NYLXS - Free Software Events

Thu Aug 11 20:15:45 2022

EVENTS

FREE
SOFTWARE
INSTITUTE

POLITICS

JOBS

MEMBERS'
CORNER

MAILING
LIST

NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2015-03-01

HANGOUT

2022-08-11 | 2022-07-11 | 2022-06-11 | 2022-05-11 | 2022-04-11 | 2022-03-11 | 2022-02-11 | 2022-01-11 | 2021-12-11 | 2021-11-11 | 2021-10-11 | 2021-09-11 | 2021-08-11 | 2021-07-11 | 2021-06-11 | 2021-05-11 | 2021-04-11 | 2021-03-11 | 2021-02-11 | 2021-01-11 | 2020-12-11 | 2020-11-11 | 2020-10-11 | 2020-09-11 | 2020-08-11 | 2020-07-11 | 2020-06-11 | 2020-05-11 | 2020-04-11 | 2020-03-11 | 2020-02-11 | 2020-01-11 | 2019-12-11 | 2019-11-11 | 2019-10-11 | 2019-09-11 | 2019-08-11 | 2019-07-11 | 2019-06-11 | 2019-05-11 | 2019-04-11 | 2019-03-11 | 2019-02-11 | 2019-01-11 | 2018-12-11 | 2018-11-11 | 2018-10-11 | 2018-09-11 | 2018-08-11 | 2018-07-11 | 2018-06-11 | 2018-05-11 | 2018-04-11 | 2018-03-11 | 2018-02-11 | 2018-01-11 | 2017-12-11 | 2017-11-11 | 2017-10-11 | 2017-09-11 | 2017-08-11 | 2017-07-11 | 2017-06-11 | 2017-05-11 | 2017-04-11 | 2017-03-11 | 2017-02-11 | 2017-01-11 | 2016-12-11 | 2016-11-11 | 2016-10-11 | 2016-09-11 | 2016-08-11 | 2016-07-11 | 2016-06-11 | 2016-05-11 | 2016-04-11 | 2016-03-11 | 2016-02-11 | 2016-01-11 | 2015-12-11 | 2015-11-11 | 2015-10-11 | 2015-09-11 | 2015-08-11 | 2015-07-11 | 2015-06-11 | 2015-05-11 | 2015-04-11 | 2015-03-11 | 2015-02-11 | 2015-01-11 | 2014-12-11 | 2014-11-11 | 2014-10-11 | 2014-09-11 | 2014-08-11 | 2014-07-11 | 2014-06-11 | 2014-05-11 | 2014-04-11 | 2014-03-11 | 2014-02-11 | 2014-01-11 | 2013-12-11 | 2013-11-11 | 2013-10-11 | 2013-09-11 | 2013-08-11 | 2013-07-11 | 2013-06-11 | 2013-05-11 | 2013-04-11 | 2013-03-11 | 2013-02-11 | 2013-01-11 | 2012-12-11 | 2012-11-11 | 2012-10-11 | 2012-09-11 | 2012-08-11 | 2012-07-11 | 2012-06-11 | 2012-05-11 | 2012-04-11 | 2012-03-11 | 2012-02-11 | 2012-01-11 | 2011-12-11 | 2011-11-11 | 2011-10-11 | 2011-09-11 | 2011-08-11 | 2011-07-11 | 2011-06-11 | 2011-05-11 | 2011-04-11 | 2011-03-11 | 2011-02-11 | 2011-01-11 | 2010-12-11 | 2010-11-11 | 2010-10-11 | 2010-09-11 | 2010-08-11 | 2010-07-11 | 2010-06-11 | 2010-05-11 | 2010-04-11 | 2010-03-11 | 2010-02-11 | 2010-01-11 | 2009-12-11 | 2009-11-11 | 2009-10-11 | 2009-09-11 | 2009-08-11 | 2009-07-11 | 2009-06-11 | 2009-05-11 | 2009-04-11 | 2009-03-11 | 2009-02-11 | 2009-01-11 | 2008-12-11 | 2008-11-11 | 2008-10-11 | 2008-09-11 | 2008-08-11 | 2008-07-11 | 2008-06-11 | 2008-05-11 | 2008-04-11 | 2008-03-11 | 2008-02-11 | 2008-01-11 | 2007-12-11 | 2007-11-11 | 2007-10-11 | 2007-09-11 | 2007-08-11 | 2007-07-11 | 2007-06-11 | 2007-05-11 | 2007-04-11 | 2007-03-11 | 2007-02-11 | 2007-01-11 | 2006-12-11 | 2006-11-11 | 2006-10-11 | 2006-09-11 | 2006-08-11 | 2006-07-11 | 2006-06-11 | 2006-05-11 | 2006-04-11 | 2006-03-11 | 2006-02-11 | 2006-01-11 | 2005-12-11 | 2005-11-11 | 2005-10-11 | 2005-09-11 | 2005-08-11 | 2005-07-11 | 2005-06-11 | 2005-05-11 | 2005-04-11 | 2005-03-11 | 2005-02-11 | 2005-01-11 | 2004-12-11 | 2004-11-11 | 2004-10-11 | 2004-09-11 | 2004-08-11 | 2004-07-11 | 2004-06-11 | 2004-05-11 | 2004-04-11 | 2004-03-11 | 2004-02-11 | 2004-01-11 | 2003-12-11 | 2003-11-11 | 2003-10-11 | 2003-09-11 | 2003-08-11 | 2003-07-11 | 2003-06-11 | 2003-05-11 | 2003-04-11 | 2003-03-11 | 2003-02-11 | 2003-01-11 | 2002-12-11 | 2002-11-11 | 2002-10-11 | 2002-09-11 | 2002-08-11 | 2002-07-11 | 2002-06-11 | 2002-05-11 | 2002-04-11 | 2002-03-11 | 2002-02-11 | 2002-01-11 | 2001-12-11 | 2001-11-11 | 2001-10-11 | 2001-09-11 | 2001-08-11 | 2001-07-11 | 2001-06-11 | 2001-05-11 | 2001-04-11 | 2001-03-11 | 2001-02-11 | 2001-01-11 | 2000-12-11 | 2000-11-11 | 2000-10-11 | 2000-09-11 | 2000-08-11 | 2000-07-11 | 2000-06-11 | 2000-05-11 | 2000-04-11 | 2000-03-11 | 2000-02-11 | 2000-01-11 | 1999-12-11

Key: Value:

MESSAGE

DATE	2015-03-27
FROM	Ruben Safir
SUBJECT	Subject: [NYLXS - HANGOUT] Re: [opensuse] On Mulitboot with UEFI
From owner-hangout-outgoing-at-mrbrklyn.com Fri Mar 27 22:37:34 2015 Return-Path: X-Original-To: archive-at-mrbrklyn.com Delivered-To: archive-at-mrbrklyn.com Received: by mrbrklyn.com (Postfix) id 645391612E7; Fri, 27 Mar 2015 22:37:34 -0400 (EDT) Delivered-To: hangout-outgoing-at-mrbrklyn.com Received: by mrbrklyn.com (Postfix, from userid 28) id 522831612EC; Fri, 27 Mar 2015 22:37:34 -0400 (EDT) Delivered-To: hangout-at-nylxs.com Received: from mail-qc0-f175.google.com (mail-qc0-f175.google.com [209.85.216.175]) by mrbrklyn.com (Postfix) with ESMTP id A39171612E7 for ; Fri, 27 Mar 2015 22:37:09 -0400 (EDT) Received: by qcay5 with SMTP id y5so32069329qca.1 for ; Fri, 27 Mar 2015 19:37:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:message-id:date:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=yye1k7hPLW0XG+f8ngQ0JomXo65SI0TlA28kWDDePrE=; b=jfFZb/+wwf55f7zKVSHcaloZyOqtQwfqPAdumHoyNhXyKs/Xx7FjXo0xNvSwCBu1+f Acscny7JA7+IDP3EQiZrFwpznqPxhh9upTDQCVfFOvLzHQscFBSWnWiLzLd1W6JKwVld vOex21xS71WBDpdEuV+jHC2Xn2SaoKAiBSEU4ke7fEjN+rzKvBK7v2RW7XXilddnDlFU T9gxb0tvsOEv+tNV2k6/oB4gASUdSlNxQsmmUE2IrmRd2qY69lQ5kQgYLx7/HomrIvJg 7uRPdrJvdpilVj+w5eIaT6pHb5O0MgFlJOkdOxWnl1YdbkPOCKsK47wUWts7muKQB9fj y4Qw== X-Gm-Message-State: ALoCoQlrprAWJficuTSF7agZeFKvvvDAm5MQ91aKTFf7fq5kp5V8NorFkIs92vCTNCaZnVx0qEfi X-Received: by 10.140.145.1 with SMTP id 1mr19558412qhr.63.1427510228237; Fri, 27 Mar 2015 19:37:08 -0700 (PDT) Received: from [10.0.0.17] ([96.57.23.82]) by mx.google.com with ESMTPSA id 77sm2830872qhg.16.2015.03.27.19.37.07 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 27 Mar 2015 19:37:07 -0700 (PDT) From: Ruben Safir X-Google-Original-From: Ruben Safir Message-ID: <551614D1.5090502-at-my.liu.edu> Date: Fri, 27 Mar 2015 22:41:21 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: Chris Murphy CC: oS-en , Hangout Subject: [NYLXS - HANGOUT] Re: [opensuse] On Mulitboot with UEFI References: <55155268.8030802-at-antonaylward.com> <5515559F.1040908-at-dodin.org> <55159D32.4000304-at-earthlink.net> <5515A0F1.4020207-at-my.liu.edu> In-Reply-To: Content-Type: multipart/alternative; boundary="------------060304030007010702030600" Sender: owner-hangout-at-mrbrklyn.com Precedence: bulk Reply-To: hangout-at-nylxs.com [NYLXS: HANGOUT] X-BeenThere: hangout-at-nylxs.com X-Mailing-list: hangout-at-nylxs.com Precedence: list List-Id: NYLXS General Discussion Forum List-Unsubscribe: List-Archive: List-Post: List-Help: List-Subscribe: This is a multi-part message in MIME format. --------------060304030007010702030600 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit On 03/27/2015 03:22 PM, Chris Murphy wrote: > Boot kits are a real problem, and Secure Boot does solve that problem. no, it has created them. it has created serious ones also. Where as before you had a stupid device that walked through ROMs and dependent on the actual presense of hardware, you have now replaced that is a fully intelligent OS that has attack vectors all along the boot process. It is a nasty business. ~~~~~~~~~~~~~~~~~~~~~ On Fri, Mar 27, 2015 at 12:26 PM, Ruben wrote: > The permutations now with UEFI is broad. It is really a big PIA. You > just keep hoping it goes away, but it doesn't because it is backed by > industrial consortium(s) who hate your access to systems. It solves > NOTHING. All the key parts of it that needed to be solved were solved > with gpart. Boot kits are a real problem, and Secure Boot does solve that problem. The new problem is the firmware itself is vulnerable, and the drive's firmware is vulnerable. And one of the solutions for this is Intel Boot Guard, which comes with its own pile of concerns. http://mjg59.dreamwidth.org/33981.html I think a much bigger part of the problem is this is still the dark ages of computer security, more so than companies who hate user access to systems. They're basically using hammers to fix problems that require the development of scalpels. There's no guarantee that will happen, so it's appropriate to remain skeptical and critical, but I wouldn't default to assuming all companies want to sabotage you either. I mean, ultimately that Intel or AMD or ARM CPU in your computer, and the board its on, is proprietary hardware. And if you don't trust the hardware, well then all bets are off anyway. > Distros approaches to solving the multiple hurdles is indeed different > for each one. You can write a book on this topic and it does not go > away with a wave of the hand.... it doesn't. Yep you're right. It's just annoying. -- Chris Murphy --------------060304030007010702030600 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit On 03/27/2015 03:22 PM, Chris Murphy wrote: cite="mid:CAJCQCtSTPowWkJZdNP-LpbXh19vz-bDjsAuvQ+ecO7X=Tme6Ow-at-mail.gmail.com" type="cite"> Boot kits are a real problem, and Secure Boot does solve that problem. no, it has created them. it has created serious ones also. Where as before you had a stupid device that walked through ROMs and dependent on the actual presense of hardware, you have now replaced that is a fully intelligent OS that has attack vectors all along the boot process. It is a nasty business. ~~~~~~~~~~~~~~~~~~~~~ style="font-family: -moz-fixed; font-size: 12px;" lang="x-unicode"> On Fri, Mar 27, 2015 at 12:26 PM, Ruben <ruben.safir-at-my.liu.edu> wrote: The permutations now with UEFI is broad. It is really a big PIA. You just keep hoping it goes away, but it doesn't because it is backed by industrial consortium(s) who hate your access to systems. It solves NOTHING. All the key parts of it that needed to be solved were solved with gpart. Boot kits are a real problem, and Secure Boot does solve that problem. The new problem is the firmware itself is vulnerable, and the drive's firmware is vulnerable. And one of the solutions for this is Intel Boot Guard, which comes with its own pile of concerns. http://mjg59.dreamwidth.org/33981.html I think a much bigger part of the problem is this is still the dark ages of computer security, more so than companies who hate user access to systems. They're basically using hammers to fix problems that require the development of scalpels. There's no guarantee that will happen, so it's appropriate to remain skeptical and critical, but I wouldn't default to assuming all companies want to sabotage you either. I mean, ultimately that Intel or AMD or ARM CPU in your computer, and the board its on, is proprietary hardware. And if you don't trust the hardware, well then all bets are off anyway. Distros approaches to solving the multiple hurdles is indeed different for each one. You can write a book on this topic and it does not go away with a wave of the hand.... it doesn't. Yep you're right. It's just annoying. -- Chris Murphy --------------060304030007010702030600--