[lug] insane Gigabyte issue

Kevin Fenzi kevin at scrye.com
Fri Jun 8 15:54:09 MDT 2012


On Fri, 8 Jun 2012 15:47:17 -0600
Paul E Condon <pecondon at mesanetworks.net> wrote:

> I don't understand this secure boot stuff and I don't understand
> digital certificates.

Then, I'd suggest not getting too alarmed. 

> But if this concern is real, and I'm not
> doubting that it is, then who will be the supplier of PCs to the CIA
> and the NSA, surely they do not trust Microsoft and/or Verisign with
> national security secrets? Or do they simply not use personal
> computers? Or what? Surely, Microsoft doesn't expect to be able to
> treat the Navy Seals the way it hopes to treat Linux users. What is
> happening seems so unreal.

I would expect those folks to create their own keys and enroll them,
and remove the MS ones. Something which any Fedora user will have tools
to do as well. 

> Also, isn't there some way the digital certificates can be canceled?
> What is their recourse is someone misuses his signing certificate?
> Who decides what actions constitute misuse vs. innovation? I
> understand that Microsoft is a very supportive of innovation.

Yes, there is revocation. When a cert is revoked there is an update
that updates those. I don't know if there's any hard details on what
would constitute 'misuse', but MS can revoke certs that are used to
enable malware. 

> If there is a way that certificates can be canceled, then how can the
> CIA and company live with the possibility of being locked out of
> rebooting its computers even for a few seconds during a national
> security alert?

They would use their own, and be in control of when and how they revoke
them?

> This smacks of a piece of tea-party legislation design
> to make absolutely certain that the Government cannot work.  Very nice
> for our national security if we can sell it to the Iranians, but why
> should we buy it for ourselves? 

I can't follow this paragraph. Can you rephase?

> But if the secure boot does no more
> than issue warning messages that can be ignored by the user --- isn't
> that what /dev/null was designed to handle?

It does not do that. 

If the machine is in secure boot mode, and you boot something that is
not signed or something that is signed with a revoked key, or something
that has been changed in any way since it was signed, the machine will
not boot. 
 
> Help me understand

Happy to try. :) 

kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20120608/7cc01343/attachment.pgp>


More information about the LUG mailing list