You can debate if the 'Revolution of Dignity' was a good thing or not, but some other country impeaching their leader for human rights violations and holding new elections is a poor reason to invade it. Obviously Putin thought Yanukovych was his guy and if the Ukranians dared to kick him out and have democracy he'd just have to invade and install a new puppet but is that really a coup? Google has:
>A popular uprising is not typically considered a coup. An uprising is a broad, public, and often spontaneous mass movement aimed at social or political change, while a coup (coup d'état) is a rapid seizure of power by a small, elite group, such as the military or political insiders.
Yeah like the famous French Coup. You never hear a Ukrainian say our country had a coup. It's a Russian propaganda lie so they can feel better about murdering their peaceful democratic neighbours to try to steal their stuff.
Yes, this times a thousand. If we treat people like slaves, they become slaves. Treat them as if they are smart, and they will become smart. It's as simple as that.
Russia is active war zone. Russians are flying commercial passenger jets over active war zone and then shooting them. Embraer E190 was the latest victim of Russians. Russia is the problem.
Those, who has better ping, bigger screen, better video card, better mouse, always have advantage over those who haven't. Adapt. There is no fair game in the real life.
Stock Linux kernel in Fedora, for example, is signed by MS, so SecureBoot allows to boot it without modification. Kernel booted by SecureBoot is locked down by default. To unlock it, you need to patch kernel source, rebuild it, sign it with your own key, and install this key via UEFI to boot it in SecureBoot mode. Your custom key will not pass remote attestation.
They are not signed by MS they are dual signed by a CA that MS runs as a service for UEFI secure boot as well as the distro’s CA.
If you were around in the late 2000s when UEFI SecureBoot was being proposed, you’d remember the massive hysteria about how “SecureBoot is a MS plot to block Linux install”. Even though the proposal was to just allow the UEFI to verify the sig of the binary it’ll boot, and to allow the user to provide the UEFI with the keys to trust, the massive fear was that MB manufacturers will just be too lazy (or be bought by MS) that they will only allow MS keys, or that the process to enlist a new key would be too difficult to sufficiently discourage people from installing Linux (because you know, I’m all for the freedom and fuck-Microsoft camp, until its expected that I verify a signature) so Microsoft offered a service for CA service, like https CAs, but for boot signing.
Assuming you’re a good Linux user, you can always just put your favorite distro signing key in your UEFI without accepting MS CA n there.
Well if you walk backwards 10 paces and look at the big picture here, what MS did enables anti-cheat attestation via TPM, and that in turn can act as a feature that structurally - via the market - reduces the appeal of Linux.
Signing your own custom-built kernel (if you need to adjust flags etc., like I do) won't result in a certification chain that will pass the kind of attestation being sketched out by the OP article here.
Yes because you’re trying to communicate that trust to other players of the game you’re playing as opposed to yourself.
It’s why I hate the term “self-signed” vs “signed” when it comes to tls/https. I always try to explain to junior developers that there is no such a thing as “self-signed”. A “self-signed” certificate isn’t less secure than a “signed” certificate. You are always choosing who you want to trust when it comes to encryption. Out of convenience, you delegate that to the vendor of your OS or browser, but it’s always a choice. But in practice, it’s a very different equation.
reply