From: Andreas Boman <aboman@eiwaz.com>
To: Linus Torvalds <torvalds@transmeta.com>
Cc: Andre Hedrick <andre@linux-ide.org>,
Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Flame Linus to a crisp!
Date: 24 Apr 2003 13:32:55 -0400 [thread overview]
Message-ID: <1051205575.29446.98.camel@asgaard.midgaard.us> (raw)
In-Reply-To: <Pine.LNX.4.44.0304232204480.19326-100000@home.transmeta.com>
On Thu, 2003-04-24 at 01:16, Linus Torvalds wrote:
> On Wed, 23 Apr 2003, Andre Hedrick wrote:
> >
> > Now the digital signing issue as a means to protect possible embedded or
> > distribution environments is needed. DRM cuts two ways and do not forget
> > it!
>
> This is _the_ most important part to remember.
>
> Security is a two-edged sword. It can be used _for_ you, and it can be
> used _against_ you. A fence keeps the bad guys out, but by implication the
> bad guys can use it to keep _you_ out, too.
>
> The technology itself is pretty neutral, and I'm personally pretty
> optimistic that _especially_ in an open-source environment we will find
> that most of the actual effort is going to be going into making security
> be a _pro_consumer_ thing. Security for the user, not to screw the user.
>
Ofcourse the efforts by the OSS community will focus on security for the
user, and better security is something we all want. No arguments there.
> Put another way: I'd rather embrace it for the positive things it can do
> for us, than have _others_ embrace it for the things it can do for them.
I agree that the licence does/should not disallow signing. However I
don't see how that is tied to "the current DRM initiative" though
(perhaps im just clueless, I have no doubt that you know more of the
details of DRM than I do). We can do this today. There are patches out
there that let the kernel refuse to run unsigned userspace code.
Hardware dongles have been in existence for eons.
It seems to me that embracing DRM will in the near future allow linux
distro vendors to ship signed binaries, to allow their users to use any
online services that will require a DRM operating system. Perhaps that
is the positive things you refer to.
Further in the future it will allow linux to exist as a current OS,
after we get DRM enabled hardware that refuse to boot unsigned kernels.
Larger linux vendors can afford to have their kernels (and userspace)
signed by $signing_entity. Perhaps they will be able to purchase some
'licence to sign' on their own from hardware vendors, and not have to
wait a few months to get that latest kernel with the 2 liner buffer
overflow patch released.
> > For those not aware, each and every kernel you download from K.O is DRM
> > signed as a means to authenticate purity.
>
> Yup. And pretty much every official .rpm or .deb package (source and
> binary) is already signed by the company that made that package, for
> _your_ protection. This is already "accepted practice", so allowing
> signing is not something new per se, including on a binary level.
Sure, but today a signed kernel from $vendor doesnt prevent me from
running a program I compiled myself, the signature only shows me that
the kernel infact came from $vendor and if I trust that vendor, I can
now trust that kernel.
> So what I hope this discussion brings as news is to make people aware of
> it. And that very much includes making people aware of the fact that there
> are some scary sides to signing stuff
I don't feel signing stuff has any scary sides. The scary part is that
*my* signature will be worthless, and I'm scared that in 10 years I wont
be able to boot my own kernels, or run my own userspace code.
In the near future I'm worried about the fact that I could become second
class netizen if I dont run a signed $large_linux_vendor kernel and
userspace chain all the way up to a signed mozilla. I quite like paying
my bills on-line.
Ofcourse thoose things would most likely happen weather linux embraced
DRM or not, exept that if linux did not allow signing we would all be
forced to use another operating system, exept on that one still working
old slow quad xeon box that really doesnt do much, it cant even connect
to the internet since its packets arent signed, but its a fun toy to
play with and think about the good 'ol days when we could boot linux.
> - and that they're par for the
> course, and part of the package. I know for a fact that a number of
> people were hoping for the upsides without any of the downsides. That's
> not how it works.
I believe the proverb goes: "Du kan inte äta kakan och ha den kvar."
(You can't eat the cookie and still have it left).
Andreas
next prev parent reply other threads:[~2003-04-24 17:21 UTC|newest]
Thread overview: 230+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-24 3:59 Flame Linus to a crisp! Linus Torvalds
2003-04-24 4:40 ` Joel Jaeggli
2003-04-24 4:43 ` Greg KH
2003-04-24 4:57 ` Linus Torvalds
2003-04-24 5:02 ` Clemens Schwaighofer
2003-04-24 5:39 ` viro
2003-04-24 5:56 ` Valdis.Kletnieks
2003-04-24 8:46 ` Dax Kelson
2003-04-24 9:46 ` Clemens Schwaighofer
2003-04-24 10:54 ` Felipe Alfaro Solana
2003-04-25 0:07 ` Clemens Schwaighofer
2003-04-24 4:54 ` Andre Hedrick
2003-04-24 5:16 ` Linus Torvalds
2003-04-24 13:08 ` Shawn
2003-04-24 20:12 ` Kenneth Johansson
2003-04-24 17:32 ` Andreas Boman [this message]
2003-04-24 17:41 ` William Lee Irwin III
2003-04-24 19:39 ` Balram Adlakha
2003-04-26 17:05 ` Riley Williams
2003-04-24 5:02 ` Mark J Roberts
2003-04-24 5:13 ` Clemens Schwaighofer
2003-04-24 5:15 ` William Lee Irwin III
2003-04-24 5:43 ` Linus Torvalds
2003-04-24 6:15 ` William Lee Irwin III
2003-04-24 7:44 ` Jamie Lokier
2003-04-24 8:03 ` Jan-Benedict Glaw
2003-04-25 1:16 ` Jan Harkes
2003-04-25 1:35 ` Stan Bubrouski
2003-04-24 8:16 ` John Bradford
2003-04-24 8:31 ` Jamie Lokier
2003-04-24 8:59 ` John Bradford
2003-04-24 8:50 ` Jamie Lokier
2003-04-24 14:45 ` Linus Torvalds
2003-04-24 15:00 ` Jeff Garzik
2003-04-24 19:03 ` Daniel Phillips
2003-04-24 19:32 ` Timothy Miller
2003-04-24 19:22 ` Linus Torvalds
2003-04-24 20:19 ` Jamie Lokier
2003-04-24 20:35 ` Timothy Miller
2003-04-24 19:39 ` Balram Adlakha
2003-04-24 21:02 ` Jamie Lokier
2003-04-24 18:58 ` Daniel Phillips
2003-04-24 21:08 ` Jamie Lokier
2003-04-24 21:37 ` Timothy Miller
2003-04-24 21:30 ` Jamie Lokier
2003-04-24 21:38 ` John Bradford
2003-04-25 3:20 ` Shawn
2003-04-25 5:47 ` Jamie Lokier
2003-04-25 7:02 ` John Bradford
2003-04-25 8:05 ` Simple x86 Simulator (was: Re: Flame Linus to a crisp!) Steven Augart
2003-04-25 15:38 ` Timothy Miller
2003-04-25 16:10 ` John Bradford
2003-04-25 11:44 ` Antonio Vargas
2003-04-25 8:52 ` Flame Linus to a crisp! Helge Hafting
2003-04-25 14:03 ` Mike Dresser
2003-04-24 21:42 ` Russell King
2003-04-25 6:08 ` Jan-Benedict Glaw
2003-04-25 11:46 ` Antonio Vargas
2003-04-24 10:57 ` Giuliano Pochini
2003-04-24 22:51 ` Adrian Bunk
2003-04-24 7:55 ` Jamie Lokier
2003-04-24 8:37 ` Andreas Jellinghaus
2003-04-24 8:59 ` Jamie Lokier
2003-04-24 12:52 ` Andreas Jellinghaus
2003-04-24 15:37 ` Timothy Miller
2003-04-24 18:35 ` Alan Cox
2003-04-24 20:46 ` Timothy Miller
2003-04-24 20:50 ` Jamie Lokier
2003-04-24 21:03 ` Chris Adams
2003-04-24 22:29 ` Werner Almesberger
2003-04-24 22:41 ` Jamie Lokier
2003-04-24 22:54 ` Werner Almesberger
2003-04-25 0:26 ` Jamie Lokier
2003-04-24 22:41 ` Alan Cox
2003-04-27 14:21 ` Matthias Andree
2003-04-27 16:13 ` Stephan von Krawczynski
2003-04-27 16:59 ` Why DRM exists [was Re: Flame Linus to a crisp!] Larry McVoy
2003-04-27 17:04 ` Ben Collins
2003-04-27 17:34 ` Michael Buesch
2003-04-27 18:41 ` Henrik Persson
2003-04-27 17:35 ` Måns Rullgård
2003-04-27 17:49 ` Mirar
2003-04-27 23:15 ` H. Peter Anvin
2003-04-27 17:59 ` Michael Buesch
2003-04-27 21:28 ` Alan Cox
2003-04-28 1:48 ` rmoser
2003-04-28 9:05 ` Måns Rullgård
2003-04-28 10:44 ` The X-Window System John Bradford
2003-04-28 14:37 ` Herman Oosthuysen
2003-04-28 16:28 ` uaca
2003-05-06 3:55 ` Miles Bader
2003-04-27 18:07 ` Why DRM exists [was Re: Flame Linus to a crisp!] Matthias Schniedermeyer
2003-04-27 18:35 ` Chris Adams
2003-04-27 18:50 ` Larry McVoy
2003-04-27 19:11 ` Davide Libenzi
2003-04-27 20:13 ` Frank van Maarseveen
2003-04-27 20:34 ` walt
2003-04-27 21:26 ` Alan Cox
2003-04-27 22:07 ` Ross Vandegrift
2003-04-27 22:32 ` Larry McVoy
2003-04-27 22:05 ` Alan Cox
2003-04-27 23:28 ` Larry McVoy
2003-04-28 0:06 ` Ross Vandegrift
2003-04-28 11:03 ` Alan Cox
2003-04-29 18:06 ` Timothy Miller
2003-04-28 9:06 ` Eric W. Biederman
2003-04-28 14:55 ` Michael Buesch
2003-04-28 20:04 ` Matthias Schniedermeyer
2003-04-28 20:18 ` Larry McVoy
2003-04-28 20:22 ` Chris Adams
2003-04-28 21:24 ` Larry McVoy
2003-04-28 21:40 ` Roman Zippel
2003-04-28 22:13 ` Alan Cox
2003-04-28 22:16 ` Alan Cox
2003-04-29 0:09 ` Larry McVoy
2003-04-29 4:07 ` Dax Kelson
2003-04-29 5:08 ` Larry McVoy
2003-04-29 16:40 ` Scott Robert Ladd
2003-04-29 21:45 ` Helge Hafting
2003-04-30 9:58 ` Jamie Lokier
2003-04-30 15:06 ` Scott Robert Ladd
2003-04-29 5:59 ` Theodore Ts'o
2003-04-29 16:41 ` Scott Robert Ladd
2003-04-29 14:35 ` Alan Cox
2003-04-27 22:34 ` Matthias Andree
2003-04-27 22:51 ` Matthew Kirkwood
2003-04-27 23:53 ` Larry McVoy
2003-04-28 0:00 ` rmoser
[not found] ` <20030428001001.GP23068@work.bitmover.com>
2003-04-28 0:19 ` rmoser
2003-04-28 0:37 ` Larry McVoy
2003-04-28 0:40 ` rmoser
2003-04-28 11:38 ` Jan-Benedict Glaw
2003-04-29 14:21 ` Timothy Miller
2003-04-29 14:27 ` Henrik Persson
2003-04-29 19:56 ` Timothy Miller
2003-04-29 20:35 ` Henrik Persson
2003-04-30 8:39 ` Jamie Lokier
2003-04-27 18:47 ` William Lee Irwin III
2003-04-27 18:56 ` Werner Almesberger
2003-04-27 19:20 ` Geert Uytterhoeven
2003-04-27 21:30 ` Jon Portnoy
2003-04-27 21:32 ` Alan Cox
2003-04-27 22:36 ` Larry McVoy
2003-04-27 21:56 ` Alan Cox
2003-04-27 23:08 ` Matthew Kirkwood
2003-04-27 22:16 ` Alan Cox
2003-04-27 23:35 ` Matthias Andree
2003-04-27 22:07 ` Matthias Andree
2003-04-28 0:36 ` Scott Robert Ladd
2003-04-28 9:57 ` Stephan von Krawczynski
2003-05-06 15:58 ` Henning P. Schmiedehausen
2003-05-07 14:44 ` Stephan von Krawczynski
2003-05-07 14:28 ` Alan Cox
2003-05-07 21:40 ` Henning P. Schmiedehausen
2003-05-07 22:16 ` Alan Cox
2003-05-08 0:33 ` Kurt Wall
2003-04-28 11:26 ` Jan-Benedict Glaw
2003-05-06 15:59 ` Henning P. Schmiedehausen
2003-04-28 22:50 ` Timothy Miller
2003-04-29 14:46 ` Jeffrey Souza
2003-04-29 15:16 ` venom
2003-04-30 9:35 ` Jamie Lokier
[not found] ` <20030427171007$6d24@gated-at.bofh.it>
2003-04-27 20:08 ` Why DRM exists Florian Weimer
2003-04-24 19:23 ` Flame Linus to a crisp! Jamie Lokier
2003-04-24 19:50 ` Balram Adlakha
2003-04-24 8:57 ` Arjan van de Ven
2003-04-24 9:19 ` Russell King
2003-04-24 11:38 ` Shachar Shemesh
2003-04-24 17:46 ` Shachar Shemesh
2003-04-24 14:59 ` Linus Torvalds
2003-04-24 12:39 ` Mark Mielke
2003-04-24 15:53 ` Elladan
2003-04-24 18:31 ` Daniel Phillips
2003-04-24 23:15 ` Werner Almesberger
2003-04-25 11:28 ` Eric W. Biederman
2003-04-27 1:31 ` Werner Almesberger
2003-04-27 1:59 ` David Wagner
2003-04-25 14:37 ` Daniel Phillips
2003-04-25 15:17 ` Valdis.Kletnieks
2003-04-25 17:37 ` Werner Almesberger
2003-04-26 21:59 ` Daniel Phillips
2003-04-26 13:00 ` Geert Uytterhoeven
2003-04-26 18:22 ` Linus Torvalds
2003-04-26 18:41 ` viro
2003-04-26 18:48 ` Linus Torvalds
2003-04-28 14:20 ` John Stoffel
2003-04-26 19:23 ` Michael Buesch
2003-04-28 10:35 ` Andre Hedrick
2003-04-28 12:12 ` Jörn Engel
2003-04-28 14:01 ` Zack Gilburd
2003-04-28 14:30 ` Geert Uytterhoeven
2003-04-26 18:21 ` Rik van Riel
2003-04-26 23:34 ` Jamie Lokier
2003-04-27 3:59 ` Werner Almesberger
2003-04-24 20:16 ` Nils Holland
2003-04-25 4:46 ` My take on Trusted Computing and DRM Joseph Pingenot
[not found] <20030424041004$113a@gated-at.bofh.it>
2003-04-24 4:53 ` Flame Linus to a crisp! Tony 'Nicoya' Mantler
-- strict thread matches above, loose matches on Subject: below --
2003-04-24 12:36 Downing, Thomas
2003-04-24 14:12 ` Timothy Miller
2003-04-24 22:48 ` Werner Almesberger
2003-04-25 12:29 ` Ragnar Hojland Espinosa
2003-04-25 15:45 ` Timothy Miller
2003-04-24 20:39 Downing, Thomas
2003-04-24 21:28 ` Jamie Lokier
2003-04-24 21:42 ` Daniel Phillips
2003-04-24 22:45 ` Alan Cox
2003-04-24 23:59 ` Daniel Phillips
2003-04-25 9:07 ` Helge Hafting
2003-04-25 13:01 ` David Luyer
2003-04-25 8:13 ` Andreas Jellinghaus
2003-04-25 19:12 ` Jamie Lokier
2003-04-25 20:56 ` Andreas Jellinghaus
2003-04-25 21:50 ` Jamie Lokier
2003-04-24 21:55 Daniel Callahan
2003-04-24 22:10 Downing, Thomas
2003-04-24 22:36 ` Jamie Lokier
2003-04-25 12:23 Downing, Thomas
2003-04-25 12:36 Downing, Thomas
2003-04-27 7:25 ` Adrian Bunk
2003-04-25 12:41 Downing, Thomas
2003-04-25 12:57 Downing, Thomas
[not found] <Pine.LNX.4.44.0304232012400.19176-100000@home.transmeta.co m>
2003-04-27 10:52 ` Houston, I think we have a problem Mike Galbraith
2003-04-27 14:41 ` Martin J. Bligh
2003-04-27 17:25 ` Mike Galbraith
2003-04-27 17:29 ` Martin J. Bligh
2003-04-27 17:41 ` Mike Galbraith
2003-04-27 17:54 ` Mike Galbraith
2003-04-28 5:17 ` Mike Galbraith
2003-04-28 6:15 ` Jan Harkes
2003-04-28 9:30 Flame Linus to a crisp! Martin_List-Petersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1051205575.29446.98.camel@asgaard.midgaard.us \
--to=aboman@eiwaz.com \
--cc=andre@linux-ide.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@transmeta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox