Wrong. It does prevent the kinds of malware and rootkits that operate by modifying the bootloader.
1) Whatever it does, it can be nullified by malware that gains root-level access AFTER the OS has booted (which is the norm). And if the malware managed to modify the bootloader, of course it has already gained that access, hence no effective protection is added, UNLESS you are running a machine that doesn't allow unsigned software to run (EXEs, batch scripts, stuff written by the user) that could have been installed or patched by the malware. But clearly this is not Windows as we know it today.
Moreover, locking down the machine (this is the only firmware behaviour authorized by Microsoft when the so-called Secure Boot restriction is violated) is arguably the worst outcome for desktop users, as they will be left with no way to service the machine (beyond running "rescue partitions" which of course are static and therefore can't contain anti-malware software), and with no access to their data.
2) Malware that operates by modifying the boot sequence is extremely rare today, because it must target specific hardware, and is associated with government-sponsored attacks. Of course, three-letter agencies are only a piece of paper away from having their malware signed with legitimate keys.
and harmful thing
Cite specifically the "harm".
Read the thread. I'm no parrot.
Well, now it's no longer true, as widely expected by the hysterical idiots.
And being hysterical idiots you and the rest of them still haven't figured out that in fact it is still true, in fact unless some OEM makes the choice to not include the ability to turn it off it will remain true.
"Unless" is they key word here.
Describe exactly how the OEM being responsible for their product is "anti-competitive, anti-consumer and anti-free software behaviour", because that does not make any sense in any context whatsoever.
Imagine that I am an operating system vendor and I want to sell an OS. Describe exactly what I have to tell my customers before I sell them my OS.
Imagine that I know an unskilled person (grandma) running an old version of Windows that is no longer supported on an otherwise perfectly fine machine. Describe exactly what I have to tell her before I propose to install Linux, or a commercial OS costing less than the new version of Windows, on her PC.
Imagine that I am a student and I've heard about this Linux thing. I'd like to try it on my PC that I bought off a shelf a couple years ago. Describe exactly what I should do to try Linux on my machine, fix it when it doesn't work and add new features to its kernel.
Absolute, 100% rubbish! Show me an OEM that does not provide the ability to turn secure boot off.
I don't know if you're the same Microsoft supporter as before, but in case you aren't, I'll repeat that we are talking about "designed for Windows 10" machines which aren't for sale yet.
Impossible, no machine could ever be sold without the capability to boot from an external device, as this would prevent installing Microsoft Windows on it.
Wrong again, they can easily install it and then lock you out of the BIOS.
No, because that would prevent the user from buying copies of future versions of Microsoft Windows.
Bullshit. The OEMs should be held accountable if they make the choice to produce a product that doesn't allow secureboot to be turned off. Why are you so desperate to defend the OEMs as some blameless, unaccountable entity?
Because the OEMs are known not to care about letting the users fiddle with advanced boot options. They are also known to make firmware that, for example, will crash the machine from SMM when running a non-Windows OS: I've owned such PCs (that bug was meant to be a fix to make Windows 2000 run on that hardware). If the machines they make don't boot Linux, it's because they don't care, or haven't the resources to support Linux, not because of malice. But it's Microsoft who put these hurdles for them (and the users) to overcome. It's their decision that will lock people out of their own PCs, not the disinterest of the OEMs, which has always been there and is not changing.
Do you also blame Google for not forcing everybody who makes Android devices to provide an unlocked bootloader and root-level access on phones?
Yes of course. That's where I usually lose most of my karma points.
can you give a non-malicious explanation about why the requirement of being able to disable the so-called Secure Boot is being lifted now?
Less overhead in the certification process perhaps
You've just admitted that there's "overhead" in the overall process of the OEM to add an option that disables the so-called Secure Boot. Hence, OEMs that want to get rid of this "overhead" WILL remove the option. Thanks for proving my point.
but likely pushed by the OEMs as a way to try and sell both their Windows and Linux offerings separately rather than just one and have the user dual-boot it.
That is, to keep Linux out of of the users' PC as I've been stating from the beginning!
If MS wanted to stop Linux they would be offering huge discounts to OEMs to not ship Linux (and Android) devices and to only ship Windows.
In recent years despite Linux on the desktop being offered pre-installed from big box retailers, available in the form of ChromeOS, available pre-installed systems from Dell, HP, Lenovo and others, free of charge, easy to install and even with the ability to try *without* installing the desktop PC userbase has *still* rejected it, it hasnt made any gains at all.
I'm not denying that Linux users are a minority. I'm stating that they risk to become zero thanks to these dirty tricks. And this will harm the market of Linux on the servers, too, because of the way how people become Linux contributors. And I'm stating this in a comment which, if you bother to read, was meant as a response to someone who said "Microsoft supports Linux now".
If they really wanted to lock out alternative operating systems they would have done it decades ago when they actually saw Linux on the desktop as a threat.
A statement is true when it's always true, not when it's true sometimes and sometimes not. You didn't even bother following the line of reasoning.
Microsoft supporter: "SecureBoot is useful and gives no problem to the user"
Me: "No, it's unuseful and here's how it harms the user"
Microsoft supporter: "Eh, but you can always turn it off"
Me: "Not anymore."
That's not true any more. That's the news. People will install Linux on their laptops, find out that hibernation isn't working because of the so-called Secure Boot restrictions, get angry, and just give up Linux and go back to Windows and its world of post-boot malware.
That is the OEMs choice, just like is their choice whether to even give you access to the BIOS.
Impossible, no machine could ever be sold without the capability to boot from an external device, as this would prevent installing Microsoft Windows on it.
We've seen the same thing with default BIOS passwords before too, the hysterical idiots crying "what if the OEMs dont tell us the passwords?!".
Actually, what we have seen is that people saw the so-called Secure Boot as the unuseful and harmful thing that it is, and a limited number of Microsoft supporters labeled them as hysterical idiots pointing at the fact that it could always be disabled. Well, now it's no longer true, as widely expected by the hysterical idiots.
Blaming Microsoft when the onus is on the OEM is obvious stupidity or intentional malicious misdirection.
Leaving aside the fact that "leaving the onus on the OEM" already is an anti-competitive, anti-consumer and anti-free software behaviour, since you are less malicious than me, can you give a non-malicious explanation about why the requirement of being able to disable the so-called Secure Boot is being lifted now? What problem are MS trying to solve? The rising wave of hypno-malware that induces users to enter the firmware setup utility on their machines and disable boot restrictions?
What happens when your PC is restricted by the so-called Secure Boot scheme is well known. The problem we're discussing here is the potential impossibility to disable it induced by Microsoft into future computers.
Certainly I can't tell you about specific negative effects from the so-called Secure Boot, since the lack of a way to disable it is a proposed feature of Windows 10 which, as you certainly know, hasn't hit the markets yet. I could tell you about the large amounts of malware that I have had to remove so far from Windows 8.1 update 1 machines notwithstanding their so-called Secure Boot feature in place, but I suspect that wouldn't be the kind of story that you want to hear. As for pointing fingers, when somebody gets eaten by a lion, I don't point the finger to the lion, but to the person who opened its cage. Bear with me.
What's my complaint, you ask. My complaint, I'm sorry if it wasn't clear, is not being able to install the software that I want on the PC that I own. Everyone around here has understood perfectly what's going on: the so-called Secure Boot adds no security on a system where the user is able to install third-party software (or his own) and therefore it is merely an obstacle put in place by Microsoft (not the UEFI forum, not the OEMs, not anyone else) to make it harder for end users to replace Windows with something else. Being upset for this is not an "emotional problem against Microsoft", it is a very pragmatic stance. If anything, if you want to see something emotional, it's calling a company which behaves this way as "the new Microsoft that supports Linux", which is the reason I bothered to write my original comment. And that's, of course, a perfectly acceptable emotional behaviour; we'd be robots without emotions. A less laudable kind of emotional behaviour is making personal attacks about the richness of my vocabulary. Yes, my English skills are limited. But being able to master a wider portion of the English language won't help me when I get a blinking cursor because I tried to remove Windows, or because a malware has modified some image measured by the so-called Secure Boot infrastructure.
If I buy hardware with so-called SecureBoot, in any form, it's because Microsoft forced the OEM to implement it. Don't make it look like Secure Boot was a misfortune fallen from the sky.
This is unacceptable for so many reasons, do I really need to enumerate them all, once again? We've already gone through this when the "new" Microsoft forced on the OEMs (and therefore the users) the so-called Secure Boot restriction for Windows 8; back then all Microsoft supporters claimed that it wasn't a big deal precisely because there was the warranty of being able to disable it.
Of misdirected, here, is your failure to comprehend the implications of removing in general the ability to install an operating system other than Windows on the PC architecture. For competition in general, and in particular for an operating system which is developed by end users who install it on their home PCs.
Unions lobby the government to make them pass laws that make your work life more enjoyable even if you don't belong to one. This is needed to counter balance the lobbying power of the employers. For example, if fire breaks out at the place where you work, most probably you'll find fire extinguishers and emergency exits, and this fact is not due to your employer's benevolence or your professionality: your employer would be compelled by market forces to make you work in a dangerous place, if there weren't laws in place preventing malevolent employers from competing with him.
I'm not impoverished, despite you saying I should be without a union...
The use of "was" as in past tense and "was" as in the subjunctive are actually in mutually exclusive use. That's why English even bothered to lose the subjunctive in the first place.
Hello, English learner here, what about the case of a sentence that *was* true in the past (not "might have been true" as the GP suggests)?
"If I was fooled, that's because I wasn't careful enough."
That is the language that most of the world learns as english, not "british" english.
Actually, in Europe (at least where I live) we do study British English in schools. But then people learn American English because of America's cultural supremacy.
The interesting part is not so much that they're no longer fixing bugs in Windows Server 2003, but rather the reason why they aren't:
Although Windows Server 2003 is an affected product, Microsoft is not issuing an update for it because the comprehensive architectural changes required would jeopardize system stability and cause application compatibility problems.
In practice they're admitting that Windows 2003 is so broken by design that not even them can fix it without causing problems. I'd like to hear now the opinion of those who were lamenting over the quality of open source software after the heartbleed bug.
One does not have an inherent right to the work of someone else. Such a right only exists when it is contractually forced by an agreement such as the GPL.
Indeed, that's the point. That's one thing the developer loses when he choses a BSD license over a copyleft one (not just the GPL).
No, it is not a loss. It is simply coveting something one does not have. If you want to say it it unfair, sure, but a loss, no, not all.
Isn't it correct to call "a loss" something that you can have, and then at some point you can no longer have? I get quite a lot of hits on Google for that usage: https://www.google.com/search?...
The point is that with the GPL they cannot commercially fork code written by me. Of course they can do whatever they want with their own code.
They absolutely can use GPL code commercially. Commercial use does nor require distribution to external users. Commercial use simply means they make money off your work, and this is perfectly allowable under the GPL.
use != fork
You forget the pesky little detail that I mentioned that users are under no obligation to use a proprietary BSD fork rather than the community version. They can stick with the community and have no such fear, use FreeBSD rather than Mac OS X for example.
Another loss for the user. With the GPL, I have the freedom to choose the products that I like. With the BSD license, I have to take what the community gives me. And today this means that I might even not have the ability to run the free version of the software on my machine, because its manufacturers might decide (and they usually do) that it's not worth the hassle for them to release the source code of some machine-specific software that is required to use even the community version of the product.
Its also a humorous example given the fact that Android phones with their GPL based Linux host are not getting critical patches.
Quite the opposite. Since Linux is GPL, and only because of that, at least Android phone owners can install a community-driven distribution on their phones. That's because the hardware manufacturers have to release both the kernel and the drivers. For the userspace parts, which fall under different licenses, they don't bother - and that's an endless source of problems for the users.
To make a concrete example, try asking Sony about the source code for the GPL kernel of an Xperia phone. They'll give it. Try asking them about the source code for the BSD kernel of the Playstation 3 and see what happens;-).
Yes you mentioned GPLv3 but that was a crude attempt to manufacture a hypothetical, the reality is that Linux is what most devices will be based upon and Linux is inherently GPLv2 and will not be changing.
Are you trying to make the point that the GPLv3 is better than the GPLv2? You're bashing an open door, as I strongly agree with that.
A straw man. No where was your property, the community BSD code, at risk of loss. Only the commercial fork's code, and that code is not yours, it is someone else's property.
We're talking about the mere "forced benevolence is not freedom" statement here. Do you think that the laws that force people not to rob my house give me freedom, or not?
You are under no obligation to use commercial forks. Again, you may stay with FreeBSD and not run Mac OS X. Nothing Mac OS X does or adds takes away from anyone who wishes to use FreeBSD.
Of course I have no obligation to use commercial forks, it's a freedom of choice that I have. Then again, it might become an obligation if the machine that I can buy only runs the commercial flavour of the project. The most relevant example f
I have never used the word 'theft', with or without quotation marks. Nor I have said that extending BSD code without giving back is illegal or furtive. It's done with permission.
Albeit with different intent than commercial exploitation, you'll find that some BSD code was imported in key GNU projects, and the FSF even goes as far as to recommend using the 3-clause BSD license when the additional protection of the GPL isn't desired.
And no, BSD developers don't lose their copyright. They lose, freely, an opportunity to endow the community with the best outcome of their work, which is a fact and not a characterization of mine. If you want we can talk about my opinions on the music industry but then I think we'd be derailing the discussion.
Isn't it self-evident that this discussion is about what you lose or gain as a user and as a developer depending on whether the copyright holder choses the BSD or the GPL as a license for the code that he releases?
What rights do BSD contributors lose? All the community code exists, the community can continue without the commercial changes, the community is not required to use some commercial fork. They lose nothing if some contributor chooses not to give back.
They lose the rights to take advantage of the improvements that the commercial contributor has done to their code, while the commercial contributor does not lose the right to take advantage of the improvements that the free contributor has done. You may agree or disagree with this, but it is objectively a loss.
Furthermore, users of GPL'd code decide not to give back at times too. They can use some a commercial fork internally and benefit from community work and not give back.
The point is that with the GPL they cannot commercially fork code written by me. Of course they can do whatever they want with their own code.
Also, various commercial users of BSD code have a pretty good track record of contributing back.
This is irrelevant to the discussion. When people make laws against theft, they don't think about the fact that most people have a pretty good track record of not stealing. Laws (and contracts) must be written with the worst case in mind.
What rights do BSD users lose?
100% pragmatic example: GPLv3 bash has a serious bug (any reference to reality is purely intentional). GPLv3 users patch, recompile and they have lost no right. BSD-licensed phone firmware has a serious bug. Users lose the right to make use of the phone they bought and not be pwned by hackers while doing that.
The GPL does *not* offer greater freedom, it creates restrictions to force behaviors it believes benevolent. Forced benevolence may or may not be a good thing but it is not freedom.
I believe that my rights to own property and to live are freedom. They exists only because other people are "forced to benevolence", in particular not to steal my stuff or harm me. Try to convince me that this is not freedom.
Translated to the software world, can you argue that the ability to fix the code of a program that I use is not a freedom for me? I'm free from bugs. I'm free from hackers. I'm free to add new features. I'm free both in a practical and philosophical sense.
Later versions of the GPL cannot take away any freedom granted by an earler version, because the choice of the version is done by who redistributes the code.
The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
But serisouly GPLv3 started because of his tantrum with Tivio.
GPLv3 started because RMS saw that companies were using the GPL in a manner that was compliant to the letter but not to the spirit. Back then, the GNU haters laughed at him, as usual, because "who would want to run code on a set-top box". Nowadays, the vast majority of the end-user devices are tivoized (Android, Apple, Microsoft,...), and users can't do anything with the code that runs on them, including fixing security bugs and auditing it to find out what it does with all their personal data, let alone (God forbid!) run their own programs on it. So the introduction of the GPLv3 wasn't a whim as you are implying, it was actually sensible and farsighted.
You might have heard of some minor pieces of software that are licensed under the GPL and yet managed to attract some moderate commercial interest, such as Linux.
In fact, the bug had already been audited and fixed, almost two years ago, when the security researchers found a way to exploit it. From TFA:
We identified a number of factors that mitigate the impact of this
bug. In particular, we discovered that it was fixed on May 21, 2013
(between the releases of glibc-2.17 and glibc-2.18)
Current glibc release is 2.20. That's three relases without the bug already.
OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.
We have GnuTLS which is only one year younger than OpenSSL, has a nicer API, is portable to Windows, has a better track record with regard to binary compatibility, a better build system, and can be used by commercial software (it’s LGPLv2.1). Comparison of features with other SSL libraries.
A large percentage works just fine even with holes, and with greater performance and less overhead.
You need benchmarks to prove such blanket statements. In my experience, Java code usually isn't far from C++ performance and it's actually faster when we're talking about high level "glue" code. It vastly outperforms C in string handling, because C's standard string routines are awful not only to the programmer, but to the processor, too. And then again, for maximum performance there's FORTRAN.
Today, we know it's possible to make a shitpile with any tool, leaving java and other runtimes to sacrifice much of the potential for lean, high performance software for small gains in security (the latter with a growing list of caveats).
Do you know any example of stack smashing, buffer overflows, invalid pointer dereference, malloc failures, code overwriting done by a program written in pure Java? They're the stuff that hackers love. They happen automatically in C: any code you write causes them by default, and you need to be very clever, to have complete information about the machine state after every instruction (which is usually impossible), to have platform-specific tool support (relro, noexecstack, ASLR,...) in order to avoid or prevent them. In Java, they just don't happen, barring bugs in the JVM, which are akin to bugs in the runtime library of any compiled language of your choice. If this isn't an improvement...
It also doesn't help that java comes with a browser plugin that opens a complete runtime environment to drivebys. Microsoft abandoned activex for this reason.
To be honest, the runtime environment for applets was supposed to be restricted (it's not the same runtime environment that Java applications see). It's the same mechanism that post-HTML5 Javascript has, except that at least we can disable (or better delete) the awful Java plugin, while we can't do the same for the browsers' Javascript support.
Slashdot Mirror
Wrong. It does prevent the kinds of malware and rootkits that operate by modifying the bootloader.
1) Whatever it does, it can be nullified by malware that gains root-level access AFTER the OS has booted (which is the norm). And if the malware managed to modify the bootloader, of course it has already gained that access, hence no effective protection is added, UNLESS you are running a machine that doesn't allow unsigned software to run (EXEs, batch scripts, stuff written by the user) that could have been installed or patched by the malware. But clearly this is not Windows as we know it today.
Moreover, locking down the machine (this is the only firmware behaviour authorized by Microsoft when the so-called Secure Boot restriction is violated) is arguably the worst outcome for desktop users, as they will be left with no way to service the machine (beyond running "rescue partitions" which of course are static and therefore can't contain anti-malware software), and with no access to their data.
2) Malware that operates by modifying the boot sequence is extremely rare today, because it must target specific hardware, and is associated with government-sponsored attacks. Of course, three-letter agencies are only a piece of paper away from having their malware signed with legitimate keys.
and harmful thing
Cite specifically the "harm".
Read the thread. I'm no parrot.
Well, now it's no longer true, as widely expected by the hysterical idiots.
And being hysterical idiots you and the rest of them still haven't figured out that in fact it is still true, in fact unless some OEM makes the choice to not include the ability to turn it off it will remain true.
"Unless" is they key word here.
Describe exactly how the OEM being responsible for their product is "anti-competitive, anti-consumer and anti-free software behaviour", because that does not make any sense in any context whatsoever.
Imagine that I am an operating system vendor and I want to sell an OS. Describe exactly what I have to tell my customers before I sell them my OS.
Imagine that I know an unskilled person (grandma) running an old version of Windows that is no longer supported on an otherwise perfectly fine machine. Describe exactly what I have to tell her before I propose to install Linux, or a commercial OS costing less than the new version of Windows, on her PC.
Imagine that I am a student and I've heard about this Linux thing. I'd like to try it on my PC that I bought off a shelf a couple years ago. Describe exactly what I should do to try Linux on my machine, fix it when it doesn't work and add new features to its kernel.
Absolute, 100% rubbish! Show me an OEM that does not provide the ability to turn secure boot off.
I don't know if you're the same Microsoft supporter as before, but in case you aren't, I'll repeat that we are talking about "designed for Windows 10" machines which aren't for sale yet.
Impossible, no machine could ever be sold without the capability to boot from an external device, as this would prevent installing Microsoft Windows on it.
Wrong again, they can easily install it and then lock you out of the BIOS.
No, because that would prevent the user from buying copies of future versions of Microsoft Windows.
Bullshit. The OEMs should be held accountable if they make the choice to produce a product that doesn't allow secureboot to be turned off. Why are you so desperate to defend the OEMs as some blameless, unaccountable entity?
Because the OEMs are known not to care about letting the users fiddle with advanced boot options. They are also known to make firmware that, for example, will crash the machine from SMM when running a non-Windows OS: I've owned such PCs (that bug was meant to be a fix to make Windows 2000 run on that hardware). If the machines they make don't boot Linux, it's because they don't care, or haven't the resources to support Linux, not because of malice. But it's Microsoft who put these hurdles for them (and the users) to overcome. It's their decision that will lock people out of their own PCs, not the disinterest of the OEMs, which has always been there and is not changing.
Do you also blame Google for not forcing everybody who makes Android devices to provide an unlocked bootloader and root-level access on phones?
Yes of course. That's where I usually lose most of my karma points.
can you give a non-malicious explanation about why the requirement of being able to disable the so-called Secure Boot is being lifted now?
Less overhead in the certification process perhaps
You've just admitted that there's "overhead" in the overall process of the OEM to add an option that disables the so-called Secure Boot. Hence, OEMs that want to get rid of this "overhead" WILL remove the option. Thanks for proving my point.
but likely pushed by the OEMs as a way to try and sell both their Windows and Linux offerings separately rather than just one and have the user dual-boot it.
That is, to keep Linux out of of the users' PC as I've been stating from the beginning!
If MS wanted to stop Linux they would be offering huge discounts to OEMs to not ship Linux (and Android) devices and to only ship Windows.
