←back to thread

Linux and Secure Boot certificate expiration

(lwn.net)
253 points pabs3 | 2 comments | 18 Jul 25 03:53 UTC | HN request time: 0.019s | source
Show context
greatgib ◴[18 Jul 25 06:46 UTC] No.44601921[source]
It's totally crazy that we have to go through Microsoft to sign things to be able to have our OS run on third parties computers, and that Microsoft manage to win about this so easily as it was never seriously challenged.
replies(7): >>44601962 #>>44602085 #>>44602088 #>>44602288 #>>44602373 #>>44602674 #>>44615523 #
sugarpimpdorsey ◴[18 Jul 25 07:50 UTC] No.44602288[source]
It makes more sense if you view it for what it is: Honest Satya's Certificate Authority.

Microsoft showed they can semi-competently run a PKI. The end.

Now had the Linux folks stepped up to the plate early on, instead of childishly acting like Secure Boot was the computing antichrist, the story might be different. But they didn't. We only have shim because some people at Red Hat had the common sense to play ball.

replies(7): >>44602337 #>>44602402 #>>44602511 #>>44602526 #>>44602770 #>>44603173 #>>44604349 #
1. littlestymaar ◴[18 Jul 25 08:12 UTC] No.44602402[source]
> Now had the Linux folks stepped up to the plate early on, instead of childishly acting

This kind of victim blaming gets annoying very quick, as if the Linux ecosystem had any leverage at all on PC manufacturers…

replies(1): >>44611000 #
2. sugarpimpdorsey ◴[18 Jul 25 23:33 UTC] No.44611000[source]
> as if the Linux ecosystem had any leverage at all on PC manufacturers…

Linux has 63% of the server marketshare, which is where Secure Boot and the whole chain-of-trust has utmost importance. Of course they have leverage.

Do you think overall Secure Boot is more important in the context of securing your bank's servers, or some porno jack machine throwaway laptop?