LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 10-27-2022, 07:02 PM   #1
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 3,696
Blog Entries: 7

Rep: Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971
Brave New Trusted Boot World... What??


This was mentioned in a thread on the Slackware forum, and was the first I'd heard of it.

So, this article appeared a few days ago: https://0pointer.de/blog/brave-new-t...oot-world.html

Then in the News section of the forum, there was a link to story from El Reg: https://www.theregister.com/2022/10/...ft_poettering/

"Microsoft's Lennart Poettering proposes tightening up Linux boot process
Building your own initial RAMdisk? That's insecure!"


"Microsoft's Lennart Poettering" Funny. I chortled when I saw it, but my then mood changed upon reading the story. In that story there were some links to these comments on Hacker News:

"As somone who never really viewed systemd as a problem I'm starting to think the systemd "haters" were actually right, at least somewhat... Viewing Poettering as some kind malicious entity undermining projects sounds like a conspiracy theory. But now with him working for Microsoft his actions do look like a lot like the "embrace, extend, and extinguish" pattern to me. Yes, yes "Microsoft <3 Linux", of course... And now I am supposed to cheer for the groundwork for the creation of an allmighty authority with the ability to "sanction" some (parts of) operating systems, but not others?" https://news.ycombinator.com/item?id=33341718

"I always thought this outcome was obvious. Systemd controls everything that happens before Linux boots. It controls everything that happens after Linux boots. Might as well call it GNU/Systemd at this point. It's the silent revolution no one wanted. The name itself implies a manifest destiny because System D is 100x greater than System V and they intentionally break POSIX compliance too. Now that the guy who owns the systemd project works for Microsoft, in addition to the fact that the Linux kernel now needs to be a Windows executable in order to boot, that really tells you all you need to know." https://news.ycombinator.com/item?id=33341938

Emphasis mine.

There doesn't seem to be much discussion about this. I, for one, am quite concerned about the direction this is going.

Are you not concerned by it? If not, why not?

Any other thoughts or comments?
 
Old 10-27-2022, 07:24 PM   #2
ChuangTzu
Senior Member
 
Registered: May 2015
Location: Where ever needed
Distribution: Slackware/Salix while testing others
Posts: 1,669

Rep: Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836
Thank you for posting this. I would not be a bit surprised if he was working with or for Microsoft for some time and just announced it publicly when the time was right. But I tend to follow the money trail back to the source when things smell/look fishy.
 
Old 10-27-2022, 09:09 PM   #3
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,009
Blog Entries: 4

Rep: Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607
Actually, "the initrd step" in a great many distros is(!) a vulnerability, since this is the "pre-boot' step in which the kernel attempts to automagically adapt itself to whatever hardware environment it may be faced with. Although this precursory step of the process is not well-understood by many, to finger it as a "potentially exploitable vulnerability" – although IMHO fairly unlikely – cannot be entirely dismissed. "If one puts their mind to it, any point in the process is 'potentially exploitable.'"
 
Old 10-27-2022, 10:12 PM   #4
ChuangTzu
Senior Member
 
Registered: May 2015
Location: Where ever needed
Distribution: Slackware/Salix while testing others
Posts: 1,669

Rep: Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836
Quote:
Originally Posted by sundialsvcs;6389062 "If one puts their mind to it, [u
any[/u] point in the process is 'potentially exploitable.'"
This is why ones philosophy personal and project is of the utmost importance. I am reminded of the American statesman Benjamin Franklin:
Quote:
“Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.”
With each addition Pottering et al seem adamant about "taking over" or taking control of most everything and often in the name of security/complexity this is how everyone else does it etc... Is the dog wagging the tail or the tail wagging the dog, and at what point is the tail replaced with tale.
 
Old 10-28-2022, 01:41 AM   #5
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 3,696

Original Poster
Blog Entries: 7

Rep: Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971
Quote:
Originally Posted by sundialsvcs View Post
Actually, "the initrd step" in a great many distros is(!) a vulnerability
As a locally compiled kernel could be. Does that mean we need to obtain authority from Microsoft before being allowed to use a customised kernel on our own hardware?

Is the frog boiled yet? Seems like it's almost done.
 
Old 10-28-2022, 03:28 AM   #6
elcore
Senior Member
 
Registered: Sep 2014
Distribution: Slackware
Posts: 1,435

Rep: Reputation: Disabled
Quote:
Originally Posted by rkelsen View Post
Does that mean we need to obtain authority from Microsoft before being allowed to use a customised kernel on our own hardware?.
Having "our own hardware" is variable, there is hardware which is soldered together prohibiting replacement of faulty modules.
So having software which is "soldered" together totally makes sense when you look at any and all profit driven software development.
It's nothing new BTW, remember SecuROM?
 
Old 10-28-2022, 04:41 AM   #7
fatmac
Senior Member
 
Registered: Sep 2011
Location: Upper Hale, Surrey/Hants Border, UK
Distribution: Mainly Devuan/Devuan based - with - OpenBSD - NetBSD - Fatdog64
Posts: 4,722

Rep: Reputation: Disabled
It's all about getting 'locked in' & profits!

If mainstream Linux ends up 'needing' this, the BSDs are just waiting for new users.

The trouble will be finding a computer that doesn't have all these Microsoft lock ins!
 
Old 10-28-2022, 06:48 AM   #8
elcore
Senior Member
 
Registered: Sep 2014
Distribution: Slackware
Posts: 1,435

Rep: Reputation: Disabled
Quote:
Originally Posted by fatmac View Post
The trouble will be finding a computer that doesn't have all these Microsoft lock ins!
That'll be a non-issue for most, I think. What really put things in perspective for me, is one video I saw long time ago.
The F-Secure crew went through some malware code, and found an address of the guys making it.
They actually went there and found some dudes in extremely poor condition, with a trash-type of PC, writing the malware for fun.
What these guys probably do is they find the nearest trash dump to get broken hardware, solder it together, and re-sell it on the flea market.
They could not care any less about some suits, who think they could buy trust. This is why I think the lock-in situation really depends on what you buy and where.
 
Old 10-28-2022, 03:59 PM   #9
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 14,502

Rep: Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003Reputation: 2003
Now that extremely hairy disk systems have been removed and the processes streamlined, surely you just need the modules to mount / in an initrd. If you compile those modules in, you don't need one at all. I survived for years without one and only went back to them through laziness.
 
Old 10-28-2022, 05:29 PM   #10
fido_dogstoyevsky
Member
 
Registered: Feb 2015
Location: Victoria, Australia
Distribution: Slackware 15
Posts: 479
Blog Entries: 2

Rep: Reputation: 562Reputation: 562Reputation: 562Reputation: 562Reputation: 562Reputation: 562
Quote:
Originally Posted by rkelsen View Post
...
There doesn't seem to be much discussion about this [Linux kowtowing to microsoft]. I, for one, am quite concerned about the direction this is going.

Are you not concerned by it? If not, why not?

Any other thoughts or comments?
I am concerned, and as a result am dusting off plans to drop Linux in favour of OpenBSD (about to rebuild an old PC to practice on).
 
Old 10-28-2022, 06:59 PM   #11
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 3,696

Original Poster
Blog Entries: 7

Rep: Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971
Quote:
Originally Posted by elcore View Post
So having software which is "soldered" together totally makes sense when you look at any and all profit driven software development.
So you're fine with a software house having authority over hardware you own?

That notion goes against my grain.
 
Old 10-28-2022, 09:30 PM   #12
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,629

Rep: Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362
Lennart Poettering can complete Pulse Audio before he does anything else. Could I write it? No. Would I pester everybody so that they took up my system then make it not work for years, then almost work like it should then give up on it? No.
This is not an Ad Hominem, well it is sort-of, but more a "Why the hell trust this guy who is full of shit?".
And, yes, the fact he migrated to Microsoft no matter what their perceived situation regarding open source at the moment (OK they're not the MS of "Linux is cancer" any more) is also not a good sign.
 
Old 10-28-2022, 09:56 PM   #13
ChuangTzu
Senior Member
 
Registered: May 2015
Location: Where ever needed
Distribution: Slackware/Salix while testing others
Posts: 1,669

Rep: Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836Reputation: 1836
Quote:
Originally Posted by 273 View Post
(OK they're not the MS of "Linux is cancer" any more)
That's not a change just rebranding. Public face/Private face.

Best way to control the opposition is to lead and control the opposition.
 
Old 10-28-2022, 10:04 PM   #14
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,629

Rep: Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362Reputation: 2362
Quote:
Originally Posted by ChuangTzu View Post
That's not a change just rebranding. Public face/Private face.

Best way to control the opposition is to lead and control the opposition.
I don't trust them any more now but I also don't think that the vicious anti-free software attitude that was in the company back then is there now.
 
Old 10-29-2022, 03:22 AM   #15
elcore
Senior Member
 
Registered: Sep 2014
Distribution: Slackware
Posts: 1,435

Rep: Reputation: Disabled
Quote:
Originally Posted by rkelsen View Post
So you're fine with a software house having authority over hardware you own?

That notion goes against my grain.
Maybe I was not clear before.. It really does depend on what you buy, and who installed the OS.
I didn't see you complain when folks started losing warranty for replacing the android boot loader.
But to make it clear: I'm against locking up the loader/bios and I don't use secure boot, but I never buy stuff with pre-installed OS.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Brave on Kubuntu 20.04 - Unable to run the command specified. The file or folder /snap/brave/107/opt/brave.com/brave/brave does not exist. vmelkon Ubuntu 5 03-02-2022 05:57 PM
LXer: Brave takes brave stand against Google's plan to turn websites into ad-blocker-thwarting Web Bundles LXer Syndicated Linux News 0 08-29-2020 11:12 PM
Is it feasible to sign RPM/Deb using a cert issued by Trusted CA or signing with a GPG Key Pair Signed by a Trusted CA ktalinki Linux - Security 1 07-12-2018 08:46 PM
LXer: Novell and the Brave New Open-Source World LXer Syndicated Linux News 0 11-21-2006 11:54 AM
Brave New World W:(L:) Linux - Newbie 30 11-09-2003 08:50 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 08:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration