search for: computers_

On 02/08/2020 16:26, Valeri Galtsev wrote: > > On the side note: it is Microsoft that signs one of Linux packages now. We seem to have made one more step away from ?our? computers being _our computers_. Am I wrong? > > Valeri > Microsoft are the Certificate Authority for SecureBoot and most SB-enabled hardware (most x86 hardware) comes with a copy of the Microsoft key preinstalled allowing binaries that are signed by Microsoft to work. In the case of linux, that is the shim which b...

On 8/2/20 2:47 AM, Alessandro Baggi wrote: > > Il 02/08/20 00:42, Mike McCarthy, W1NR ha scritto: > > It appears that it is affecting multiple distributions including Debian > > and Ubuntu so it looks like the grub2 team messed up. See > > > > https://www.zdnet.com/article/boothole-fixes-causing-boot-problems-across-multiple-linux-distros/ > > > > >

...Sun, Aug 2, 2020 at 11:45 AM Phil Perry <pperry at elrepo.org> wrote: > On 02/08/2020 16:26, Valeri Galtsev wrote: > > > > On the side note: it is Microsoft that signs one of Linux packages now. > We seem to have made one more step away from ?our? computers being _our > computers_. Am I wrong? > > > > Valeri > > > > Microsoft are the Certificate Authority for SecureBoot and most > SB-enabled hardware (most x86 hardware) comes with a copy of the > Microsoft key preinstalled allowing binaries that are signed by > Microsoft to work. In the case...

> On the side note: it is Microsoft that signs one of Linux packages > now. We seem to have made one more step away from ?our? computers > being _our computers_. Am I wrong? > Secure booting using UEFI requires that the code is signed - that is the "secure" bit. Microsoft are the CA for that signing. There's nothing sinister about it, they aren't signing the RPM package just one of the bits of code in the package. I seem to remember...

...:45 AM Phil Perry <pperry at elrepo.org> wrote: > >> On 02/08/2020 16:26, Valeri Galtsev wrote: >>> >>> On the side note: it is Microsoft that signs one of Linux packages now. >> We seem to have made one more step away from ?our? computers being _our >> computers_. Am I wrong? >>> >>> Valeri >>> >> >> Microsoft are the Certificate Authority for SecureBoot and most >> SB-enabled hardware (most x86 hardware) comes with a copy of the >> Microsoft key preinstalled allowing binaries that are signed by >> Mi...

...otch in the reputation level. Hopefully, it is not new lower level now, which hopefully again will be confirmed over long trouble-free period in a future. On the side note: it is Microsoft that signs one of Linux packages now. We seem to have made one more step away from ?our? computers being _our computers_. Am I wrong? Valeri > We have 3 people who build updates as fast as we can and this sofware is > free and unvalidated. We don't do any security testing .. we build and > release RHEL source code. RHEL is what you want if you want software > assurance or the fastest release cycle...