I think what bugs most people about secure boot is that it does not really address a threat most of us who actually own the machines face. Yes it maybe helps lock down some supply chain issues, but other than that I don't see it as really offering much in the way of system harding or increased security for 'me' or really anyone I know. Those of us industries and personal situations where supply chain type attacks are a realistic concern already had ways to mitigate root-kit like threats.
So who/what does benefit from 'secure boot' - content companies and commercial software vendors. The benefit to them is directly a harm to you - its taking away your freedom to modify the platform you used to own they get more control you get less. |
Quote:
We all know "smart"phones are excellent at doing important things and almost never used for unimportant and unproductive activity. We all know most programmers use their incredibly powerful and well designed device to program powerful software for the world and do important work. It's not like these devices are entirely unproductive and unable to do anything useful. http://blog.mediendesign-kiel.de/wp-...ne-zombies.png |
Quote:
If you wish to maintain the existing Microsoft configuration, then you are subject to the alterations that Microsoft applies through the Windows update process. Case in point - KB4535680: Security update for Secure Boot DBX: January 12, 2021 This moved the Microsoft Corporation UEFI CA 2011 into dbx, so any binaries that had been using that certificate would no longer load. Seems like no big deal until you realise that is the certificate used by Microsoft to sign non-Microsoft UEFI boot loaders, such as those used to load Linux or other operating systems. |
Quote:
For avoiding the issues and headaches with KB4535680 and its alike, we ensure that Slackware will NOT boot at all? :D |
Quote:
BTW and just FTR, I freely admit and am in fact proud to be a Microsoft Hater and for damned good reasons exactly like this one. From my POV the way to insure Slackware, and any other legit OpSys can boot is not to cave in to MS but oppose those sneaky, greedy rat bastids. They are STILL the company that called Linux "That virus!" and can't even be satisfied by 90+% market share. They are still the company that ruined personal, business, and government archives by changing those and backup formats for no other reason than to serve themselves by excluding everyone else. They are like a foot racer who doesn't train but just equips an AK-47 and mows down all their competitors, real and imagined. I don't disallow they have had some good effects on popularizing computing and fill a valid niche, but I consider the net result a loss. |
1 Attachment(s)
Quote:
|
Quote:
In fact, the future possible Slackware user will not even bother why the Slackware DVD does not boot on his box, but will conclude that Slackware is not compatible, then will download Ubuntu and will install it with no issues. From his POV, the Slackware installer just does not to work on his particular hardware. |
Quote:
https://www.youtube.com/watch?v=nB8LflLMiCQ |
True, LuckyCyborg, and I won't be buying any such hardware. As usual any hardware I buy that supports Free and Open Linux, I always mention when I register the device that I bought from them exactly because of that support and didn't buy from numerous of their competitors that don't support what I need. Sure, I'm only one person, but I'm not about to let it be Zero just because others find it easier to cave.
|
About Windows 11:
- What Slackware can to do now ? - It simple, how to in Company Of Heroes Game (1), Dropping the Smoke ! Reason: COH is AImed, and can run in Slackware, w/o STEAM ! http://www.slackware.com/~msimons/slackware/grfx/ See also: Company Of Heroes 3 Advance: " Japan Assault " ;-) https://relic.com |
What's the TPM2 issue? Windows 11 makes tpm 2 mandatory? Does it make mandatory that secure boot be turned on?
In that case maybe you can use the same shim Debian has, then use your own signing key for whatever else has to be measured or whatever. Does Slackware have to do anything to support that? Sounds more like someone just writes a howto and people who need or want Secure Boot turned on follow it. https://wiki.debian.org/SecureBoot#Shim Or, I don't know why anyone would want to run Windows 11, but if that's the thing requiring secure boot being on or your hardware doesn't have it, run in QEMU with TPM 2 virtuallized using swtpm? https://github.com/stefanberger/swtpm It's all pretty gruesome, but doable, yes? |
|
Quote:
Quote:
|
Quote:
Additionally, there are many computers, sold brand-new today, where disabling the SecureBoot is not even an option on BIOS. And looks like the trend will continue - after all, even the UEFI CSM module is an additional and just a legacy complication? Quote:
Is not like the user has no other choices than to go on street riots against Microsoft and hardware makers... It's obviously that by Slackware not supporting SecureBoot will happen a sole single thing: Slackware will loose users, nothing else. |
Quote:
Yes, also the Windows 11 requires SecureBoot, but many considerable older motherboards supports it and not other major Linux distribution has issues with booting on SecureBoot enabled motherboards. I would dare to say that the SecureBoot Issue is effectively something specific to Slackware. Quote:
IF the user has no ways to disable it even temporary, no tutorial will be useful. ;) Everything is reduced at a Shakespearian question: To boot or not to boot? At this question only Slackware Team can respond. |
I am trying to understand these hypothetical users you keep invoking. If they have not been able to install Slackware, then they were never a Slackware user.
