These companies 'got popular' because they are, at the moment, cheap. One of the main reasons they are cheap is that they are currently using licenses/contracts that were drawn up at the very beginnings of viable streaming, and they are getting the content very inexpensively. Once those contracts are up for renewal, all that can change (see Netflix/Starz). If you want to see the things that worry Netflix, have look at their annual report, in the 'risks' section. Being unable to obtain content cheaply is one of their big risks.
No, you don't remember that, because it never happened. Originally your cable subscription was just re-transmission of OTA broadcasts, complete with all the commercials. In the mid 70's HBO came along, and for an additional fee you could watch movies commercial free - still true today. In the late 70's cable companies offered regional programming (sports, mostly), again for an additional fee (either monthly subscription or pay-per-view). Today, most of those regional channels (and many, many, more) have moved to some sort of 'extended basic' package, for a fee far less than was what was charged in the 70's. Those channels now have ads, but are no longer 'premium' channels. One of the first real 'cable' channels was MTV, and it was indeed commercial-free - for the first 10 minutes of it's existence.
This magical time when cable was commercial-free that you are 'remembering' never existed.
Yes, you can copyright the lyrics and melody separately from the sound recording, but releasing a sound recording does not REQUIRE you to put the sheet music in some escrow account somewhere, which is what the guy I was responding said should be done with software.
But they never agreed on what the audit meant, which makes such an audit useless. Even after the whole thing was done and an independent party did another audit they had to apply various scenarios to figure out what the outcome was.
Ha ha! That is a good one. Seems to me that about 12 years ago there was a hotly contested race down south somewhere that revolved entirely around paper ballots.
Yes, I am aware of that. What I am saying is that if some company develops a piece of software in-house, and does not release that source code, it is a trade secret. That is their prerogative. Requiring them to 'deposit' the source code somewhere so that it becomes public domain is just silly, nobody is required to release their trade secret into the public domain. We don't require authors to 'deposit' an ascii text file of their manuscript somewhere so we can easily modify it when copyright expires. We don't require movie studios to 'deposit' the set blueprints, costume patterns, scripts, lighting direction, etc somewhere so we can easily recreate the movie when copyright expires. We don't require musicians to 'deposit' the exact score, recording levels, mixing instructions, etc so we can easily recreate that when copyright expires. Why should software be any different?
So, in other words, it is not in there anywhere. You just made it up.
The reason you are allowed to film (some) public servants in the course of their public duty is because they are, you know, IN PUBLIC, and there is no law that says you can't, not because of some supposed Constitutional protection. Try to intercept all of the internal email from some government department, or install a bug in their offices, and see what 'Constitutional protection' you have.
Communications between ANY two parties are, by default, private. You don't magically lose your right to privacy just because you happen to work for the government. There may be perfectly valid reasons to break that privacy sometimes (either by consent of the parties, by law, or by due process), but the default is privacy.
Bullshit. Source code is a trade secret, and nobody is 'entitled' to those. The only legitimate reason for requiring a 'deposit' (escrow) of source code is that you are so dependent on it that it would cause you irreparable harm if it were no longer available. And in that case, you can get the software put in escrow, but it is going to cost you a fortune. Games sure as hell don't qualify for escrow.
Be serious. Why would IBM (or any sane company) go through all that trouble just to breach a contract, when said breach gains them nothing at all?
Did you ever hear of the SCO vs IBM case? Did you notice how hard IBM fought that? Did you think they spent all that money just to support Linux and FOSS? No, they spent all that money because they were protecting their name and reputation against some very serious charges (breach of contract and copyright infringement). They are not about to go do some stupid scheme just to commit those very same offenses.
Where, exactly, in the Constitution does it say anything about internal State Department documents being open? Where does it say anything must be open (published) except for Congressional proceedings, Congressional votes, and the budget? And even in the case of Congressional proceedings the exact text is:
Each House shall keep a Journal of its Proceedings, and from time to time publish the same, excepting such Parts as may in their Judgment require Secrecy; and the Yeas and Nays of the Members of either House on any question shall, at the Desire of one fifth of those Present, be entered on the Journal.
Diplomatic cables ARE private communication, dumbass. They are why the whole concept of 'diplomatic pouches' exists. They are NOT 'a reflection upon our nation as a whole' until some ACTION is taken. The only time they become a 'reflection upon our nation as a whole' is when some jackass leaks those private communications.
