Somebody please tell the iPhone dev team that baseband security is so bad. They've been terrible at finding and exploiting these problems since the A5 baseband in the iPhone 4S.

â¦. :-P

Probably the larger issue that drives this is that they can do *some* kind of check on the system before they hand over the BluRay decryption keys. That way they have some leverage over somebody who would⦠I don't know⦠get the master key and use it on their BluRay player binary.

Well there's not really an argument as to if a giant picture of Saturn is cool or worthy of attention on /. so... not much to say?

Easy portability from OS X to Linux/FreeBSD.

Many programmers and server admins moved to OS X as their desktop machine because of its Unix base. You can have a nice desktop, commercial app support, and not be far away from a command line environment.

If GNUStep can get compatibility, then developers can cross target OS X and Linux with their apps.

Windows has nothing in common with Linux. All you're doing by throwing money at Wine is perpetuating the Windows Way Of Programming. At least with GNUStep it starts with the assumption of Linux or BSD Unix.

I know you want to be like x86 != ARM, which is fair, but UEFI == UEFI

It would be great if you could just uncheck a checkbox at boot time, but this standard was made so that you can remove that checkbox and still claim standards compliance. That's the rub.

You're not forced to install antivirus programs nor is there a scheme to prevent you from removing them.

I'm not speculating about "people," I'm talking about the "people" accused of turning their brains off when Secure Boot gets brought up. These are the same people who don't like the locked bootloaders on the iPad and especially on Android phones and tablets.

What *is* the same between the Surface Pro and the Surface (RT), is that UEFI and Secure Boot are being used.

Back to the original topic, this is why people do not want Secure Boot. Here is a company taking the standard and doing *exactly* what people were afraid the company would do with it. It's no longer "speculation."

Sure... for x86 machines. I assume you mean

http://technet.microsoft.com/en-us/windows/dn168167.aspx

where they have four requirements, one of which is "They must allow the user to completely disable Secure Boot."

Now, for the Win RT version of Surface

http://support.microsoft.com/kb/2800988

"If the computer is running Windows RT, Secure Boot cannot be disabled."

Hmmmmmmmmmmmmmm

Except the OEM can prevent this from being an option for you.

Do Google Play downloads go over SSL? Does Google Play fail to work if the SSL verification fails against the installed CAs? Does that Raspberry Pi have its SSL cert installed on the phone?

It's not that easy...

(...or maybe it is, I'm assuming Google wasn't stupid when it comes to the first two questions.)

Why do the OEMs get to add keys? Why can't I load the key myself from UEFI or another side channel?

This is why secure boot triggers "do not want." Motherboard manufacturers are trying to wedge themselves in as gatekeepers where they were previously not.

Yes, I mean UMS.