My friend, in this world pressures against OEMs are the norm, not an exception.
In recent years despite Linux on the desktop being offered pre-installed from big box retailers, available in the form of ChromeOS, available pre-installed systems from Dell, HP, Lenovo and others, free of charge, easy to install and even with the ability to try *without* installing the desktop PC userbase has *still* rejected it, it hasnt made any gains at all.
I'm not denying that Linux users are a minority. I'm stating that they risk to become zero thanks to these dirty tricks. And this will harm the market of Linux on the servers, too, because of the way how people become Linux contributors. And I'm stating this in a comment which, if you bother to read, was meant as a response to someone who said "Microsoft supports Linux now".
If they really wanted to lock out alternative operating systems they would have done it decades ago when they actually saw Linux on the desktop as a threat.
They have been doing stuff like this endlessly for decades. Remember Bill Gates' "we should make ACPI Windows-only" in the 90s?
A statement is true when it's always true, not when it's true sometimes and sometimes not. You didn't even bother following the line of reasoning.
Microsoft supporter: "SecureBoot is useful and gives no problem to the user"
Me: "No, it's unuseful and here's how it harms the user"
Microsoft supporter: "Eh, but you can always turn it off"
Me: "Not anymore."
And the OEMs provide a switch to turn it off.
That's not true any more. That's the news. People will install Linux on their laptops, find out that hibernation isn't working because of the so-called Secure Boot restrictions, get angry, and just give up Linux and go back to Windows and its world of post-boot malware.
That is the OEMs choice, just like is their choice whether to even give you access to the BIOS.
Impossible, no machine could ever be sold without the capability to boot from an external device, as this would prevent installing Microsoft Windows on it.
We've seen the same thing with default BIOS passwords before too, the hysterical idiots crying "what if the OEMs dont tell us the passwords?!".
Actually, what we have seen is that people saw the so-called Secure Boot as the unuseful and harmful thing that it is, and a limited number of Microsoft supporters labeled them as hysterical idiots pointing at the fact that it could always be disabled. Well, now it's no longer true, as widely expected by the hysterical idiots.
Blaming Microsoft when the onus is on the OEM is obvious stupidity or intentional malicious misdirection.
Leaving aside the fact that "leaving the onus on the OEM" already is an anti-competitive, anti-consumer and anti-free software behaviour, since you are less malicious than me, can you give a non-malicious explanation about why the requirement of being able to disable the so-called Secure Boot is being lifted now? What problem are MS trying to solve? The rising wave of hypno-malware that induces users to enter the firmware setup utility on their machines and disable boot restrictions?
What happens when your PC is restricted by the so-called Secure Boot scheme is well known. The problem we're discussing here is the potential impossibility to disable it induced by Microsoft into future computers.
What's my complaint, you ask. My complaint, I'm sorry if it wasn't clear, is not being able to install the software that I want on the PC that I own. Everyone around here has understood perfectly what's going on: the so-called Secure Boot adds no security on a system where the user is able to install third-party software (or his own) and therefore it is merely an obstacle put in place by Microsoft (not the UEFI forum, not the OEMs, not anyone else) to make it harder for end users to replace Windows with something else. Being upset for this is not an "emotional problem against Microsoft", it is a very pragmatic stance. If anything, if you want to see something emotional, it's calling a company which behaves this way as "the new Microsoft that supports Linux", which is the reason I bothered to write my original comment. And that's, of course, a perfectly acceptable emotional behaviour; we'd be robots without emotions. A less laudable kind of emotional behaviour is making personal attacks about the richness of my vocabulary. Yes, my English skills are limited. But being able to master a wider portion of the English language won't help me when I get a blinking cursor because I tried to remove Windows, or because a malware has modified some image measured by the so-called Secure Boot infrastructure.
If I buy hardware with so-called SecureBoot, in any form, it's because Microsoft forced the OEM to implement it. Don't make it look like Secure Boot was a misfortune fallen from the sky.
This is unacceptable for so many reasons, do I really need to enumerate them all, once again? We've already gone through this when the "new" Microsoft forced on the OEMs (and therefore the users) the so-called Secure Boot restriction for Windows 8; back then all Microsoft supporters claimed that it wasn't a big deal precisely because there was the warranty of being able to disable it.
They are removing from users the choice of installing an operating system other than Windows on their hardware of choice.
Of misdirected, here, is your failure to comprehend the implications of removing in general the ability to install an operating system other than Windows on the PC architecture. For competition in general, and in particular for an operating system which is developed by end users who install it on their home PCs.