'The People' you are referring to are specifically 'the people of the USA'. The other 96% of the world's population does not need or have a right to know anything about what the government of the US is thinking or doing.
It is just as stupid to make that comment about the government as it is for the government (or anyone else) to claim that anything you want to keep secret implies wrongdoing. Keeping stuff secret means that there is at least one person on the planet to you do not wish to have that information. And since you can't tell 300 million people something and not have that one person find out, you don't tell anybody. Perfectly normal practice followed by every individual, organization, company, and government that exists.
Except that most of the leaked stuff wasn't about anybody DOING anything. It was about people THINKING things. If, for example, a diplomat is asked what his opinion of someone he is negotiating with is, he better be able to privately and honestly say 'I don't really trust the guy - I think he is lying'. If everything every government employee or official thinks is going to be public information, that is going to lead to nothing except 'toeing the party line' or remaining quiet. And that is just bad for everyone.
Yeah, that 'System Requirements' thing (right on the box, and also on their web page) totally doesn't say anything about requiring Windows. Oh wait, it does. While you're at it, why don't you also start a class action suit against them for not doing your taxes - they don't give any warning about their failure to do that either.
You do realize that there are differences between places, right? The challenges and costs associated with burying a cable in a flat location with sandy ground are going to be considerably different than those associated with burying a cable in mountainous area made of granite.
More importantly, you do realize that there is enormous difference between doing work in an area where there is currently nothing and retrofitting an existing area, right? Yes, if you are building a NEW area you can just dig away, bury your cables, and lay the new road over it. Easy and cheap. Now do that in an existing area. First, you need to map out where every gas line, water pipe, sanitary sewer, and storm sewer already are. Then, you need to dig very carefully, often by hand, around all that existing stuff. Then you put in your tunnel or conduit, again avoiding all the existing stuff. Then you cover it all back up, and repave the road you destroyed.
You think $1.6M a mile is expensive? The third NYC water tunnel is costing $100M/mile. Near me is a city street with a sinkhole because of a collapsing storm sewer. Estimated cost to repair one tenth of a mile of the storm sewer is $2M.
I'm sure if you can do it for under $1.2M/mile the power companies will be more than happy to hire you.
And lastly, no, it is just 'moving a cable'. The cable is currently 15 feet above ground. Moving it means digging a trench (and repairing the subsequent damage), putting a hole in the foundation for the wire to pass through, doing proper bonding, etc. $2K is not at all out of line. I don't know where you got the idea that the power company is responsible for wiring to your house, they aren't. They do the actual work, you pay for it.
First of all, the current outages are not in the northeast, they are in the mid-Atlantic region. Having said that, we did have some problems up here in the northeast last year, from Irene and from an early blizzard (while the trees still had leaves).
So, exactly how bad is the situation up here? According to the local utility, when there are no major storms the reliability of their service is 99.96%. When there are major storms (which is where buried utilities would help), the reliability plummets - all the way down to 99.92%.
So, how much would it cost to bury the lines to gain back that 0.04%? According to the utility, burying a mile of distribution line costs $1.6M (times 7300 miles = $12B), and burying a mile of transmission line costs $7M (times 600 miles = $4.2B). Add in another $530M to remove the existing above-ground stuff, and another $1.3B to install ground-mounted transformers (on private property) and equipment. Total cost to the utility, $18B. That would require a permanent annual revenue increase of $3.24B per year, or $10,000 PER CUSTOMER EVERY YEAR. In addition, each customer would be required to spend about $2K to have an electrician install the new underground service to their house.
The thing is based on the concept of trust. There are two different users of the 'trust' in a system like this.
The first user of 'trust' is the owner of the machine trusting that his software has not been modified. UEFI/SecureBoot helps with this by making sure that the thing being booted has been properly signed by someone you trust. It can further help out by stopping the boot process and alerting the user when the thing being booted differs from the last thing that was booted. So, even if you trust Canonical, if someone managed to slip a Canonical-signed boot loader on your system you can still be alerted to the change.
However, the trust that you can have that your software was not modified extends only so far as the trust is unbroken. If you install a signed bootloader that will run unsigned or invalid kernels then your trust stops at the bootloader, and you can't trust anything it loads.
The second user of 'trust' is people who have data you want to access. In that case, they can request that you system attest as to the state of the software on it. If any of the software is untrusted (by the owner of the data), they can refuse to serve the data.
People have suggested that the second case is easily worked around by installing a hypervisor and using it to boot a modified system, skipping/faking out the secure boot step. However, that fails because the remote attestation relies on data that has been correctly 'sealed' by a piece of hardware (the TPM) which itself is using a trusted key. If the UEFI/bootloader/kernel/modules/apps etc don't correctly verify the signatures of things they load, and report that status to the TPM, the correct attestation will not be received.
From what you wrote, it appears that Red Hat wants to be considered 'trusted' by owners of data, and Canonical just wants to provide a method around Secure Boot without worrying about establishing trust.
Except it isn' 'Microsoft's secure-boot solution', it is the Trusted Computing Groups secure-boot solution. Microsoft is a 'promote'r of TCG, but so is AMD, Intel, Cisco, IBM, HP, Fujitsu, Juniper, Infineon, Wave, and Lenovo. Move down into the 'Contributor' category and you add dozens more companies, including Red Hat, Accenture, AMI, Dell, Freescale, Toyota, Hitachi, General Dynamics, Sony, Seagate, Western Digital, etc.
Surely you don't think that all those companies are interested in Trusted Computing just because Microsoft is insisting on it, do you? They are interested because either they or their customers have real world problems with sensitive data leakage, regulatory compliance, etc.
Secure boot is just one little link in the chain of Trusted Computing. It is the first test that FOSS is facing with regard to the upcoming changes in computing. There will be many more to follow. If FOSS wants to remain relevant in the coming age where owners demand tighter control over their data they are going to have to figure out how to adapt.
Now, there is nothing that is incompatible with the ideas of 'open source' and the ideas of 'trusted computing'. Trusted computing does not require closed source or secrecy (except of course for signing keys). There is absolutely no technical reason that Red Hat, or SuSe, or Ubuntu, can't provide a 100% FOSS solution that is trusted. The only thing that could hold them back is putting ideology first.
This is why the Trusted Computing Group is careful to draw a distinction between owners and users. Owners (of machines, software, data) should have complete control. Users (of machines, software, data) should only be able to do what the owners allow, and should not be allowed to override the owner's wishes. Kind of silly to list that as a 'concern' when it is one of the major features of the whole thing.
Have you used secure boot? I have (IBM xSeries servers) and that is pretty much what they do.
I don't know what you are talking about with 'very tightly controlled keys'. The only keys that need to be tightly controlled are the ones used to sign the code, because if they are not tightly controlled you can't trust that the claimed signer is actually who signed the code. Of course, for signing to have any meaning you must be able to verify the signature so you must have a matching public key, but those are not tightly controlled at all. In fact, the problem there is how to make it EASY to add the keys. Hence, the Red Hat/Microsoft deal where Microsoft will sign anyones code for $90. Microsoft is controlling the signing key, and the matching public key will be widely distributed because of Microsoft's influence. Ubuntu is taking a different tack, opting instead to do it's own signing, and trying to get hardware manufacturers to include their public key.
The only other thing that needs to be tightly controlled is your personal database of trusted public keys. The only requirement there is that you trust the entity who's key you have to verify that the code is from who they says it is before they sign it. Those keys can come either pre-installed from sources that the manufacturer trusts (Microsoft and Ubuntu) or they can be added by the owner of the machine.
No, a hypervisor can not fake answers from the TPM. Look at the lift of companies who contributed to trusted computing. Notice how right at the top is IBM, someone with about 40 years of experience with virtualization and hypervisors. Do you really think they designed this 'trusted' model so it could be easily broken by something as trivial as a hypervisor? No. The answer to that problem is the TPM - a piece of hardware. The TPM is itself 'sealing' it's responses with encryption. You can't 'fake' a TPM, because you don't have the key that the TPM uses to seal it's responses. Therefore, any responses your hypervisor attempts to give to the process that asks for attestation will be rejected, because the response does not come from a trusted source.
Again, the ONLY keys that need to be tightly controlled are the ones used to do signing, including the one the TPM uses.
