I kinda agree, but from some answers here I'm starting to think that what should've been there from the beginning isn't a shim, but an alternate root signer / signing infrastructure not controlled by Microsoft. Some key Linux players were offered the chance to maintain this, but they declined. The technology launched with just one signer, and thus this confusion began, where everyone and their dog think that because every x86 mobo comes with MS keys, and the only signer is MS, then UEFI == MS. Which is not.
If the EFF/FSF/LF or for the matter (least preferably) Red Hat or Canonical would support a keysigning infrastructure, things would be more balanced, but they would have to divert their resources to do that, and be accountable for the binaries they sign. Instead they willingly choose to let Microsoft to be the one signer around.
Regarding ARM, it sucks, but it's exactly the same any other ARM player has done, and subject to the same circumstances.
No you don't understand. Microsoft isn't administering UEFI, they happen to be the only root signer *for now* because for some reason Red Hat and other who were offered to be root signers too *declined the offer*.
So do everyone a favor and please inform yourself before posting, particularly before posting that you are informed.
If what you say is true, it would certainly complete the picture.
It still wouldn't mean the certification is not retarded, but it would certainly show the real direction for the FLOSS communities to push for. I began instinctively taking UEFI / SB as something "bad / anti freedom" mainly because of how it was tainted by Microsoft being the only root signer available at the launch of the technology, their certification program, and the inexcusable fact that they forbid disabling SB / managing keys in the ARM platform. But also, and not the least because I completely ignored how the technology works and the background (like BMO and such show clearly here).
There's huge amounts of misinformation, as we can see in this very same thread, where sensationalistic posts like "FUCK UEFI" get all the eyes and everyone goes idiotic "ZOMG DIE MS SHILL" at the slightest attempt of analysis and information gathering that is the basis for any real solution.
All this current whinning crap won't help us to get anywhere, apart from one or two assholes thinking for a day they are raising the glorious flag of freedom. It is imperative that we start educating ourselves and reach consensus towards more robust solutions; IMO this shim is good, for now, as a temporary one. I long for a more robust and permanent solution which I now begin to think could be, like you say, in the form of a signing infrastructure maintained by some big FLOSS player, like EFF/FSF/LF, and with acceptance by the OEMs and manufacturers.
I hate this whole kerfuffle as much as everybody, but the part about not being able to load self signed keys isn't correct. You can load self-signed keys into the UEFI boot key-store right from the UEFI UI. Of course that will prevent Windows 8+ from booting, but that's another story. You can disable it altogether, with the same result.
So you can either disable secure boot or have your own chain of trust separated from Microsoft and boot other OSes. BUT if you want to boot Windows 8+ you have to enable it and use Microsoft's chain of trust, and is in THAT case, when you want to also boot other OSes you must have the other OSes bootloaders signed by Microsoft.
This shim bootloader represents a convenience to the users of that specific case (which indeed is the most common one). They have a "generic" Microsoft-signed bootloader along with some tools to extend a chain of trust from that bootloader to another one, and this second one won't have to get through the dreaded certification process (which indeed forces you to use Windows).
The problem here is NOT UEFI / SECURE BOOT. The problem is MICROSOFT CERTIFICATION PROGRAM. That's where they boicott the whole industry, and where they should be given a fight. That stupid certification process they combined with a twisted use of the new capabilities of UEFI. Make no mistakes, shouldn't UEFI exist today, they would still be looking for ways to exploit their certification program to make manufacturers do anything they want, just so they can bless them with being "Win compatible". THAT is the great lie right there, by which they have the industry inexplicably grabbed by the balls.
The solution of course would be everyone giving the finger to Microsoft on their fucking certification program, and a more open competition would arise. I very much want to see how long they last on that environment.
Is yours, or does that only apply to other people's human lives?
That applies to me and to you too.
Does that mean I won't try to survive, or expect you won't? Nope.
Does that mean that me or you dying "is a disaster" because a human life is lost? Also nope, for fucks sake.
The GPL doesn't "destroy freedom" in order to protect anything, it just protects some freedoms and forbids some other freedoms. I would never claim that is more free than the BSD license, but I *will* claim that it does a better job at protecting those four freedoms than the BSD license.
Like I said, I could care less if the BSD license is "more free" than the GPL. I don't care about "license freedom championships", I want my ability to use, see, modify and share the code legally protected, and the GPL is the better tool to enforce that.
Furthermore there isn't anything inherently wrong about either license. Both pursue different aims that's all. Which is "freer" is a purely demagical standpoint.
If you're going to pursue that course of action, then don't call it "protecting freedom". That's a simple, bald-faced lie.
After my 10th birthday I learned that the world isn't black-and-white, so of course I will call it "protecting freedom", as the GPL *does* protect freedoms.
What is a simple, bald-faced lie (and I'll repeat: "specially in the context of a society") is to correlate protection of freedoms to "allow everything". It's just not how societies work, they're all based on the premises of restrictions.
So in the end it's THIS argument who is overly idealistic, and not the GPL. Surprise surprise!
The GPL was never about free as in "*the* real, total freedom". Total absolute freedom is something humans can't even define properly, there's always some set of rules anywhere allowing people to build and maintain a society. You have to be pushing your hands firmly over your eyes to ignore that.
GPL protects *specific* freedoms, not *all* freedoms. The specific freedoms it protects are:
Freedom 0: The freedom to run the program for any purpose.
Freedom 1: The freedom to study how the program works, and change it to make it do what you wish.
Freedom 2: The freedom to redistribute copies so you can help your neighbor.
Freedom 3: The freedom to improve the program, and release your improvements (and modified versions in general) to the public, so that the whole community benefits.
Other freedoms, or "total freedom" whatever it may be, were never an aim for the GPL. Now repeat after me again:
GPL is not about "freedom in the general, ideal sense", nor it's about "totally free code". GPL its about the "four software freedoms stated by the FSF".
No Christian needs a 10TB RAID0+1 array - Jesus would use RAID6 (with a battery backed caching RAID controller)
Nope, he actually would use RAID5, and thrash the array because a) one disk totally failing on him and b) another one failing reads three times during recovery. But don't worry, somehow a three-day ddrescue would finally bring back all data (to be saved in "the cloud", of course).
So unless you code, where do you get your computer fun then? The feeling of boredom that avalanched over me as I read your post nearly kills my willing to live:(
Geeks claim to be all about change and innovation but in all honesty in many ways they're as set in their ways as anyone else.
No we don't. I use what's USEFUL, what's FLEXIBLE, what's EFFICIENT. Unity is neither of those. Had it been better than what I'm using I'd just went and used it. It's not about "being set in your way", no it's not something that childish. I have an old proverb for you to mark in your head with fire: "IF IT AIN'T BROKEN, DON'T FIX IT".
According to Geeks the window manager was perfected by Microsoft in Windows 95 and everything else has been an abomination.
They don't care what the statistics or the user testing show... they know they're right. After all it's been that way since 1994.
"Statistics and user testing" my ass. What are you some kind of marketer? Now we should be making choices because some retard did "studies" that concluded his new fly UI is "the way of the future". Oh, and I don't know where you have been since '94, but my desktop doesn't look at all like it was back then. So please feel free to cut the crap.
The reason we geeks never evolve is because we aren't willing to buy-in to the notion that there's a better way.
Speak for you. I do evolve, if you don't, shame on you. If you are willing to buy the notion that there's a better way, when that way is failing to you in your face, shame twice on you.
You have to adapt to the new ways. If you try to do things the old way then it often is clunky and slow.
We believe that since we've used the system for 20+ years we know the best way to do something we've done forever. But sometimes the old way kind of works but in all honesty they've changed the entire philosophy of how to do something.
I think you are mistaking how SHEEPS think with how GEEKS think. We don't "adapt" to anything because it is "the new way", that's what sheeps do. Show me something superior and I'm all for change, like I have always been. Again, speak for yourself not for me.
Slashdot Mirror
What?? Do you expect truth and information to be visible in this threads? So naive of you :)
I kinda agree, but from some answers here I'm starting to think that what should've been there from the beginning isn't a shim, but an alternate root signer / signing infrastructure not controlled by Microsoft. Some key Linux players were offered the chance to maintain this, but they declined. The technology launched with just one signer, and thus this confusion began, where everyone and their dog think that because every x86 mobo comes with MS keys, and the only signer is MS, then UEFI == MS. Which is not.
If the EFF/FSF/LF or for the matter (least preferably) Red Hat or Canonical would support a keysigning infrastructure, things would be more balanced, but they would have to divert their resources to do that, and be accountable for the binaries they sign. Instead they willingly choose to let Microsoft to be the one signer around.
Regarding ARM, it sucks, but it's exactly the same any other ARM player has done, and subject to the same circumstances.
You better stay duck until you learn a bit more. Lots of admins use sudo, and "sudo su" isn't an ubuntuism, it is a retardism.
No you don't understand. Microsoft isn't administering UEFI, they happen to be the only root signer *for now* because for some reason Red Hat and other who were offered to be root signers too *declined the offer*. So do everyone a favor and please inform yourself before posting, particularly before posting that you are informed.
Frontpage slashdot story with a 10 GOTO 10 and saying it's not a loop?
Dudes, just what the fuck. I ask you that.
If what you say is true, it would certainly complete the picture.
It still wouldn't mean the certification is not retarded, but it would certainly show the real direction for the FLOSS communities to push for. I began instinctively taking UEFI / SB as something "bad / anti freedom" mainly because of how it was tainted by Microsoft being the only root signer available at the launch of the technology, their certification program, and the inexcusable fact that they forbid disabling SB / managing keys in the ARM platform. But also, and not the least because I completely ignored how the technology works and the background (like BMO and such show clearly here).
There's huge amounts of misinformation, as we can see in this very same thread, where sensationalistic posts like "FUCK UEFI" get all the eyes and everyone goes idiotic "ZOMG DIE MS SHILL" at the slightest attempt of analysis and information gathering that is the basis for any real solution.
All this current whinning crap won't help us to get anywhere, apart from one or two assholes thinking for a day they are raising the glorious flag of freedom. It is imperative that we start educating ourselves and reach consensus towards more robust solutions; IMO this shim is good, for now, as a temporary one. I long for a more robust and permanent solution which I now begin to think could be, like you say, in the form of a signing infrastructure maintained by some big FLOSS player, like EFF/FSF/LF, and with acceptance by the OEMs and manufacturers.
No, no, no. You got it wrong.
I hate this whole kerfuffle as much as everybody, but the part about not being able to load self signed keys isn't correct. You can load self-signed keys into the UEFI boot key-store right from the UEFI UI. Of course that will prevent Windows 8+ from booting, but that's another story. You can disable it altogether, with the same result.
So you can either disable secure boot or have your own chain of trust separated from Microsoft and boot other OSes. BUT if you want to boot Windows 8+ you have to enable it and use Microsoft's chain of trust, and is in THAT case, when you want to also boot other OSes you must have the other OSes bootloaders signed by Microsoft.
This shim bootloader represents a convenience to the users of that specific case (which indeed is the most common one). They have a "generic" Microsoft-signed bootloader along with some tools to extend a chain of trust from that bootloader to another one, and this second one won't have to get through the dreaded certification process (which indeed forces you to use Windows).
The problem here is NOT UEFI / SECURE BOOT. The problem is MICROSOFT CERTIFICATION PROGRAM. That's where they boicott the whole industry, and where they should be given a fight. That stupid certification process they combined with a twisted use of the new capabilities of UEFI. Make no mistakes, shouldn't UEFI exist today, they would still be looking for ways to exploit their certification program to make manufacturers do anything they want, just so they can bless them with being "Win compatible". THAT is the great lie right there, by which they have the industry inexplicably grabbed by the balls.
The solution of course would be everyone giving the finger to Microsoft on their fucking certification program, and a more open competition would arise. I very much want to see how long they last on that environment.
With both teams, we have guns
What better incentive than that?
Is yours, or does that only apply to other people's human lives?
That applies to me and to you too. Does that mean I won't try to survive, or expect you won't? Nope. Does that mean that me or you dying "is a disaster" because a human life is lost? Also nope, for fucks sake.
Human life is overrated.
C'mon... are you really implying that lies and deceit aren't built-in to the game in the US ?
I know, and it's patented too.
The GPL doesn't "destroy freedom" in order to protect anything, it just protects some freedoms and forbids some other freedoms. I would never claim that is more free than the BSD license, but I *will* claim that it does a better job at protecting those four freedoms than the BSD license.