Quote:
|
Quote:
I recently had the unfortunate displeasure of setting up a brand new Windows 10 laptop for a friend. On the first boot, you absolutely must use a Microsoft account to log in. You cannot create a user without a Microsoft account on Windows 10 Home until after you log in the first time. I can't say with any certainty that people don't like this, but many of the expletive laden account names I tried were already taken. |
Actually, rkelsen, for Win 10 anyway, there are applications that absolutely will disable the whole "Windows account login" requirement among many other beneficent eviscerations. Think of it as Win 98 Lite, evolved.... dunno 'bout Win 11 and hope I never have to find out.
|
Quote:
Or, since I use a primitive mobile, I guess the equivilant would be using the raspberry PI for everyday use as a PC ;) The sad thing is that Windows XP was actually somewhat free. The users were pretty free to use the system as they wanted. But Microsoft has learned from Apple and Google, and have been making Windows less and less generic "open" since Windows 7, and is now more into controlling "how" people should use a PC, the next step undoubtedly being to adapt the Apple/Google policy of controlling users through "their" device. |
Quote:
So, if you want to vote with your money, please consider Acer. Have a look around where you live/online for Acer laptops with Linux, they should be available. I'm quite radical about freedom, and I've been positively impressed by Acer the last 5-10 years (due to their Linux friendliness). Just my experience. |
Quote:
|
I don't know very much about Windows since 7 and I do see your conundrum but I'm wondering wouldn't it be possible to use one of those "Lite" isos into Repair Mode before ever booting the full installed version? FWIW there is also a Hirens-derived Win 10 PE Live system ( https://www.hirensbootcd.org/ ) that I think should allow piecemeal removal of whatever one wants to remove. I haven't tried that method on a never booted system so I'm uncertain but it may well be possible for anyone who cares to stop more than... what is it called? Candy Crush?
Anyway, YMMV but I'm betting there are ways besides installing whole from a hacked iso. IIRC a lot can be achieved by setting the date far in the future for "checkups". That of course will depend on what you "need" Windows for but in my case, simple and specific persistent firmware updates do not need system updates and I'm never on it long enough, especially with any active network, to worry about security beyond a decent anti-malware device. |
When will Slackware 15.0 be released?
You're lucky. I wish I didn't have to use it.
|
You certainly have my sincere sympathy. When things "go south" in Slackware it's a minor bummer because I always have a good idea what the path will be to fix whatever I did wrong. When Windows gets bolloxed in moments I feel like yanking out my teeth with a sharp stick... well I did back in Win98/XP days when I actually used it for any length of time. Win2K was mostly reasonable and a stripped down Win 7 was at least passable. I find 10 a PITA even when it is stripped way down and in only momentary usage. I really don't want to even find out how bad 11 is.
|
if your running current
Code:
cat /etc/slackware-version |
Quote:
For myself, I've committed to buy every computer my best friend sells off when she upgrades. Just bought a macbookair4,2 (2011 Macbook Air). Next after that will be one of these new M1s, whenever she feels it's end of life. That last may mark my departure from Slackware depending on the state of arm64 by then (10 years from now?). But at least I won't have to deal with wintel machines. |
Quote:
Your posts motivated me to go down the Secure Boot rathole and sniff around. I've been hearing about this Secure Boot / TPM 2.0 / Trusted Computing stuff for over a decade, and now it is upon us with the imminent Windows 11 rollout, so how bad is it? Well, it ain't great, and it could turn into a real problem for sleepy Slackware, which is on a long, slow fade already and has been for some time. This is certainly not helpful. But it isn't necessarily dire either. Slackware has three choices. They can do nothing and just take it in the chin. Or they can go the route of Fedora and Ubuntu and others, obtaining keys from Microsoft (a skin crawling process involving user agreements, credit cards, purchasing a somewhat exotically flavored Verign certificate, running Microsoft utilities on a Windows machine, and submitting sample binaries to be scrutinized by Microsoft). Or they can roll their own Secure Boot solution. That is an option, at least according to what I am reading. New machines are shipping with only Microsoft's keys, but the specification provides for multiple keys maintained in the BIOS keystore, and OEMs signing up for Microsoft's Secure Boot program are required (at least in theory) to support that feature. That means you can create your own keys, write the public key to the BIOS keystore where they will reside next to the MS keys, sign you installer, bootloader, kernel and kernel module binaries with your private key and use those signed binaries to install and boot your OS. Some BIOS vendors apparently provide the facility to add and remove keys in their BIOS config utility. There is also an opensource toolkit that allows you to do so independently of the vendor's BIOS config utility. If what I claim is true, and it seems to be true, then anyone sufficiently motivated to do so can install and run Slackware on a Secure Boot machine without first going to Verisign and Microsoft on bended knee with credit card in hand. It looks like it would be a bit arduous and perhaps a little harrowing the first time you did it, but you could do it. A Linux sysadmin could do it. And if a sysadmin could do it then a really competent sysadmin, a Linux distribution maintainer, the original Linux distribution maintainer, he could automate it. That would be Patrick Volkerding's third option. So if rolling your own keys is an option, why did those other Linux distributions make the distasteful choice of enrolling in Microsoft's Secure Boot program? Well, that is probably the safest choice. Those BIOS vendors agreed to adhere to the Secure Boot spec provision for multiple keys, and probably most of them have done that, but if their BIOS product is tailored for the preinstalled Windows consumer PC market then there is only one set of keys that they really have to be able to handle, the Microsoft keys. The possibility exists, therefore, that some BIOS vendors have cut corners. So Red Hat, Ubuntu and whoever else played it safe. They got their keys from Microsoft. Slackware can do the same, or they can strike out on their own path, or they can do nothing, shutting the door to all but the most dauntless dual booters of tomorrow. I don't really have an immediate stake in this game; I don't run the Windows, but I am fond of Slackware, I would like to see it endure. |
Quote:
Sure, they could have made it easier and more accessible (UEFI/secureboot) instead of making the boot process more complicated. But that's just the world we live in I guess. If you look at what is on the Slackware disk (14.2), the boot process is already fairly complex, and Slackware seems to handle it just fine. |
Quote:
People thought Slackware was dead because Slackware looked dead - unless you knew where to look. And asking in the "official Slackware forum" tended to get more flames than answers. Back when there were 2 years between releases - ya, I get it. After 4-5 years - maybe some additional "customer expectation management" might have been helpful. |
The title of this thread is
When will Slackware 15.0 be released Well now there is a thread, started yesterday, advising that Slackware 15.0 RC1 has been released. Whether you consider a RC close enuff depends upon you. Either way I figure the answer is really soon. |
When will Slackware 15.0 be released?
Soon. |
Quote:
|
Member Response
Hi,
Quote:
Have fun & enjoy new rc! :hattip: |
Quote:
It's actually the first time I'm ever running -current, so I'm not too familiar with non-release stuff. Might as well link this here, distrowatch news Slackware 15.0 RC1: https://distrowatch.com/?newsid=11322 |
RC1 = Release Candidate # 1
Slackware 15.0 RC1 either turns into Slackware 15.0 (a formal release) or else changes are made and RC2 is made available. It's all in the development tree (-current) until the stable release. See change log for status details. It's been a while since we observed this process with Slackware. Some people may have forgotten. |
Quote:
Could well happen again. BUT, the great news is that we are "almost there" and in the next month(s) we will have Slackware 15.0 released. |
Quote:
Anyways, I've had Slackware 14.2 installed for awhile as a second distro, and I've played around with it quite extensively recently to warm up for Slackware 15. I'm currently testing 15.0 RC1 on another computer. I just wasn't sure that was officially how you do RC1 testing, but seemingly it is.. |
All times are GMT -5. The time now is 04:20 AM. |