I don't understand much about this issue (which has been discussed occasionally on this forum) but this looks as though it might be an approach, if it ever actually happens:
http://www.h-online.com/open/news/item/ ... 61089.html
It strikes me that any solution needs to be easy for users. We were all newbies once, and any need for some scary fix right at the beginning would probably weed out ninety percent of newcomers at the first hurdle. What I mean is, it doesn't matter if this is something that can easily be dealt with by any half-competent Linux user. The key audience is people who have only ever used WIndows, and just downloaded their first live CD.
Happy New Year everybody!
Windows secure boot
Re: Windows secure boot
It's happening and it will not be easymimosa wrote:I don't understand much about this issue (which has been discussed occasionally on this forum) but this looks as though it might be an approach, if it ever actually happens...
http://distrowatch.com/weekly.php?issue=20121126#qa
“Don’t you see that the whole aim of Newspeak is to narrow the range of thought?"
Re: Windows secure boot
Is anyone thinking of taking Microsoft to court over this for anti-competitive practices or something like that?
A friend of mine was on the point of giving Linux a serious try after his bank details were stolen by a keylogger, but then backed out because his bank "strongly recommended" the use of some banking security software that only works on Windows (maybe Mac too). While he understood my assurances that he wouldn't have any security problems with Linux, his concern was that if he did nonetheless have such trouble again, the bank would refuse to reimburse him if he didn't have said software (and therefore said OS to run it on). The bank might well not have a leg to stand on if they tried to take that tack, but just the thought was enough to give my friend cold feet.
I can envisage a similar issue about secure boot, that banks or other companies that handle sensitive data may come to "recommmend" it or consider use of machines without it as customer negligence.
The attraction of the approach I linked to in the initial post is that it works with secure boot (as far as I understand it) rather than disabling it, so maybe these particular problems (banking etc) wouldn't arise; also maybe it would be possible to make the process smoother for people with a Ubuntu (or Salix) live CD. But then if that's possible, I suppose you lose the supposed security advantages ...
Arrrggghhh!!
A friend of mine was on the point of giving Linux a serious try after his bank details were stolen by a keylogger, but then backed out because his bank "strongly recommended" the use of some banking security software that only works on Windows (maybe Mac too). While he understood my assurances that he wouldn't have any security problems with Linux, his concern was that if he did nonetheless have such trouble again, the bank would refuse to reimburse him if he didn't have said software (and therefore said OS to run it on). The bank might well not have a leg to stand on if they tried to take that tack, but just the thought was enough to give my friend cold feet.
I can envisage a similar issue about secure boot, that banks or other companies that handle sensitive data may come to "recommmend" it or consider use of machines without it as customer negligence.
The attraction of the approach I linked to in the initial post is that it works with secure boot (as far as I understand it) rather than disabling it, so maybe these particular problems (banking etc) wouldn't arise; also maybe it would be possible to make the process smoother for people with a Ubuntu (or Salix) live CD. But then if that's possible, I suppose you lose the supposed security advantages ...
Arrrggghhh!!
Re: Windows secure boot
As I have been installing Linux since 1995, I am here to tell you The Early installers and Lilo scared the Hell out of many a potential Linux users in the early 90s. Not to mention the lack of package managers and all the compiling. However they came, persevered and Conquered.
In short I don't believe the need for a Shim loader with a Security Key will stop those wanting Linux.
That I base on How comparibly more scarey and difficult it had been in the early days.
Just wait a bit and we will see a method for automating the Key on the horizon.
Linux today has a Lot more to offer.
....Not to Worry!
In short I don't believe the need for a Shim loader with a Security Key will stop those wanting Linux.
That I base on How comparibly more scarey and difficult it had been in the early days.
Just wait a bit and we will see a method for automating the Key on the horizon.
Linux today has a Lot more to offer.
....Not to Worry!
Slackware ( Manjaro ) Salix, AntiX, Bunsen, Calculate
Re: Windows secure boot
I can remember being quite scared myself, and it was certainly much easier by the time I started out. The biggest fear for many people is that you might not be able to go back to Windows. 
However those first steps surely have got gradually less scary overall, and that means increasing the potential user base for Linux.
You are surely right that bright sparks around the globe have smoother solutions for secure boot in the pipeline.
However those first steps surely have got gradually less scary overall, and that means increasing the potential user base for Linux.
You are surely right that bright sparks around the globe have smoother solutions for secure boot in the pipeline.
Re: Windows secure boot
@ mimosa
You could suggest to your friend to try secure banking using a Linux LiveCd/LiveUSB...
http://billmullins.wordpress.com/2011/0 ... x-live-cd/
What can I say about banks? They are going to look for any excuse to blame the "customer". It's best to take responsibility for your own security and that means I wouldn't trust any Windows installation with all the Firewall/AV/Anti-Malware bells and whistles... well, perhaps I would trust it, but it's too much hard work and money to maintain.
You could suggest to your friend to try secure banking using a Linux LiveCd/LiveUSB...
http://billmullins.wordpress.com/2011/0 ... x-live-cd/
What can I say about banks? They are going to look for any excuse to blame the "customer". It's best to take responsibility for your own security and that means I wouldn't trust any Windows installation with all the Firewall/AV/Anti-Malware bells and whistles... well, perhaps I would trust it, but it's too much hard work and money to maintain.
Re: Windows secure boot
Quite so - that solution should be paranoia-proof - but the trouble is he is intimidated into going by what the *banks* think is secure, not what he thinks himself. What matters to him isn't security so much as being covered if the security nonetheless fails.using a Linux LiveCd/LiveUSB.
That wouldn't be my attitude (indeed, I happily bank online, trusting in the security of my system), and I agree with everything you say. To me the biggest issue is who the hell are my bank to tell me what is secure and what isn't! But then, I suspect Linux tends to draw such attitudes out in its users over time.
Re: Windows secure boot
Now that I really like....The biggest fear for many people is that you might not be able to go back to Windows.
Slackware ( Manjaro ) Salix, AntiX, Bunsen, Calculate