VS 2015 supports android and linux development with cordova. No really you did not miss read that. I like this newer Microsoft
The all new Microsoft that, as expected, is conspiring to lock Linux out of people's computers by means of the so-called SecureBoot?
Why do I need a union?
Unions lobby the government to make them pass laws that make your work life more enjoyable even if you don't belong to one. This is needed to counter balance the lobbying power of the employers. For example, if fire breaks out at the place where you work, most probably you'll find fire extinguishers and emergency exits, and this fact is not due to your employer's benevolence or your professionality: your employer would be compelled by market forces to make you work in a dangerous place, if there weren't laws in place preventing malevolent employers from competing with him.
I'm not impoverished, despite you saying I should be without a union...
You don't need to be a communist to actually believe in the role of unions: the IMF, certainly not a lair of leftists, found out that inequality and poverty rise when the power of unions falls.
The use of "was" as in past tense and "was" as in the subjunctive are actually in mutually exclusive use. That's why English even bothered to lose the subjunctive in the first place.
Hello, English learner here, what about the case of a sentence that *was* true in the past (not "might have been true" as the GP suggests)?
"If I was fooled, that's because I wasn't careful enough."
"If I were fooled, I'd be sorry now."
That is the language that most of the world learns as english, not "british" english.
Actually, in Europe (at least where I live) we do study British English in schools. But then people learn American English because of America's cultural supremacy.
In practice they're admitting that Windows 2003 is so broken by design that not even them can fix it without causing problems. I'd like to hear now the opinion of those who were lamenting over the quality of open source software after the heartbleed bug.
...unless you get a single binary which is 100 times more complex than a shell script.
One does not have an inherent right to the work of someone else. Such a right only exists when it is contractually forced by an agreement such as the GPL.
Indeed, that's the point. That's one thing the developer loses when he choses a BSD license over a copyleft one (not just the GPL).
No, it is not a loss. It is simply coveting something one does not have. If you want to say it it unfair, sure, but a loss, no, not all.
Isn't it correct to call "a loss" something that you can have, and then at some point you can no longer have? I get quite a lot of hits on Google for that usage: https://www.google.com/search?...
The point is that with the GPL they cannot commercially fork code written by me. Of course they can do whatever they want with their own code.
They absolutely can use GPL code commercially. Commercial use does nor require distribution to external users. Commercial use simply means they make money off your work, and this is perfectly allowable under the GPL.
use != fork
You forget the pesky little detail that I mentioned that users are under no obligation to use a proprietary BSD fork rather than the community version. They can stick with the community and have no such fear, use FreeBSD rather than Mac OS X for example.
Another loss for the user. With the GPL, I have the freedom to choose the products that I like. With the BSD license, I have to take what the community gives me. And today this means that I might even not have the ability to run the free version of the software on my machine, because its manufacturers might decide (and they usually do) that it's not worth the hassle for them to release the source code of some machine-specific software that is required to use even the community version of the product.
Its also a humorous example given the fact that Android phones with their GPL based Linux host are not getting critical patches.
Quite the opposite. Since Linux is GPL, and only because of that, at least Android phone owners can install a community-driven distribution on their phones. That's because the hardware manufacturers have to release both the kernel and the drivers. For the userspace parts, which fall under different licenses, they don't bother - and that's an endless source of problems for the users.
To make a concrete example, try asking Sony about the source code for the GPL kernel of an Xperia phone. They'll give it. Try asking them about the source code for the BSD kernel of the Playstation 3 and see what happens ;-) .
Yes you mentioned GPLv3 but that was a crude attempt to manufacture a hypothetical, the reality is that Linux is what most devices will be based upon and Linux is inherently GPLv2 and will not be changing.
Are you trying to make the point that the GPLv3 is better than the GPLv2? You're bashing an open door, as I strongly agree with that.
A straw man. No where was your property, the community BSD code, at risk of loss. Only the commercial fork's code, and that code is not yours, it is someone else's property.
We're talking about the mere "forced benevolence is not freedom" statement here. Do you think that the laws that force people not to rob my house give me freedom, or not?
You are under no obligation to use commercial forks. Again, you may stay with FreeBSD and not run Mac OS X. Nothing Mac OS X does or adds takes away from anyone who wishes to use FreeBSD.
Of course I have no obligation to use commercial forks, it's a freedom of choice that I have. Then again, it might become an obligation if the machine that I can buy only runs the commercial flavour of the project. The most relevant example f
Albeit with different intent than commercial exploitation, you'll find that some BSD code was imported in key GNU projects, and the FSF even goes as far as to recommend using the 3-clause BSD license when the additional protection of the GPL isn't desired.
And no, BSD developers don't lose their copyright. They lose, freely, an opportunity to endow the community with the best outcome of their work, which is a fact and not a characterization of mine. If you want we can talk about my opinions on the music industry but then I think we'd be derailing the discussion.
Isn't it self-evident that this discussion is about what you lose or gain as a user and as a developer depending on whether the copyright holder choses the BSD or the GPL as a license for the code that he releases?
What rights do BSD contributors lose? All the community code exists, the community can continue without the commercial changes, the community is not required to use some commercial fork. They lose nothing if some contributor chooses not to give back.
They lose the rights to take advantage of the improvements that the commercial contributor has done to their code, while the commercial contributor does not lose the right to take advantage of the improvements that the free contributor has done. You may agree or disagree with this, but it is objectively a loss.
Furthermore, users of GPL'd code decide not to give back at times too. They can use some a commercial fork internally and benefit from community work and not give back.
The point is that with the GPL they cannot commercially fork code written by me. Of course they can do whatever they want with their own code.
Also, various commercial users of BSD code have a pretty good track record of contributing back.
This is irrelevant to the discussion. When people make laws against theft, they don't think about the fact that most people have a pretty good track record of not stealing. Laws (and contracts) must be written with the worst case in mind.
What rights do BSD users lose?
100% pragmatic example: GPLv3 bash has a serious bug (any reference to reality is purely intentional). GPLv3 users patch, recompile and they have lost no right. BSD-licensed phone firmware has a serious bug. Users lose the right to make use of the phone they bought and not be pwned by hackers while doing that.
The GPL does *not* offer greater freedom, it creates restrictions to force behaviors it believes benevolent. Forced benevolence may or may not be a good thing but it is not freedom.
I believe that my rights to own property and to live are freedom. They exists only because other people are "forced to benevolence", in particular not to steal my stuff or harm me. Try to convince me that this is not freedom.
Translated to the software world, can you argue that the ability to fix the code of a program that I use is not a freedom for me? I'm free from bugs. I'm free from hackers. I'm free to add new features. I'm free both in a practical and philosophical sense.
GPLv3 started because RMS saw that companies were using the GPL in a manner that was compliant to the letter but not to the spirit. Back then, the GNU haters laughed at him, as usual, because "who would want to run code on a set-top box". Nowadays, the vast majority of the end-user devices are tivoized (Android, Apple, Microsoft, ...), and users can't do anything with the code that runs on them, including fixing security bugs and auditing it to find out what it does with all their personal data, let alone (God forbid!) run their own programs on it. So the introduction of the GPLv3 wasn't a whim as you are implying, it was actually sensible and farsighted.
And MySQL, GCC, busybox, blender, ...
Current glibc release is 2.20. That's three relases without the bug already.
Nothing to see here, move along.
OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.
We have GnuTLS which is only one year younger than OpenSSL, has a nicer API, is portable to Windows, has a better track record with regard to binary compatibility, a better build system, and can be used by commercial software (it’s LGPLv2.1). Comparison of features with other SSL libraries.
A large percentage works just fine even with holes, and with greater performance and less overhead.
You need benchmarks to prove such blanket statements. In my experience, Java code usually isn't far from C++ performance and it's actually faster when we're talking about high level "glue" code. It vastly outperforms C in string handling, because C's standard string routines are awful not only to the programmer, but to the processor, too. And then again, for maximum performance there's FORTRAN.
Today, we know it's possible to make a shitpile with any tool, leaving java and other runtimes to sacrifice much of the potential for lean, high performance software for small gains in security (the latter with a growing list of caveats).
Do you know any example of stack smashing, buffer overflows, invalid pointer dereference, malloc failures, code overwriting done by a program written in pure Java? They're the stuff that hackers love. They happen automatically in C: any code you write causes them by default, and you need to be very clever, to have complete information about the machine state after every instruction (which is usually impossible), to have platform-specific tool support (relro, noexecstack, ASLR, ...) in order to avoid or prevent them. In Java, they just don't happen, barring bugs in the JVM, which are akin to bugs in the runtime library of any compiled language of your choice. If this isn't an improvement...
It also doesn't help that java comes with a browser plugin that opens a complete runtime environment to drivebys. Microsoft abandoned activex for this reason.
To be honest, the runtime environment for applets was supposed to be restricted (it's not the same runtime environment that Java applications see). It's the same mechanism that post-HTML5 Javascript has, except that at least we can disable (or better delete) the awful Java plugin, while we can't do the same for the browsers' Javascript support.