Like I said, I could care less if the BSD license is "more free" than the GPL. I don't care about "license freedom championships", I want my ability to use, see, modify and share the code legally protected, and the GPL is the better tool to enforce that.
Furthermore there isn't anything inherently wrong about either license. Both pursue different aims that's all. Which is "freer" is a purely demagical standpoint.
If you're going to pursue that course of action, then don't call it "protecting freedom". That's a simple, bald-faced lie.
After my 10th birthday I learned that the world isn't black-and-white, so of course I will call it "protecting freedom", as the GPL *does* protect freedoms.
What is a simple, bald-faced lie (and I'll repeat: "specially in the context of a society") is to correlate protection of freedoms to "allow everything". It's just not how societies work, they're all based on the premises of restrictions.
You don't maximize freedom by destroying it. The BSD license destroys no freedoms. The GPL does. It's truly that simple.
I don't care. Society destroys the freedom too kill each other and I like that. That's my point.
Blind, demagogic pursue of "true freedom" is pure bullshit, SPECIALLY in the context of a society.
So in the end it's THIS argument who is overly idealistic, and not the GPL. Surprise surprise!
The GPL was never about free as in "*the* real, total freedom". Total absolute freedom is something humans can't even define properly, there's always some set of rules anywhere allowing people to build and maintain a society. You have to be pushing your hands firmly over your eyes to ignore that.
GPL protects *specific* freedoms, not *all* freedoms. The specific freedoms it protects are:
Freedom 0: The freedom to run the program for any purpose. Freedom 1: The freedom to study how the program works, and change it to make it do what you wish. Freedom 2: The freedom to redistribute copies so you can help your neighbor. Freedom 3: The freedom to improve the program, and release your improvements (and modified versions in general) to the public, so that the whole community benefits.
Other freedoms, or "total freedom" whatever it may be, were never an aim for the GPL. Now repeat after me again:
GPL is not about "freedom in the general, ideal sense", nor it's about "totally free code". GPL its about the "four software freedoms stated by the FSF".
No Christian needs a 10TB RAID0+1 array - Jesus would use RAID6 (with a battery backed caching RAID controller)
Nope, he actually would use RAID5, and thrash the array because a) one disk totally failing on him and b) another one failing reads three times during recovery. But don't worry, somehow a three-day ddrescue would finally bring back all data (to be saved in "the cloud", of course).
Back to complaining then, boys! We still got until someone comes with "the definition"!
So now people travels over IP??? Wow, didn't know teleportation was already so advanced....
s/homo sapiens/americans/g ...FTFY, it's just the tone of your post made me think about your nationality
"We slash and burn"
So true.
So unless you code, where do you get your computer fun then? The feeling of boredom that avalanched over me as I read your post nearly kills my willing to live :(
Geeks claim to be all about change and innovation but in all honesty in many ways they're as set in their ways as anyone else.
No we don't. I use what's USEFUL, what's FLEXIBLE, what's EFFICIENT. Unity is neither of those. Had it been better than what I'm using I'd just went and used it. It's not about "being set in your way", no it's not something that childish. I have an old proverb for you to mark in your head with fire: "IF IT AIN'T BROKEN, DON'T FIX IT".
According to Geeks the window manager was perfected by Microsoft in Windows 95 and everything else has been an abomination.
They don't care what the statistics or the user testing show... they know they're right. After all it's been that way since 1994.
"Statistics and user testing" my ass. What are you some kind of marketer? Now we should be making choices because some retard did "studies" that concluded his new fly UI is "the way of the future". Oh, and I don't know where you have been since '94, but my desktop doesn't look at all like it was back then. So please feel free to cut the crap.
The reason we geeks never evolve is because we aren't willing to buy-in to the notion that there's a better way.
Speak for you. I do evolve, if you don't, shame on you. If you are willing to buy the notion that there's a better way, when that way is failing to you in your face, shame twice on you.
You have to adapt to the new ways. If you try to do things the old way then it often is clunky and slow.
We believe that since we've used the system for 20+ years we know the best way to do something we've done forever. But sometimes the old way kind of works but in all honesty they've changed the entire philosophy of how to do something.
I think you are mistaking how SHEEPS think with how GEEKS think. We don't "adapt" to anything because it is "the new way", that's what sheeps do. Show me something superior and I'm all for change, like I have always been. Again, speak for yourself not for me.