Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:So does this mean.... (Score 1) 133

by peppepz (#49360095) Attached to: Microsoft Releases Windows 10 SDK

Wrong. It does prevent the kinds of malware and rootkits that operate by modifying the bootloader.

1) Whatever it does, it can be nullified by malware that gains root-level access AFTER the OS has booted (which is the norm). And if the malware managed to modify the bootloader, of course it has already gained that access, hence no effective protection is added, UNLESS you are running a machine that doesn't allow unsigned software to run (EXEs, batch scripts, stuff written by the user) that could have been installed or patched by the malware. But clearly this is not Windows as we know it today.
Moreover, locking down the machine (this is the only firmware behaviour authorized by Microsoft when the so-called Secure Boot restriction is violated) is arguably the worst outcome for desktop users, as they will be left with no way to service the machine (beyond running "rescue partitions" which of course are static and therefore can't contain anti-malware software), and with no access to their data.
2) Malware that operates by modifying the boot sequence is extremely rare today, because it must target specific hardware, and is associated with government-sponsored attacks. Of course, three-letter agencies are only a piece of paper away from having their malware signed with legitimate keys.

and harmful thing

Cite specifically the "harm".

Read the thread. I'm no parrot.

Well, now it's no longer true, as widely expected by the hysterical idiots.

And being hysterical idiots you and the rest of them still haven't figured out that in fact it is still true, in fact unless some OEM makes the choice to not include the ability to turn it off it will remain true.

"Unless" is they key word here.

Describe exactly how the OEM being responsible for their product is "anti-competitive, anti-consumer and anti-free software behaviour", because that does not make any sense in any context whatsoever.

Imagine that I am an operating system vendor and I want to sell an OS. Describe exactly what I have to tell my customers before I sell them my OS.

Imagine that I know an unskilled person (grandma) running an old version of Windows that is no longer supported on an otherwise perfectly fine machine. Describe exactly what I have to tell her before I propose to install Linux, or a commercial OS costing less than the new version of Windows, on her PC.

Imagine that I am a student and I've heard about this Linux thing. I'd like to try it on my PC that I bought off a shelf a couple years ago. Describe exactly what I should do to try Linux on my machine, fix it when it doesn't work and add new features to its kernel.

Comment: Re:So does this mean.... (Score 1) 133

by peppepz (#49359993) Attached to: Microsoft Releases Windows 10 SDK

Absolute, 100% rubbish! Show me an OEM that does not provide the ability to turn secure boot off.

I don't know if you're the same Microsoft supporter as before, but in case you aren't, I'll repeat that we are talking about "designed for Windows 10" machines which aren't for sale yet.

Impossible, no machine could ever be sold without the capability to boot from an external device, as this would prevent installing Microsoft Windows on it.

Wrong again, they can easily install it and then lock you out of the BIOS.

No, because that would prevent the user from buying copies of future versions of Microsoft Windows.

Bullshit. The OEMs should be held accountable if they make the choice to produce a product that doesn't allow secureboot to be turned off. Why are you so desperate to defend the OEMs as some blameless, unaccountable entity?

Because the OEMs are known not to care about letting the users fiddle with advanced boot options. They are also known to make firmware that, for example, will crash the machine from SMM when running a non-Windows OS: I've owned such PCs (that bug was meant to be a fix to make Windows 2000 run on that hardware). If the machines they make don't boot Linux, it's because they don't care, or haven't the resources to support Linux, not because of malice. But it's Microsoft who put these hurdles for them (and the users) to overcome. It's their decision that will lock people out of their own PCs, not the disinterest of the OEMs, which has always been there and is not changing.

Do you also blame Google for not forcing everybody who makes Android devices to provide an unlocked bootloader and root-level access on phones?

Yes of course. That's where I usually lose most of my karma points.

can you give a non-malicious explanation about why the requirement of being able to disable the so-called Secure Boot is being lifted now?