So, if someone wants to see if they 'trust' your system before giving it data, they ask you to provide attestation as to the state of your machine. You can either provide a valid answer from the TPM (which they will trust), or a spoofed answer (which will not be trusted). If you provide a valid answer, then they can see that the UEFI is good, but the bootloader, signed by Microsoft, says it is from 'cryptlizard'. End of trust.
No, that is not true. An analogy would be a notary public. You take a document to the notary, with some ID, and sign the document in front of them. They put their seal on it and say certify that it was you who signed the document. They don't care at all about what the document says, and they don't state in any way that the contents of the document are true, just that you signed it.
If you were to send a boot loader to Canonical for signing, all they are doing is saying 'Canonical says this bootloader is from cryptlizard'. Nothing says anyone else has to trust cryptlizard.
So, let's say I get Canonical to sign my malicious boot loader, and it gets installed on your machine. The first thing that ought to happen is that UEFI notices that the signature and/or signer of the bootloader is not that same as the last time it booted, and puts up a screen saying "The last time you booted 'Windows 8 from Microsoft (according to Microsoft)', was what you were running. Now, you are running 'GRUB2 from bws111 (according to Canonical).' Is this an intentional change?" That should stop a lot of malware sneaking in as a bootloader.
But what if you intentionally installed a bootloader that loads unsigned kernels so you can hack the system to remove DRM checks, etc? In that case, any upstream processes (kernel, drivers, apps, remote services) can find out that your bootloader was from cryptlizard, and assign as much (or as little) trust to that as they want.
You said 'they made $14B and laid off workers - they could have made $13B and kept the workers'. To me, that says they did not help earn the $14B, because they weren't there (if they were there they would have made $1B less). If they were there doing nothing but costing $1B, that sounds like charity to me. The other way to look at it is the workers were there when they made the $14B (which means they were paid), but they later got laid off. That may be true, but making $14B one year does not mean you are going to need the same number of workers (or make the same profit) the next year, and the mention of $13B is meaningless in that context.
No, I am not criticizing environmental laws at all, but you can't deny that they raise the cost of doing business here.
While we certainly could refuse to trade with places that don't follow our ideas of what is important, the problem is that other countries are also free to expect us to meet their idea of what is important.
Slashdot Mirror
These companies 'got popular' because they are, at the moment, cheap. One of the main reasons they are cheap is that they are currently using licenses/contracts that were drawn up at the very beginnings of viable streaming, and they are getting the content very inexpensively. Once those contracts are up for renewal, all that can change (see Netflix/Starz). If you want to see the things that worry Netflix, have look at their annual report, in the 'risks' section. Being unable to obtain content cheaply is one of their big risks.
No, you don't remember that, because it never happened. Originally your cable subscription was just re-transmission of OTA broadcasts, complete with all the commercials. In the mid 70's HBO came along, and for an additional fee you could watch movies commercial free - still true today. In the late 70's cable companies offered regional programming (sports, mostly), again for an additional fee (either monthly subscription or pay-per-view). Today, most of those regional channels (and many, many, more) have moved to some sort of 'extended basic' package, for a fee far less than was what was charged in the 70's. Those channels now have ads, but are no longer 'premium' channels. One of the first real 'cable' channels was MTV, and it was indeed commercial-free - for the first 10 minutes of it's existence.
This magical time when cable was commercial-free that you are 'remembering' never existed.
Since when does "use" mean "seize"? Putting out a press release is using privately owned communications resources.
Yes, you can copyright the lyrics and melody separately from the sound recording, but releasing a sound recording does not REQUIRE you to put the sheet music in some escrow account somewhere, which is what the guy I was responding said should be done with software.
But they never agreed on what the audit meant, which makes such an audit useless. Even after the whole thing was done and an independent party did another audit they had to apply various scenarios to figure out what the outcome was.
Ha ha! That is a good one. Seems to me that about 12 years ago there was a hotly contested race down south somewhere that revolved entirely around paper ballots.
Yes, I am aware of that. What I am saying is that if some company develops a piece of software in-house, and does not release that source code, it is a trade secret. That is their prerogative. Requiring them to 'deposit' the source code somewhere so that it becomes public domain is just silly, nobody is required to release their trade secret into the public domain. We don't require authors to 'deposit' an ascii text file of their manuscript somewhere so we can easily modify it when copyright expires. We don't require movie studios to 'deposit' the set blueprints, costume patterns, scripts, lighting direction, etc somewhere so we can easily recreate the movie when copyright expires. We don't require musicians to 'deposit' the exact score, recording levels, mixing instructions, etc so we can easily recreate that when copyright expires. Why should software be any different?
So, in other words, it is not in there anywhere. You just made it up.
The reason you are allowed to film (some) public servants in the course of their public duty is because they are, you know, IN PUBLIC, and there is no law that says you can't, not because of some supposed Constitutional protection. Try to intercept all of the internal email from some government department, or install a bug in their offices, and see what 'Constitutional protection' you have.
Communications between ANY two parties are, by default, private. You don't magically lose your right to privacy just because you happen to work for the government. There may be perfectly valid reasons to break that privacy sometimes (either by consent of the parties, by law, or by due process), but the default is privacy.
Bullshit. Source code is a trade secret, and nobody is 'entitled' to those. The only legitimate reason for requiring a 'deposit' (escrow) of source code is that you are so dependent on it that it would cause you irreparable harm if it were no longer available. And in that case, you can get the software put in escrow, but it is going to cost you a fortune. Games sure as hell don't qualify for escrow.
Be serious. Why would IBM (or any sane company) go through all that trouble just to breach a contract, when said breach gains them nothing at all?
Did you ever hear of the SCO vs IBM case? Did you notice how hard IBM fought that? Did you think they spent all that money just to support Linux and FOSS? No, they spent all that money because they were protecting their name and reputation against some very serious charges (breach of contract and copyright infringement). They are not about to go do some stupid scheme just to commit those very same offenses.
Where, exactly, in the Constitution does it say anything about internal State Department documents being open? Where does it say anything must be open (published) except for Congressional proceedings, Congressional votes, and the budget? And even in the case of Congressional proceedings the exact text is:
Each House shall keep a Journal of its Proceedings, and from time to time publish the same, excepting such Parts as may in their Judgment require Secrecy; and the Yeas and Nays of the Members of either House on any question shall, at the Desire of one fifth of those Present, be entered on the Journal.
Diplomatic cables ARE private communication, dumbass. They are why the whole concept of 'diplomatic pouches' exists. They are NOT 'a reflection upon our nation as a whole' until some ACTION is taken. The only time they become a 'reflection upon our nation as a whole' is when some jackass leaks those private communications.
'The People' you are referring to are specifically 'the people of the USA'. The other 96% of the world's population does not need or have a right to know anything about what the government of the US is thinking or doing.
It is just as stupid to make that comment about the government as it is for the government (or anyone else) to claim that anything you want to keep secret implies wrongdoing. Keeping stuff secret means that there is at least one person on the planet to you do not wish to have that information. And since you can't tell 300 million people something and not have that one person find out, you don't tell anybody. Perfectly normal practice followed by every individual, organization, company, and government that exists.
Except that most of the leaked stuff wasn't about anybody DOING anything. It was about people THINKING things. If, for example, a diplomat is asked what his opinion of someone he is negotiating with is, he better be able to privately and honestly say 'I don't really trust the guy - I think he is lying'. If everything every government employee or official thinks is going to be public information, that is going to lead to nothing except 'toeing the party line' or remaining quiet. And that is just bad for everyone.
Yeah, that 'System Requirements' thing (right on the box, and also on their web page) totally doesn't say anything about requiring Windows. Oh wait, it does. While you're at it, why don't you also start a class action suit against them for not doing your taxes - they don't give any warning about their failure to do that either.
You do realize that there are differences between places, right? The challenges and costs associated with burying a cable in a flat location with sandy ground are going to be considerably different than those associated with burying a cable in mountainous area made of granite.
More importantly, you do realize that there is enormous difference between doing work in an area where there is currently nothing and retrofitting an existing area, right? Yes, if you are building a NEW area you can just dig away, bury your cables, and lay the new road over it. Easy and cheap. Now do that in an existing area. First, you need to map out where every gas line, water pipe, sanitary sewer, and storm sewer already are. Then, you need to dig very carefully, often by hand, around all that existing stuff. Then you put in your tunnel or conduit, again avoiding all the existing stuff. Then you cover it all back up, and repave the road you destroyed.
You think $1.6M a mile is expensive? The third NYC water tunnel is costing $100M/mile. Near me is a city street with a sinkhole because of a collapsing storm sewer. Estimated cost to repair one tenth of a mile of the storm sewer is $2M.
I'm sure if you can do it for under $1.2M/mile the power companies will be more than happy to hire you.
And lastly, no, it is just 'moving a cable'. The cable is currently 15 feet above ground. Moving it means digging a trench (and repairing the subsequent damage), putting a hole in the foundation for the wire to pass through, doing proper bonding, etc. $2K is not at all out of line. I don't know where you got the idea that the power company is responsible for wiring to your house, they aren't. They do the actual work, you pay for it.
First of all, the current outages are not in the northeast, they are in the mid-Atlantic region. Having said that, we did have some problems up here in the northeast last year, from Irene and from an early blizzard (while the trees still had leaves).
So, exactly how bad is the situation up here? According to the local utility, when there are no major storms the reliability of their service is 99.96%. When there are major storms (which is where buried utilities would help), the reliability plummets - all the way down to 99.92%.
So, how much would it cost to bury the lines to gain back that 0.04%? According to the utility, burying a mile of distribution line costs $1.6M (times 7300 miles = $12B), and burying a mile of transmission line costs $7M (times 600 miles = $4.2B). Add in another $530M to remove the existing above-ground stuff, and another $1.3B to install ground-mounted transformers (on private property) and equipment. Total cost to the utility, $18B. That would require a permanent annual revenue increase of $3.24B per year, or $10,000 PER CUSTOMER EVERY YEAR. In addition, each customer would be required to spend about $2K to have an electrician install the new underground service to their house.
The thing is based on the concept of trust. There are two different users of the 'trust' in a system like this.
The first user of 'trust' is the owner of the machine trusting that his software has not been modified. UEFI/SecureBoot helps with this by making sure that the thing being booted has been properly signed by someone you trust. It can further help out by stopping the boot process and alerting the user when the thing being booted differs from the last thing that was booted. So, even if you trust Canonical, if someone managed to slip a Canonical-signed boot loader on your system you can still be alerted to the change.
However, the trust that you can have that your software was not modified extends only so far as the trust is unbroken. If you install a signed bootloader that will run unsigned or invalid kernels then your trust stops at the bootloader, and you can't trust anything it loads.
The second user of 'trust' is people who have data you want to access. In that case, they can request that you system attest as to the state of the software on it. If any of the software is untrusted (by the owner of the data), they can refuse to serve the data.
People have suggested that the second case is easily worked around by installing a hypervisor and using it to boot a modified system, skipping/faking out the secure boot step. However, that fails because the remote attestation relies on data that has been correctly 'sealed' by a piece of hardware (the TPM) which itself is using a trusted key. If the UEFI/bootloader/kernel/modules/apps etc don't correctly verify the signatures of things they load, and report that status to the TPM, the correct attestation will not be received.
From what you wrote, it appears that Red Hat wants to be considered 'trusted' by owners of data, and Canonical just wants to provide a method around Secure Boot without worrying about establishing trust.
Except it isn' 'Microsoft's secure-boot solution', it is the Trusted Computing Groups secure-boot solution. Microsoft is a 'promote'r of TCG, but so is AMD, Intel, Cisco, IBM, HP, Fujitsu, Juniper, Infineon, Wave, and Lenovo. Move down into the 'Contributor' category and you add dozens more companies, including Red Hat, Accenture, AMI, Dell, Freescale, Toyota, Hitachi, General Dynamics, Sony, Seagate, Western Digital, etc.
Surely you don't think that all those companies are interested in Trusted Computing just because Microsoft is insisting on it, do you? They are interested because either they or their customers have real world problems with sensitive data leakage, regulatory compliance, etc.
Secure boot is just one little link in the chain of Trusted Computing. It is the first test that FOSS is facing with regard to the upcoming changes in computing. There will be many more to follow. If FOSS wants to remain relevant in the coming age where owners demand tighter control over their data they are going to have to figure out how to adapt.
Now, there is nothing that is incompatible with the ideas of 'open source' and the ideas of 'trusted computing'. Trusted computing does not require closed source or secrecy (except of course for signing keys). There is absolutely no technical reason that Red Hat, or SuSe, or Ubuntu, can't provide a 100% FOSS solution that is trusted. The only thing that could hold them back is putting ideology first.
This is why the Trusted Computing Group is careful to draw a distinction between owners and users. Owners (of machines, software, data) should have complete control. Users (of machines, software, data) should only be able to do what the owners allow, and should not be allowed to override the owner's wishes. Kind of silly to list that as a 'concern' when it is one of the major features of the whole thing.
Have you used secure boot? I have (IBM xSeries servers) and that is pretty much what they do.
I don't know what you are talking about with 'very tightly controlled keys'. The only keys that need to be tightly controlled are the ones used to sign the code, because if they are not tightly controlled you can't trust that the claimed signer is actually who signed the code. Of course, for signing to have any meaning you must be able to verify the signature so you must have a matching public key, but those are not tightly controlled at all. In fact, the problem there is how to make it EASY to add the keys. Hence, the Red Hat/Microsoft deal where Microsoft will sign anyones code for $90. Microsoft is controlling the signing key, and the matching public key will be widely distributed because of Microsoft's influence. Ubuntu is taking a different tack, opting instead to do it's own signing, and trying to get hardware manufacturers to include their public key.
The only other thing that needs to be tightly controlled is your personal database of trusted public keys. The only requirement there is that you trust the entity who's key you have to verify that the code is from who they says it is before they sign it. Those keys can come either pre-installed from sources that the manufacturer trusts (Microsoft and Ubuntu) or they can be added by the owner of the machine.
No, a hypervisor can not fake answers from the TPM. Look at the lift of companies who contributed to trusted computing. Notice how right at the top is IBM, someone with about 40 years of experience with virtualization and hypervisors. Do you really think they designed this 'trusted' model so it could be easily broken by something as trivial as a hypervisor? No. The answer to that problem is the TPM - a piece of hardware. The TPM is itself 'sealing' it's responses with encryption. You can't 'fake' a TPM, because you don't have the key that the TPM uses to seal it's responses. Therefore, any responses your hypervisor attempts to give to the process that asks for attestation will be rejected, because the response does not come from a trusted source.
Again, the ONLY keys that need to be tightly controlled are the ones used to do signing, including the one the TPM uses.
So, if someone wants to see if they 'trust' your system before giving it data, they ask you to provide attestation as to the state of your machine. You can either provide a valid answer from the TPM (which they will trust), or a spoofed answer (which will not be trusted). If you provide a valid answer, then they can see that the UEFI is good, but the bootloader, signed by Microsoft, says it is from 'cryptlizard'. End of trust.
No, that is not true. An analogy would be a notary public. You take a document to the notary, with some ID, and sign the document in front of them. They put their seal on it and say certify that it was you who signed the document. They don't care at all about what the document says, and they don't state in any way that the contents of the document are true, just that you signed it.
If you were to send a boot loader to Canonical for signing, all they are doing is saying 'Canonical says this bootloader is from cryptlizard'. Nothing says anyone else has to trust cryptlizard.
So, let's say I get Canonical to sign my malicious boot loader, and it gets installed on your machine. The first thing that ought to happen is that UEFI notices that the signature and/or signer of the bootloader is not that same as the last time it booted, and puts up a screen saying "The last time you booted 'Windows 8 from Microsoft (according to Microsoft)', was what you were running. Now, you are running 'GRUB2 from bws111 (according to Canonical).' Is this an intentional change?" That should stop a lot of malware sneaking in as a bootloader.
But what if you intentionally installed a bootloader that loads unsigned kernels so you can hack the system to remove DRM checks, etc? In that case, any upstream processes (kernel, drivers, apps, remote services) can find out that your bootloader was from cryptlizard, and assign as much (or as little) trust to that as they want.
You said 'they made $14B and laid off workers - they could have made $13B and kept the workers'. To me, that says they did not help earn the $14B, because they weren't there (if they were there they would have made $1B less). If they were there doing nothing but costing $1B, that sounds like charity to me. The other way to look at it is the workers were there when they made the $14B (which means they were paid), but they later got laid off. That may be true, but making $14B one year does not mean you are going to need the same number of workers (or make the same profit) the next year, and the mention of $13B is meaningless in that context.
No, I am not criticizing environmental laws at all, but you can't deny that they raise the cost of doing business here.
While we certainly could refuse to trade with places that don't follow our ideas of what is important, the problem is that other countries are also free to expect us to meet their idea of what is important.