only on products offered BY HIS EMPLOYER. That is not even remotely the case here.
They are life safety equipment, dumbass.
I guess you never heard of sulfanilamide
That was not copyright, it was licensing the press. Copyright has always been about the author.