decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

Click here to send an email to the editor of this weblog.


You won't find me on Facebook


Donate

Donate Paypal


No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
Ideal solution | 474 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
Ideal solution
Authored by: Anonymous on Wednesday, July 04 2012 @ 10:28 AM EDT
I disagree with "have a trustworthy independent
organisation which handled the root key." I would agree with it if it were
possible, but it is a concept which seems to keep failing of its promise.

I think a better solution would be a pair of preemptive rulings - one which says
that a device which has hardware restrictions against running the user's choice
of software is, by definition, defective, with the manufacturer liable upon
demand for its replacement, or equivalent costs; the second a ruling which
declares that Microsoft, as a convicted monopolist, is not legally permitted to
produce software (OS or other) which is capable of running on a
restriction-encumbered device.

[ Reply to This | Parent | # ]

Security by Authority doesn't work either.
Authored by: Anonymous on Wednesday, July 04 2012 @ 11:12 AM EDT
OR:

We could understand that "Security by Authority" is just as good as
"Security by Obscurity", and then we could turn off the security
theater.

We might actually have a chance to turn it off here before it costs as much as
the TSA, so we should.

[ Reply to This | Parent | # ]

Ideal solution
Authored by: tknarr on Thursday, July 05 2012 @ 02:42 PM EDT

How about I don't have to trust an outside organization? The BIOS only needs the public keys, which are by definition safe to make publicly available (that's why they're called public keys). So the software makers sign their binaries and provide a channel for me to get their public keys, eg. by including the key file on the CD. Then I can enroll any keys I want in the BIOS. My current BIOS has the option to update the BIOS by reading the new code from a file on a USB flash drive, keys could be handled the same way.

Now no outside authority's needed. The keys I need are directly attached to the OS I'm trying to install, and the only information I need is the information I already have about where I got the OS installation from. If I trust the installation media, I can trust the keys on it. If I don't, then why am I trying to install it? Ditto for downloaded Linux distributions: I got the keys from the same place I got the distribution, if I trust that place to give me a clean copy of Linux then I can trust it to give me valid keys.

[ Reply to This | Parent | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )