×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FSF Criticises Ubuntu For Dropping Grub 2 For Secure Boot

samzenpus posted about 2 years ago | from the I-am-dissapoint dept.

Operating Systems 296

sfcrazy writes "The Free Software Foundation (FSF) has published a whitepaper suggesting how free operating systems can deal with UEFI secure boot. In the whitepaper, the foundation has criticized the approach Canonical/Ubuntu has taken to deal with the problem. The paper reads: 'It is not too late to change. We urge Ubuntu and Canonical to reverse this decision, and we offer our help in working through any licensing concerns. We also hope that Ubuntu, like Fedora, will actively support users generating and using their own signing keys to run and share any versions of the software, and not require users to install a key from Canonical to get the full benefit of their operating system.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

296 comments

Do you want it to work or not? (-1, Troll)

Anonymous Coward | about 2 years ago | (#40517665)

Grub is old tech. It needs to use the modern method. It ain't going away, deal.

people who use ubuntu are linux posers anyways (-1, Flamebait)

Anonymous Coward | about 2 years ago | (#40517705)

a true geek would never use that watered down bullshit.

Re:people who use ubuntu are linux posers anyways (3, Insightful)

crazyjj (2598719) | about 2 years ago | (#40517733)

I would like to refer every single person who henceforth asks the question "Why hasn't Linux ever gone mainstream?" to the parent post.

Re:people who use ubuntu are linux posers anyways (2, Insightful)

Anonymous Coward | about 2 years ago | (#40517911)

Linux will never go mainstream because there are trolls on the internet? Gosh.

Re:people who use ubuntu are linux posers anyways (5, Funny)

Anonymous Coward | about 2 years ago | (#40517957)

Linux is mainstream everywhere except the desktop, and I heard the desktop is dead anyway.

Re:people who use ubuntu are linux posers anyways (5, Interesting)

jellomizer (103300) | about 2 years ago | (#40517993)

Linux has gone mainstream... Just not on the desktop. Where is remains a distant 3rd behind Windows and OS/X.
With Android, Linux is quite popular with mobile. Linux is also strong on the server side too.
Linux never made it to the desktop, because there were too many drivers to support. When you luck out and get a System that is well supported by Linux... Linux rocked on that system. However if you try to put Linux on a poorly supported system, it usually sucked, and felt like a cheap OS.

If Microsoft make "Windows 9" a Linux Distribution with a Windows themed UI. It would probably be just like Vista, many people complaining about hardware compatibility, systems crashing all the time (due to improper drivers)

Re:people who use ubuntu are linux posers anyways (5, Funny)

tripleevenfall (1990004) | about 2 years ago | (#40518151)

OS/X? Finally, the successor to OS/2 the market has been waiting for!

They can call it WARP 10!

Re:people who use ubuntu are linux posers anyways (3, Insightful)

quetwo (1203948) | about 2 years ago | (#40518545)

Drivers are only a part of the problem. The biggest is the fragmentation, of well, everything. The UI is different for every distro, every version, and every update. The configuration files are different for every distro, version and update. Besides a few very well known apps, compatibility of binaries and apps are a real crap-shoot.

Linux will become mainstream the second that the number of CSE graduates outnumbers any other major in society.

Think about it another way -- there are probably more copies of "Windows 7 for dummies" sold then there are installs of Linux being used as a desktop. With configurability, comes the loss of the mainstream. And plus, most UI/UX/usability in most Linux based apps don't follow the KISS method...

Re:people who use ubuntu are linux posers anyways (0)

Anonymous Coward | about 2 years ago | (#40518221)

True geeks would never ask the question: 'Why hasn't Linux ever gone mainstream?'.

Re:people who use ubuntu are linux posers anyways (0, Flamebait)

Anonymous Coward | about 2 years ago | (#40517739)

And my dick is bigger then your dick.

Re:people who use ubuntu are linux posers anyways (2, Funny)

Anonymous Coward | about 2 years ago | (#40518027)

And my dick is bigger then your dick.

Good for you. At least you have one thing going for you, since you appear to be semi-literate.

Re:people who use ubuntu are linux posers anyways (2)

king neckbeard (1801738) | about 2 years ago | (#40517769)

I believe Torvalds said that he likes Ubuntu (although he prefers Fedora for work purposes), as did ESR.

Re:people who use ubuntu are linux posers anyways (5, Funny)

Anonymous Coward | about 2 years ago | (#40517879)

Linux users in general are just Unix posers. If you aren't running HPUX on a home Itanium server, then you're just using watered down bullshit.

Also, my dick is bigger than yours.

Re:people who use ubuntu are linux posers anyways (1)

msauve (701917) | about 2 years ago | (#40517943)

"If you aren't running HPUX on a home Itanium server, then you're just using watered down bullshit."

Please stop insulting Larry Ellison. He owns an Hawaiian Island, you don't.

Re:people who use ubuntu are linux posers anyways (1)

psergiu (67614) | about 2 years ago | (#40518109)

Itanium ? That sell-out of a processor ? PA-RISC foreva' !!! No-one will prevent me from booting anything i want on that platform ... :-)

Re:people who use ubuntu are linux posers anyways (2)

LocalH (28506) | about 2 years ago | (#40518177)

I refute your argument by identifying it as the "one true Scotsman" fallacy.

Re:people who use ubuntu are linux posers anyways (3, Insightful)

asdf7890 (1518587) | about 2 years ago | (#40518243)

You seem to be errantly conflating "true geek" with "anal self-important elitist prick".

Many geeks use Ubuntu as there are various places where it is the right tool (or at least one of the appropriate options) for the job.

Re:people who use ubuntu are linux posers anyways (1)

Anonymous Coward | about 2 years ago | (#40518247)

I spend an awful lot of time fixing Ubuntu to think of it as "watered down" linux.

I suppose the ultimate solution is... (3, Interesting)

Viol8 (599362) | about 2 years ago | (#40517723)

... for someone to hack the secure boot BIOS and provide an easy way for users to reflash theirs from Windows or whatever OS is preinstalled on the machine when bought new. No doubt this will prevent windows being reinstalled but unless you want a dual boot machine I doubt this matters much.

On a related note, how will this affect linux being booted from within windows (if anyone still uses that approach)?

Re:I suppose the ultimate solution is... (5, Funny)

crazyjj (2598719) | about 2 years ago | (#40517747)

hack the secure boot BIOS

Citizen, you have advocated criminal violation of the Digital Millennium Copyright Act. Please place your hands in the yellow circles and await a police action.

Re:I suppose the ultimate solution is... (5, Insightful)

shentino (1139071) | about 2 years ago | (#40517863)

Sadly I think this may well be true in the future if hacking your own PC is treated by Microsoft the same way that modchipping your PS is treated by Sony

Re:I suppose the ultimate solution is... (5, Insightful)

JerkBoB (7130) | about 2 years ago | (#40518267)

Sadly I think this may well be true in the future if hacking your own PC is treated by Microsoft the same way that modchipping your PS is treated by Sony

I haven't really been paying attention to what Sony has been doing (don't own a PS3), but I wonder if Sony really cares about modchipping itself, or if they just want to keep modded consoles off of PSN?

The latter seems reasonable to me... If you want to mod the console, fine. Just don't expect to be allowed to play in the sandbox with all of the unmodded consoles. You know if they let modded consoles on that games would be flooded by griefers and other annoying breeds of adolescent (chronological or mental).

Not picking a fight, just wondering if I'm missing something...

Re:I suppose the ultimate solution is... (3, Informative)

Soluzar (1957050) | about 2 years ago | (#40518551)

They always tried to shut down vendors of modchips during the PS2 era. They often succeeded too. Many of the retailers from back then were stomped under the Sony jackboot. There wasn't any online to speak of back then, and they still maintained that modchipping was a criminal act.

Re:I suppose the ultimate solution is... (1)

isorox (205688) | about 2 years ago | (#40518393)

Dan would eventually find out about the free kernels, even entire free operating systems, that had existed around the turn of the century. But not only were they illegal, like debuggers—you could not install one if you had one, without knowing your computer's root password. And neither the FBI nor Microsoft Support would tell you that.

http://www.gnu.org/philosophy/right-to-read.html [gnu.org]

Re:I suppose the ultimate solution is... (5, Insightful)

Anonymous Coward | about 2 years ago | (#40517763)

I'd say the ultimate solution is for every linux fan to stop recommending computers with locked BIOSs, push hardware with coreboot, and to ignore distros which aren't playing ball. Cracking it is the pragmatic solution.

Re:I suppose the ultimate solution is... (2, Insightful)

ArsonSmith (13997) | about 2 years ago | (#40517841)

How will Microsoft deal with the loss of all 8 of those sales.

Re:I suppose the ultimate solution is... (0)

Anonymous Coward | about 2 years ago | (#40517903)

I'm a linux fan, and I build a LOT of custom systems for people (and sell them for a living).
So pissing me off costs a manufacturer a few hundred sales a year.

SO lets multiply that by a few thousand "linux fans" who are also responsible for corporate purchases, hardware sales at local shops, etc.

It adds up.

Re:I suppose the ultimate solution is... (0)

Anonymous Coward | about 2 years ago | (#40517955)

It's not aimed to Microsoft. It's aimed at the hardware makers.

Sure the 60 servers we have in our cabinets isn't going to make a difference to a dell, but it's more than 8.

Re:I suppose the ultimate solution is... (3, Insightful)

Microlith (54737) | about 2 years ago | (#40518093)

stop recommending computers with locked BIOSs

So eventually all of them?

push hardware with coreboot

None?

Cracking it is the pragmatic solution.

Nor is pushing hardware that doesn't exist.

Re:I suppose the ultimate solution is... (0)

Anonymous Coward | about 2 years ago | (#40518619)

Perhaps someone need teach you the difference between idealism and pragmatism. Either way, with an attitude like that it's a self fulfilling prophecy.

Re:I suppose the ultimate solution is... (1)

Anonymous Coward | about 2 years ago | (#40517871)

"Hack" it? You can go into the menu and load other keys or disable the feature. If the key's provided by a trusted root CA that's already added, you shouldn't even need to do that.

Re:I suppose the ultimate solution is... (5, Informative)

SuricouRaven (1897204) | about 2 years ago | (#40517901)

You can now, yes. But remember the big push for Secure Boot is from Microsoft. A company with a long history of using every dirty and underhanded trick in the book, including a few of their own invention. I do not trust them: Today they only make it enabled by default, but in a few more years they may take away the capability to disable it entirely.

Re:I suppose the ultimate solution is... (2)

Anonymous Brave Guy (457657) | about 2 years ago | (#40518351)

Given the very high proportion of servers that run (a) the world's major businesses, and (b) Linux, I think we're fairly safe on that one. These servers are often administered by people who know what they're doing and who chose Linux over a Microsoft stack for a reason.

Not even Microsoft are powerful enough to change that, or they would have done so a long time ago. I think any serious attempt to take control of the hardware platform would result an expensive backlash and PR headache at best.

Re:I suppose the ultimate solution is... (2)

0123456 (636235) | about 2 years ago | (#40518479)

Except once Red Hat is using a Microsoft-signed boot loader, most server admins will just install and go and not worry that Microsoft can withdraw that at any time.

Re:I suppose the ultimate solution is... (0)

Anonymous Coward | about 2 years ago | (#40517913)

How about you try doing this on a Win8-approved ARM tablet?

Re:I suppose the ultimate solution is... (0)

Anonymous Coward | about 2 years ago | (#40518457)

Have you tried doing it on your Mattel Pocket Football game?

Re:I suppose the ultimate solution is... (5, Insightful)

Anonymous Coward | about 2 years ago | (#40517925)

So far there's no indication that you need to hack anything. Microsoft requires that PC's sold as certified for for Windows 8 allow you to enter custom mode and load your own certs. The reason Linux Distros are going the routes they are, using a Microsoft Signed boot loader, is that they want something that will be bootable on any machine out there with out having to enter the bios. While your typical users here on slashdot probably doesn't have any problems entering their bios and adjusting Bios settings for many other users is something they've never done and it's going to be extremely specific to that mfgs implementation on that particular hardware so no general set of instructions is possible.

Re:I suppose the ultimate solution is... (2)

SuricouRaven (1897204) | about 2 years ago | (#40517929)

Doable, I am sure. But it'd have to be done for every motherboard and every revision, and meddling in the EFI at that level is how you brick things. It's not the type of dangerous, difficult operator you want to require linux newbies do before they can even install it.

Re:I suppose the ultimate solution is... (4, Insightful)

betterunixthanunix (980855) | about 2 years ago | (#40518049)

for someone to hack the secure boot BIOS

So it's come to the point of having to attack our own computers just to run the software we want? The fact that we have to resort to these measure is a sign of just how bad things have gotten.

provide an easy way for users to reflash theirs from Windows or whatever OS is preinstalled

So to run free software, I have to first agree to yet another license for proprietary software? That is a step backwards if I have ever seen one.

No doubt this will prevent windows being reinstalled but unless you want a dual boot machine I doubt this matters much

There are lots of people who want or need dual boot. I would guess that a substantial fraction, maybe even a majority, of GNU/Linux users have dual boot. People should be free to use their computers the way they want, which includes the freedom to dual boot.

Re:I suppose the ultimate solution is... (3, Insightful)

Nerdfest (867930) | about 2 years ago | (#40518371)

We've been at that point for quite a while now. Have a look at any of the iDevices. Even some of the Android phones have locked bootloaders (which don't restrict which apps you can install, but they limit your OS options). We're just seeing it spread, much like the locked Apple market is spreading to Windows metro.

Re:I suppose the ultimate solution is... (1)

betterunixthanunix (980855) | about 2 years ago | (#40518469)

Indeed, although we can at least find computers from major manufacturers that will run GNU/Linux -- and we can tell people what to avoid. With Microsoft going full-steam on restricted boot environments, it will only be a few years before we cannot buy a laptop from Dell that will run GNU/Linux (except for those distros that have made a deal with Microsoft -- so much for choice).

Re:I suppose the ultimate solution is... (0)

Anonymous Coward | about 2 years ago | (#40518355)

Win8 does not require secure boot to work. If you want the Win8 logo, you must have secure boot enabled by default, that is the only requirement for PC.

Re:I suppose the ultimate solution is... (0)

0123456 (636235) | about 2 years ago | (#40518517)

Indeed. Windows 9 will be the first that refuses to boot on a PC which isn't ordained by Microsoft.

Oh God! I just made a 'slippery slope argument' and they're totally invalid and never, ever happen. I suck.

Unity: Proof Canonical doesn't care about users (-1, Offtopic)

Anonymous Coward | about 2 years ago | (#40517755)

'nuff said.

The FSF (0, Flamebait)

Osgeld (1900440) | about 2 years ago | (#40517787)

Sure does like to dictate what people use, kinda funny that way

Re:The FSF (4, Insightful)

mvdwege (243851) | about 2 years ago | (#40517891)

I realise it must have been a great trauma to you to have RMS jump through your window wielding a katana and forcing you to install gNewsense GNU/Linux, but seeking counselling is a better solution than going on about it on Slashdot.

Wait, that did not happen? Oh, you were confusing 'criticizing' with something else; and implying that the FSF have no right to express their criticisms. Hmmm. Seems like a prime example of the pot calling the kettle black, don't you think so yourself?

Re:The FSF (1, Insightful)

Osgeld (1900440) | about 2 years ago | (#40518085)

Whoa easy killer, I didnt know they personally came in and saved you and your family from terrorist mere moments before being shot in the head. I just think its funny that a group that advocates software freedom always gets their panties in a big ole wad when someone does something they didnt like. Fuck them its none of their concern what Ubunutu uses as a bootloader, thats (gasp) freedom.

Re:The FSF (-1, Flamebait)

NemoinSpace (1118137) | about 2 years ago | (#40518313)

Truth up! Reminds me of a variation on the old expression. -
"Hi, I'm from the Governm^H^H^H^H^H^H^H FSF, were here to help you"!

Re:The FSF (1)

smbarbour (893880) | about 2 years ago | (#40518343)

Actually, from reading the story, it appears that the FSF is feeling hurt because Ubuntu is switching to another open source bootloader that doesn't use the GPL.

Ubuntu has no control over hardware manufacturers putting in a secured BIOS, so Ubuntu decided to take the route of compatibility: Ubuntu signed with Microsoft's key. Ubuntu has their own key as well.

Just as software developers have the right to NOT open source their code, companies have the right to secure their computers. This step allows Ubuntu to run on those secured computers.

Re:The FSF (4, Interesting)

Microlith (54737) | about 2 years ago | (#40518507)

it appears that the FSF is feeling hurt because Ubuntu is switching to another open source bootloader that doesn't use the GPL.

No, they're concerned that Ubuntu is giving up a GPL bootloader because they're choosing to adopt Microsoft's secure-boot solution, which effectively puts all such systems under Microsoft's control and makes it infinitely harder for "unapproved" software to run on the systems (which, if Microsoft's attitude is any indication, would include virtually all Free Software.)

companies have the right to secure their computers.

So my computer belongs to Microsoft? Dell? Asus?

Perhaps you missed the bit where ALL systems with the Windows 8 logo were going to be forced into this locked state by default. It's not just a corporate security feature, it's being rammed down ALL of our throats.

Re:The FSF (0)

Anonymous Coward | about 2 years ago | (#40518419)

They're the free software foundation not the freedom foundation, dipshit, so it most definitely is their concern. I'll give you a moment to go to their website and read up on who they are and what they do.

On second thought, I better give you more than a moment when reading is involved.

Re:The FSF (3, Insightful)

UnknowingFool (672806) | about 2 years ago | (#40518481)

The FSF: we don't like how Ubuntu uses UEFI instead of Grub 2. We think this is bad for these reasons . . .

You: "Sure does like to dictate what people use, kinda funny that way"

I believe you did confuse "criticize" with "dictate" or accused the FSF of doing something it did not do. Unless "criticize" and "dictate" changed meaning in the English language recently.

Re:The FSF (1)

Microlith (54737) | about 2 years ago | (#40518519)

Fuck them

Yeah, they're only concerned that these corporations will leverage their power ("freedom") to deny you the same. They'll be free to ensure you aren't.

Re:The FSF (1)

dkleinsc (563838) | about 2 years ago | (#40518465)

I realise it must have been a great trauma to you to have RMS jump through your window wielding a katana

Hey now, he only does that for defending himself against ninjas, and defending you against RIAA goons.

Re:The FSF (1)

Anonymous Coward | about 2 years ago | (#40518009)

Except of course that urging isn't dictating.

And why would you expect an advocacy group to not advocate in the first place?

Re:The FSF (0)

Anonymous Coward | about 2 years ago | (#40518289)

Surprise, it's Osgeld again -- making an anti-FSF remark. Are you paid by the word or by the post?

Re:The FSF (2)

cryptizard (2629853) | about 2 years ago | (#40518323)

Agreed. While I think this issue certainly warrants discussion, the whole article comes off as childish with quips like this: "we view Windows itself as malware and want to keep it away from our machines." They seem like they are making a big deal out of this thing just to sound holier than thou. Their ideal situation, where users can install their own certificates or choose to disable secure boot, is exactly what is mandated by Microsoft (for x86 at least). They even mention this in the article. The only problem they seem to have is with some nebulous "barrier to installation" caused by having to manually do one of those two things before you can install another operating system. It is 100% completely impossible to have secure boot without SOME additional effort on the users part when installing another bootloader or OS because that is entirely the point (to prevent malware silently subverting the boot process). The article is chocked full of complaints with no tangible solutions.

Ubuntu Following Novell (5, Insightful)

GeneralTurgidson (2464452) | about 2 years ago | (#40517797)

Go ask Novell how well chasing that Microsoft interoperability trains works.

It worked very well for years (2, Insightful)

kervin (64171) | about 2 years ago | (#40518103)

Novell made a killing and and was an industry powerhouse for decades. Much of their wealth came from making the Microsoft environment easier to use.

Also many of Microsoft's biggest competitors started of by being compatible with Microsoft. Google providing Exchange protocol services, Office file format compatibility, same with Apple, OpenOffice, etc. And that hasn't worked out too bad for them.

Re:It worked very well for years (3, Insightful)

Microlith (54737) | about 2 years ago | (#40518253)

And it's always been on the thin edge of the razor. Microsoft has readily yanked their chains by changing the file formats and protocols, keeping them perpetually behind in terms of compatibility.

As for Novell, compatibility providing a few years of bounty is meaningless when the source of that bounty turns around and uses their monopoly to effectively drive you from the market. All you've done is made them more powerful.

Re:Ubuntu Following Novell (1)

Spiked_Three (626260) | about 2 years ago | (#40518477)

Maybe you should be asking Microsoft how well the Novell interoperability train is?

How conveniently we forget Novell was kicking Microsofts butt (in networking). And doing everything they could to keep Microsoft out.

They also criticized Fedora.. (5, Interesting)

gQuigs (913879) | about 2 years ago | (#40517813)

not as much, but still (for planning to use the MS key). It's a very bad position we (Free Software) are in with Restricted/Secure boot. I think it's time the Linux friendly vendors really get behind CoreBoot [http://www.coreboot.org/Welcome_to_coreboot] and let us be truly independent.

As it is setup right now:
Binaries can only be signed with one key. If you use Microsoft's key, you can't use your own.
Not all vendors may support letting users add their own keys. (and even if they do it certainly complicates a fresh install).
ARM will be completely locked down if vendors want MS to run on it.
If you use the Microsoft key, they can revoke your access (they likely need cause, but still)

Re:They also criticized Fedora.. (5, Insightful)

SuricouRaven (1897204) | about 2 years ago | (#40517917)

Microsoft's key is the only one that you can be sure all computers will have, and so the one all vendors will have to sign with. Making it pointless for them to even have their own keys. By design, I am quite sure: The limit is one-key-only because it was always intended that only one vendor would survive. Microsoft.

Re:They also criticized Fedora.. (2, Interesting)

Anonymous Coward | about 2 years ago | (#40518011)

If memory serves the Microsoft key is pretty much going to be required no matter what Fedora or Ubuntu does because PCI-E cards will have their bios signed with a MS key and you have to trust them in order to do secure boot.

Re:They also criticized Fedora.. (4, Interesting)

Anonymous Coward | about 2 years ago | (#40518075)

Why CoreBoot? What's wrong with stuff like OpenFirmware, or even just finishing projects to boot properly from EFI machines [sourceforge.net] (which are not "secure"). There's no reason to ask HW manufacturers to adopt some completely new firmware stack when there are already-working ones which are more than "open" enough. The only real problem here is with this new Secure Boot add-on, but there is no reason to throw the baby out with the bathwater. OpenFirmware / EFI can replace BIOS just fine and not have any restrictions. They already exist and manufacturers already know how to use them.

Ubuntu follows MS (1)

Anonymous Coward | about 2 years ago | (#40517899)

Microsoft is being reprehensible as usual. Hardware vendors have always been cowed by them - now Ubuntu is following their lead.

I switched from SuSe to Ubuntu, now it looks like I'll switch to Fedora. At lease Linux, from the source, remains free of the the manipulations of the monopolists.

Let's be honest: Nobody liked Grub 2 (0, Flamebait)

Anonymous Coward | about 2 years ago | (#40517921)

[Disclaimer: I’m always posting anonymously, since I consider the /. moderation system fundamentally broken.]

Grub 2 is vastly over-engineered, and even though it is more complex, it’s more limited. (Example: The whole multi-boot mess.)
For the sole purpose of making it "easier" on the Windows crowd that can't even be expected to edit a config file (or tie their shoes?). Which is a huge fallacy, since that's already way beyond the point of maximum efficiency, deep down in "so easy, it's less efficient” territory, where it's actually harder again if you have any ambitions or half a brain.
And it results in a vicious cycle of dumbing down the thing and users adapting to it by becoming dumber, until it ends up being something like Clippy, MS Bob, or the iPad in a Idiocracy...

Anyone who can handle a general-purpose computer, which I think anyone here can, has less hassle staying with Grub 1, and be done with it. (Or choosing something else, of course.)
There is no point in changing a running system that does everything that's needed. And we definitely don’t need a script generating really stupid config files for us, since we got the working brain, and so can handle writing text that follows rules ourselves. :)

Grub 2 is the same cancer that is killing Linux, that is Ubuntu Unity, Gnome 3, KDE 4, recent versions of Firefox, etc.

Re:Let's be honest: Nobody liked Grub 2 (0)

crashumbc (1221174) | about 2 years ago | (#40518051)

You forgot "get off my lawn" you geezer

Seriously, things change, get used to it...

Re:Let's be honest: Nobody liked Grub 2 (1, Insightful)

Anonymous Coward | about 2 years ago | (#40518107)

[Disclaimer: I’m always posting anonymously, since I consider the /. moderation system fundamentally broken.]

I assume you mean that the moderation system results in you getting modded down constantly. Try making a post that makes your point without being condescending and repeatedly insulting others. You might find you don't get modded down nearly as often. Unless your post is completely nonsense. Those get modded down for good reason - and that's a sign of an effective system.

Re:Let's be honest: Nobody liked Grub 2 (2)

sheph (955019) | about 2 years ago | (#40518237)

Oh, I'm going to go ahead and call BS here. There is a culture on Slashdot that tends to punish those who deviate from the herd.

Re:Let's be honest: Nobody liked Grub 2 (1)

Jeng (926980) | about 2 years ago | (#40518273)

Is getting a -1 moderation really going to kill someone?

Re:Let's be honest: Nobody liked Grub 2 (0)

Anonymous Coward | about 2 years ago | (#40518161)

[Disclaimer: I’m always posting anonymously, since I consider the /. moderation system fundamentally broken.]

Oh that is such a brave decision. And effective. Seriously, the moderation system is sort of like the way Churchill described democracy: "Democracy is the worst form of government, except for all those other forms that have been tried from time to time." (from a House of Commons speech, 1947-11-11) .

This is nothing new (2, Interesting)

101percent (589072) | about 2 years ago | (#40517983)

Ubuntu/Canonical has been the worst type of Karma whores since the beginning. They built a following by pimping the philosophy of freedom, only to abandon these ideals once the foundation was set. They have enouraged people to accept non-free video and wireless drivers, while companies like RedHat have tried to work with Vendors and educate folks about why this is a bad thing. Now with their app store with non-free projects; they've even undone this feat with kneeling towards Redmond (secureboot). I know not all Linux users care about freedom, but it is sad how even prominent linux users feel like they've accomplished something by getting their local school or whatever to use Ubuntu. People may complain about the free software philosophy all they want, but soon if Ubuntu continues, its going to be a much lesser degree of the early iterations of Windows with lots of propreitary-ness with bits and pieces of freedom (Windows started out using some BSD code). tl:dr Shuttleworth and Canonical are hypocrites and karmawhores.

Re:This is nothing new (2)

geminidomino (614729) | about 2 years ago | (#40518123)

hey built a following by pimping the philosophy of freedom, only to abandon these ideals once the foundation was set. They have enouraged people to accept non-free video and wireless drivers

Really now? So it wasn't defaulting to the piece of shit Nouveau driver instead of the Nvidia blobs for the past few releases, making me have to jump through hoops before I decided to just use Xubuntu in Virtualbox on Windows instead of fucking with it anymore.

There's a lot of legitimate shit you can call Canonical on. Let's focus on the real ones instead of on the "free as in what we say it is" frothing.

Re:This is nothing new (1)

drinkypoo (153816) | about 2 years ago | (#40518461)

Really now? So it wasn't defaulting to the piece of shit Nouveau driver instead of the Nvidia blobs for the past few releases, making me have to jump through hoops

Great, Free Software proponents cry when Ubuntu starts offering nVidia drivers, and now you cry because you have to install the nvidia driver and maybe blacklist Nouveau.

a sea change (5, Insightful)

Anonymous Coward | about 2 years ago | (#40517997)

This is the start of a sea change in who controls our computers. Yes, for now you can turn it off (oh, sorry, unless you're using an ARM system), but this is just the first step. They can't go the entire way all at once. They've tried before, and learned they have to go one step at a time. Each step doesn't seem so bad, until finally, all the cards fall into place.

Already most of our mobile devices no longer belong to us, unless you manage to defeat the device's security that is meant as security against YOU, the owner of the device. Bought anything with iOS, or about 95% of the Android devices? Or WP7? Sorry, someone else owns it even after you purchased it. That's the world that many powers like Microsoft and many governments desire for the whitebox PC. A locked down device that obeys other masters, only booting "trusted" OSs that let those masters have the final say over what your computer does. Because a world where a billion individuals had control over their own computers could not be allowed to persist. It threatens too many corporations and governments.

Of course, people will buy these increasingly locked down PCs just like they are falling all over themselves to buy tablets, so this world WILL come to pass. All we can do is figure out how to deal with it.

Nothing Has Changed (0)

Anonymous Coward | about 2 years ago | (#40518127)

We have always been at war with Eastasia.

Intel and Linux (1)

ISoldat53 (977164) | about 2 years ago | (#40518181)

I don't understand how Intel supports this. They have pumped a lot of money and support into Linux in the past. Why would they now produce products that freeze it out?

Servers and Laptops (4, Interesting)

betterunixthanunix (980855) | about 2 years ago | (#40518401)

Intel knows where they can make money from GNU/Linux: servers. That is not the target of this restricted boot system, and even if these restrictions come to servers, nobody will complain -- professional IT workers can put a $99 signing key purchase on their budget and continue to deploy whatever they want. Desktop GNU/Linux is not going to make Intel all that much money, and they know it -- Windows and Mac OS X are where all the desktop money is.

Intel and everyone else knows that restricted boot environments for personal computers (desktops and laptops) will be hugely profitable. Entertainment companies love it -- they can deploy a new kind of DRM that won't be defeated for years (see: PS3). Software companies love it, because they can stop people from applying cracks to evade DRM. ISPs love it because they can better lock-down their networks if they can control the computers that can be connected to those networks. The potential for money-making deals is HUGE, and Intel knows that when their chips are the center of these profitable systems, they make lots of money.

At the end of the day, Intel could not care less about hackers or computing freedom; they exist to make money, and there is no money to be made in allowing desktop and laptop users to have freedom.

With all due respect (-1, Flamebait)

Anonymous Coward | about 2 years ago | (#40517999)

With all due respect, the FSF can go fuck themselves. GRUB2 is a terrible boot loader, much more complex and restrictive than it needs to be. Ubuntu is moving to a less-restrictive, hopefully most simplified, boot process. In other words, Canonical is going with the best tool for the job, the FSF wants them to toss out the right tool in favour of their horrible mess. Canonical is making the right choice for their users.

Re:With all due respect (5, Insightful)

betterunixthanunix (980855) | about 2 years ago | (#40518117)

Canonical is making the right choice for their users.

Funny how when I was growing up, free/libre software meant that the users did not have to rely on companies like Canonical to make their choices for them.

Re:With all due respect (2)

Skapare (16644) | about 2 years ago | (#40518163)

Syslinux FTW!

Hell, even this is an oversized bloated bootloader if all you need to do is always boot ONE system and leave it running until the cleaning crew takes your power outlet. GRUB1 was horrible thought at least it was reasonably well documented, eventually. GRUB2 was worse, and depricated GRUB1 even before they had the equivalent docs out. And LILO is not even in the running. There are a couple micro boot loaders around that work on PCs, and those would be good.

Sure, there are some people around that want dual boot or more (I've built a machine with 36 OSes on it ... yup, you can do more partitions in GPT ... so I know what that's like). Those people might need GRUB2. But I still did the 36 OS box with Syslinux (all OSes wear Linux ... no Redmond garbage here).

A shim should be a basic and simple as possible. GRUB just isn't even close.

Re:With all due respect (1)

drinkypoo (153816) | about 2 years ago | (#40518489)

You don't have to have all of GRUB. And since GRUB is modular these days, the parts you're not using aren't even loaded. Disk space is cheap, but you can always delete the modules you don't have room for in space-limited environments.

Same thing eva... (1)

Anonymous Coward | about 2 years ago | (#40518097)

Have anyone read the FULL FSF papper before posting the same "WinxLinxMacOS" or the "DRM FLAME" on this topic?

Corporate computers are an issue (1)

crow (16139) | about 2 years ago | (#40518119)

My big concern is corporate computers. If your company is issuing you a computer, and they don't realize that some engineers want to run Linux, they may not let you install new keys or disable the secure boot. This is where it's a good idea to have one vendor using the Microsoft key, and other vendors using their own keys (and hopefully getting major PC sellers to include those keys). That way we at least have one solution that will work even on a locked-down system.

I think Red Hat's strategy is to be the Linux distribution that will work without having to mess with any secure boot issues, which is why they're going to use the Microsoft key.

Re:Corporate computers are an issue (2)

betterunixthanunix (980855) | about 2 years ago | (#40518229)

If your company is issuing you a computer, and they don't realize that some engineers want to run Linux, they may not let you install new keys or disable the secure boot

Sounds like a big selling point: "Make sure your employees only run approved software!" Corporate bosses are not going to complain about losing control, and if the engineers are unable to make a business case for approving another OS (see how things switch up there), they had better just deal with what was approved.

I think Red Hat's strategy is to be the Linux distribution that will work without having to mess with any secure boot issues,

Which is a fine strategy for making money on a GNU/Linux distro, but some of us would prefer not to have to get Microsoft's permission to run the software we want to run. If you look at what Fedora will be doing, it makes it pretty hard to run a custom kernel, it does not help in running other distros, and it basically turns Fedora into a fancy TiVO. That's fine for Red Hat's desktop strategy, but the rest of us are going to need a better approach.

semi-literate editors? (1, Insightful)

CrimsonAvenger (580665) | about 2 years ago | (#40518205)

Is there any way to get editors who know enough English to at least filter out sentences like:

The Free Software Foundation (FSF) has published a whitepaper recommending free operating systems how to deal with UEFI secure boot.

It's not like it would have been hard to change it to:

BLOCKQUOTE>The Free Software Foundation (FSF) has published a whitepaper recommending ways for free operating systems to deal with UEFI secure boot.

And yes, I know that being a grammar nazi is unfashionable. But illiteracy really does work to convince people you have nothing to say worth reading...

What's strategically wise for free software? (-1)

Anonymous Coward | about 2 years ago | (#40518307)

Although it was obvious the FSF would take this position, as it should, isn't it strategically wise to have multiple solutions for users to load a (mostly) free software OS on hardware with UEFI? For similar reasons, I think it's good to have Android devices running ClockworkMod so that they may boot CyanogenMod/Replicant. I understand that we (free software advocates) should always be encouraging consumers to make smart choices and purchase devices that will run free software (and a complete free software stack, when that's possible).

However, free software would become an "oasis in a desert", rather than a large and thriving ecosystem, if binary blobs, non-free drivers, non-free BIOS's, firmware hacks, etc. weren't around. It would become increasingly difficult to bring in more users. Those who have developed free software implementations to replace proprietary ones originate from all over the free software spectrum, so the pool of developers would also shrink.

I think you always want both: the hardcores who will run free software and free software only, and those who will make compromises on devices until (if/when) stable free software is developed for those devices. The FSFE's advice on installing CyanogenMod [fsfe.org] seems like a sensible approach that takes this into consideration. Likewise, why not help someone install as much free software as possible on a device with a non-free BIOS/bootloader?

It seems to me that UEFI will die a quick death if we A) fight very vocally against it, B) convince powerful corporations and governments that it's bad for them, C) ignore it where/when we can, and D) help others to circumvent it when necessary. It doesn't seem much different than the DRM problem in that way.

I would be very happy with Canonical's UEFI strategy if the following from this past /. comment [slashdot.org] can be done:

- Canonical will get efilinux signed with microsoft keys. So GRUB2 has to be made bootable from efillinux (efilinux is rather primitive, it just loads a kernel from a set collection of blocks from the device and run it. It shouldn't be too much difficult to have efilinux load and execute a GRUB2's "stage 1.5" or "stage 2").
Thus efilinux is the part that needs to be signed with microsoft's key (and efilinux's license makes it possible. Although that also means that you won't be able to hack it).

...

- GRUB2 can load coreboot (an opensource firmware) payloads, so it could also load SeaBIOS (a legacy BIOS implementation as a coreboot payload).
- GRUB2 can also load windows XP's boot loader.
So if any of the above is possible (either chainloading efilinux to grub2, or signing grub2 in a gplv3 compatible way). That means that grub2 could be used to boot windows XP on secure-boot hardware. (with seabios providing the legacy bios compatibility, and windows XP's ntldfr being loaded from grub2).

That unfortunately-complex method of chaining together multiple bootloaders seems to allow for any OS, even legacy ones, to boot (or at least attempt to boot) on UEFI hardware. Such a door might be closed if Canonical decides it won't play ball with Microsoft, and that seems like a door worth having open. However, I welcome any rebuttals...I don't know nearly enough about the issue.

What's strategically wise for free software? (3, Insightful)

seandiggity (992657) | about 2 years ago | (#40518347)

Although it was obvious the FSF would take this position, as it should, isn't it strategically wise to have multiple solutions for users to load a (mostly) free software OS on hardware with UEFI? For similar reasons, I think it's good to have Android devices running ClockworkMod so that they may boot CyanogenMod/Replicant. I understand that we (free software advocates) should always be encouraging consumers to make smart choices and purchase devices that will run free software (and a complete free software stack, when that's possible).

However, free software would become an "oasis in a desert", rather than a large and thriving ecosystem, if binary blobs, non-free drivers, non-free BIOS's, firmware hacks, etc. weren't around. It would become increasingly difficult to bring in more users. Those who have developed free software implementations to replace proprietary ones originate from all over the free software spectrum, so the pool of developers would also shrink.

I think you always want both: the hardcores who will run free software and free software only, and those who will make compromises on devices until (if/when) stable free software is developed for those devices. The FSFE's advice on installing CyanogenMod [fsfe.org] seems like a sensible approach that takes this into consideration. Likewise, why not help someone install as much free software as possible on a device with a non-free BIOS/bootloader?

It seems to me that UEFI will die a quick death if we A) fight very vocally against it, B) convince powerful corporations and governments that it's bad for them, C) ignore it where/when we can, and D) help others to circumvent it when necessary. It doesn't seem much different than the DRM problem in that way.

I would be very happy with Canonical's UEFI strategy if the following from this past /. comment [slashdot.org] can be done:

- Canonical will get efilinux signed with microsoft keys. So GRUB2 has to be made bootable from efillinux (efilinux is rather primitive, it just loads a kernel from a set collection of blocks from the device and run it. It shouldn't be too much difficult to have efilinux load and execute a GRUB2's "stage 1.5" or "stage 2"). Thus efilinux is the part that needs to be signed with microsoft's key (and efilinux's license makes it possible. Although that also means that you won't be able to hack it).

...

- GRUB2 can load coreboot (an opensource firmware) payloads, so it could also load SeaBIOS (a legacy BIOS implementation as a coreboot payload). - GRUB2 can also load windows XP's boot loader. So if any of the above is possible (either chainloading efilinux to grub2, or signing grub2 in a gplv3 compatible way). That means that grub2 could be used to boot windows XP on secure-boot hardware. (with seabios providing the legacy bios compatibility, and windows XP's ntldfr being loaded from grub2).

That unfortunately-complex method of chaining together multiple bootloaders seems to allow for any OS, even legacy ones, to boot (or at least attempt to boot) on UEFI hardware. Such a door might be closed if Canonical decides it won't play ball with Microsoft, and that seems like a door worth having open. However, I welcome any rebuttals...I don't know nearly enough about the issue.

Re:What's strategically wise for free software? (2)

Microlith (54737) | about 2 years ago | (#40518583)

It seems to me that UEFI will die a quick death

The problem, again, is not UEFI but secure boot. The two are not inextricably linked.

It doesn't seem much different than the DRM problem in that way.

You'll have an uphill battle. Apple is transparently convincing people that DRM is good.

chaining

Can't happen. If any point has a flaw then the key gets revoked. From the UEFI platform down to the kernel needs to be "trusted" to betray the user, and the kernel must be secured against local exploits that allow bypassing of the chain.

LOLWUT (0)

Anonymous Coward | about 2 years ago | (#40518417)

Grub2?!?
What happened to LILO?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...