Less overhead in the certification process perhaps

You've just admitted that there's "overhead" in the overall process of the OEM to add an option that disables the so-called Secure Boot. Hence, OEMs that want to get rid of this "overhead" WILL remove the option. Thanks for proving my point.

but likely pushed by the OEMs as a way to try and sell both their Windows and Linux offerings separately rather than just one and have the user dual-boot it.

That is, to keep Linux out of of the users' PC as I've been stating from the beginning!

If MS wanted to stop Linux they would be offering huge discounts to OEMs to not ship Linux (and Android) devices and to only ship Windows.

My friend, in this world pressures against OEMs are the norm, not an exception.

In recent years despite Linux on the desktop being offered pre-installed from big box retailers, available in the form of ChromeOS, available pre-installed systems from Dell, HP, Lenovo and others, free of charge, easy to install and even with the ability to try *without* installing the desktop PC userbase has *still* rejected it, it hasnt made any gains at all.

I'm not denying that Linux users are a minority. I'm stating that they risk to become zero thanks to these dirty tricks. And this will harm the market of Linux on the servers, too, because of the way how people become Linux contributors. And I'm stating this in a comment which, if you bother to read, was meant as a response to someone who said "Microsoft supports Linux now".

If they really wanted to lock out alternative operating systems they would have done it decades ago when they actually saw Linux on the desktop as a threat.

They have been doing stuff like this endlessly for decades. Remember Bill Gates' "we should make ACPI Windows-only" in the 90s?

Comment: Re:So does this mean.... (Score 1) 133

by peppepz (#49359929) Attached to: Microsoft Releases Windows 10 SDK
A statement is true when it's always true, not when it's true sometimes and sometimes not. You didn't even bother following the line of reasoning.
Microsoft supporter: "SecureBoot is useful and gives no problem to the user"
Me: "No, it's unuseful and here's how it harms the user"
Microsoft supporter: "Eh, but you can always turn it off"
Me: "Not anymore."

Comment: Re:So does this mean.... (Score 1) 133

by peppepz (#49342657) Attached to: Microsoft Releases Windows 10 SDK

And the OEMs provide a switch to turn it off.

That's not true any more. That's the news. People will install Linux on their laptops, find out that hibernation isn't working because of the so-called Secure Boot restrictions, get angry, and just give up Linux and go back to Windows and its world of post-boot malware.

That is the OEMs choice, just like is their choice whether to even give you access to the BIOS.

Impossible, no machine could ever be sold without the capability to boot from an external device, as this would prevent installing Microsoft Windows on it.

We've seen the same thing with default BIOS passwords before too, the hysterical idiots crying "what if the OEMs dont tell us the passwords?!".

Actually, what we have seen is that people saw the so-called Secure Boot as the unuseful and harmful thing that it is, and a limited number of Microsoft supporters labeled them as hysterical idiots pointing at the fact that it could always be disabled. Well, now it's no longer true, as widely expected by the hysterical idiots.

Blaming Microsoft when the onus is on the OEM is obvious stupidity or intentional malicious misdirection.

Leaving aside the fact that "leaving the onus on the OEM" already is an anti-competitive, anti-consumer and anti-free software behaviour, since you are less malicious than me, can you give a non-malicious explanation about why the requirement of being able to disable the so-called Secure Boot is being lifted now? What problem are MS trying to solve? The rising wave of hypno-malware that induces users to enter the firmware setup utility on their machines and disable boot restrictions?

Comment: Re:So does this mean.... (Score 1) 133

by peppepz (#49334557) Attached to: Microsoft Releases Windows 10 SDK
Certainly I can't tell you about specific negative effects from the so-called Secure Boot, since the lack of a way to disable it is a proposed feature of Windows 10 which, as you certainly know, hasn't hit the markets yet. I could tell you about the large amounts of malware that I have had to remove so far from Windows 8.1 update 1 machines notwithstanding their so-called Secure Boot feature in place, but I suspect that wouldn't be the kind of story that you want to hear. As for pointing fingers, when somebody gets eaten by a lion, I don't point the finger to the lion, but to the person who opened its cage. Bear with me.

What's my complaint, you ask. My complaint, I'm sorry if it wasn't clear, is not being able to install the software that I want on the PC that I own. Everyone around here has understood perfectly what's going on: the so-called Secure Boot adds no security on a system where the user is able to install third-party software (or his own) and therefore it is merely an obstacle put in place by Microsoft (not the UEFI forum, not the OEMs, not anyone else) to make it harder for end users to replace Windows with something else. Being upset for this is not an "emotional problem against Microsoft", it is a very pragmatic stance. If anything, if you want to see something emotional, it's calling a company which behaves this way as "the new Microsoft that supports Linux", which is the reason I bothered to write my original comment. And that's, of course, a perfectly acceptable emotional behaviour; we'd be robots without emotions. A less laudable kind of emotional behaviour is making personal attacks about the richness of my vocabulary. Yes, my English skills are limited. But being able to master a wider portion of the English language won't help me when I get a blinking cursor because I tried to remove Windows, or because a malware has modified some image measured by the so-called Secure Boot infrastructure.

Comment: Re:So does this mean.... (Score 1) 133

by peppepz (#49327531) Attached to: Microsoft Releases Windows 10 SDK
This is unacceptable for so many reasons, do I really need to enumerate them all, once again? We've already gone through this when the "new" Microsoft forced on the OEMs (and therefore the users) the so-called Secure Boot restriction for Windows 8; back then all Microsoft supporters claimed that it wasn't a big deal precisely because there was the warranty of being able to disable it.

Comment: Re:So does this mean.... (Score 0) 133

by peppepz (#49326813) Attached to: Microsoft Releases Windows 10 SDK
Of misdirected, here, is your failure to comprehend the implications of removing in general the ability to install an operating system other than Windows on the PC architecture. For competition in general, and in particular for an operating system which is developed by end users who install it on their home PCs.

Comment: Re:Ban teachers union (Score 4, Insightful) 213

by peppepz (#49319045) Attached to: Finland's Education System Supersedes "Subjects" With "Topics"

Why do I need a union?

Unions lobby the government to make them pass laws that make your work life more enjoyable even if you don't belong to one. This is needed to counter balance the lobbying power of the employers. For example, if fire breaks out at the place where you work, most probably you'll find fire extinguishers and emergency exits, and this fact is not due to your employer's benevolence or your professionality: your employer would be compelled by market forces to make you work in a dangerous place, if there weren't laws in place preventing malevolent employers from competing with him.

I'm not impoverished, despite you saying I should be without a union...

You don't need to be a communist to actually believe in the role of unions: the IMF, certainly not a lair of leftists, found out that inequality and poverty rise when the power of unions falls.

Comment: Re:Some pedants are more pedantic than others... (Score 1) 667

by peppepz (#49264811) Attached to: Why There Is No Such Thing as 'Proper English'

The use of "was" as in past tense and "was" as in the subjunctive are actually in mutually exclusive use. That's why English even bothered to lose the subjunctive in the first place.

Hello, English learner here, what about the case of a sentence that *was* true in the past (not "might have been true" as the GP suggests)?

"If I was fooled, that's because I wasn't careful enough."

"If I were fooled, I'd be sorry now."

Comment: Re:It could've been worse ... oh wait.... (Score 0) 136

by peppepz (#49039229) Attached to: Microsoft Fixes Critical Remotely Exploitable Windows Root-Level Design Bug
The interesting part is not so much that they're no longer fixing bugs in Windows Server 2003, but rather the reason why they aren't:

Although Windows Server 2003 is an affected product, Microsoft is not issuing an update for it because the comprehensive architectural changes required would jeopardize system stability and cause application compatibility problems.

In practice they're admitting that Windows 2003 is so broken by design that not even them can fix it without causing problems. I'd like to hear now the opinion of those who were lamenting over the quality of open source software after the heartbleed bug.

I never cheated an honest man, only rascals. They wanted something for nothing. I gave them nothing for something. -- Joseph "Yellow Kid" Weil

Working...