* Posts by Jusme

134 publicly visible posts • joined 18 Dec 2007

Page:

The passive aggression of connecting USB to PS/2

Jusme

Re: Really, really old news

@Peter Kay - Got a model number?

Not the OP, but I have a nice Philips UWS that acts as a decent KVM switch between two laptops [USBC K+V+M] and [DP with USB K & M]:

Philips 499P9H- 49 Inch Curved Dual QHD Monitor

https://www.amazon.co.uk/dp/B07MY2DXPH

(It also has a pop-up webcam, but it's crap)

Jusme

Re: Polling vs Interrupted keyboards.

The first mouse I owned (and still have...) had the raw quadrature outputs from the shaft encoders as it's interface. I had to build (from TTL parts) a circuit to generate a movement interrupt and a direction flag for each axis, and write a "driver" for it. In Z80 assembler.

Now where's my chisel...

Get off that old Firefox by Friday or you'll be sorry, says Moz

Jusme

Re: Happy accident

> The reason cert lifetimes have been getting shorter and shorter has nothing to do with money - the push for shorter lifetimes comes mostly from LetsEncrypt, which offers them for free.

I thought the push was coming from Apple and Google. Whatever. This seems to me to be the wrong solution to the problem. Basically we've given up on making certificate revocation work* **, so the only alternative is short-lived certificates, to make sure $badguys have to work overtime once they spot an opportunity.

* Bit like the lazy/incompetent programmer resorting to a poll loop because interrupts were too hard for them.

** The paranoid may suggest this is another happy accident...

Jusme

Re: in the web/browser world where network-level m-i-t-m snooping of https is normal business.

> Is that just a feeling or can you link to some evidence?

It's been normalised as "best practice" in the corporate world (ref. Google, e.g. https://security.stackexchange.com/questions/107542/is-it-common-practice-for-companies-to-mitm-https-traffic).

No idea how pervasive it is outside corporate environments, but I don't believe anyone who says it can't be done.

Jusme

Happy accident

Seems to me that this push to PKI-based "security"*, especially with shorter and shorter certificate validity times, has a nice side effect of forcing everything to be a live service / subscription model. If you don't keep updating, and paying the subscription** it just stops working.

* The air quotes are deliberate, as I'm not convinced this actually makes anything more secure now, especially in the web/browser world where network-level m-i-t-m snooping of https is normal business.

** Either actual £/$, or by having the latest circle of enshitification (monetisation) forced on you. Good luck keeping an older version of a browser that still supports ublock origin working for much longer, for example.

Microsoft tells abandoned Publisher fans to just use Word and hope for the best

Jusme

+1 for FrameMaker, the only DTP tool I've used that seemed to understand page layout properly.

Cost a packet though, and we only had limited licences (again on Sun workstations). I often had the job of kicking FlexLM up the backside when it had a sulk.

I also had a row with the management when PCs started to infect the workplace. "You should be using Word for documentation" "But the Engineers all have Sun workstations on their desks, only the managers have PCs with Solitaire, er I mean Word...".

Cloudflare's bot bouncer blocks weirdo browsers

Jusme

Another step towards CableTV-2.0

...You will use an approved browser (on an approved OS)

...You won't tamper with the content (block ads)

Huawei handed 2,596,148,429,267,413,
814,265,248,164,610,048 IPv6 addresses

Jusme

Re: I have one major worry about IPv6

> Another thing that holds back wider deployment certainly for bigger organisations is the idea having to re-number v6 hosts to new provider-allocated ranges

...

> In a way this has actually forced more centralisation on the internet, where orgs will outsource their edge to a CDN so the public-facing network and addressing is not their problem.

At which point you might as well stick with IPv4 RFC1918 addresses internally, and your "CDN" will have (possibly shared) public IPv4 addresses for your "website" so everyone can access it.

Microsoft tries out wooden bit barns to cut construction emissions

Jusme

Re: Good thing that

Ask OVH :)

IPv6 may already be irrelevant – but so is moving off IPv4, argues APNIC's chief scientist

Jusme

Re: ipv6 is a mess and ipv4 will not die anytime soon

> ipv6 is a mess. it has been made overly complicated, IMHO. And if you don't use NAT (NAT in V6, I mean) you'll end up having to renumber your entire LAN if you change provider (unless you own your own v6 netblock and have it routed through your current provider). And anyway if you want your internet to work, you still NEED v4 until everyone else (100% of them) is on v6 too. And this statement says it all. Since everyone still needs v4, why bother configuring a dual stack solution? Since I need v4 anyway, I just stick with it.

Yep, that's pretty much my song too.

IPv6 was designed by academics and made over-complicated, in a misguided attempt to solve too many problems. We already rejected OSI for that. If it had just addressed the core problem, 32-bit addresses, in a way that was directly compatible, by now we might have had 100% support, but, as evidenced by the fact that we haven't, it's clearly too hard and too different.

Pixel perfect Ghostpulse malware loader hides inside PNG image files

Jusme

Re: I'm confused...

> For one horrible moment there I though that some idiot had decided that PNG files were executables. Now I read it a second time, I see that the nasty is in the remote script - I assume Windows only - run by the duped user.

Exactly. Sounds to me like the 'PNG' angle is just the command channel to an already compromised host, not an attack vector. Won't stop the dibbles banning PNG files in the usual exit-horse-door-bolting exercise though.

WinAmp's woes will pass, but its wonders will be here forever

Jusme

Re: The good ol' days

> All I ever used Winamp for was for Shoutcast streaming. Is it still good at that?

No idea, I only ever play mp3's from files, those being on shared filestore is as network-y as it gets. I suspect this version pre-dates internet streaming though (back then streaming meant you could start playing the song before the "download" from napster had finished, and if you were lucky it would all come down in time :)

> Should I completely avoid the 5.x versions?

Probably...

Jusme

Re: The good ol' days

> A good player was the old version of Winamp before it went mad...

Still using version 2.64 here, before the rot started. I think the next version included a web browser to show ads, or something annoying, so I've kept the zip and been using that version ever since. It plays my mp3's, doesn't get in my face, and even works on 'doze 11.

Post-IPO Raspberry Pi results in: So you can make money in tech without added AI

Jusme

Awesome

> Revenue for the first half of 2024 was reported as $144 million, a 61 percent increase from the same period in 2023. Gross profits stood at $34.2 million, up 47 percent.

And the shareholders will now expect that to be repeated, and even bettered, year on year. And when it isn't, their dividends will be taken from the company assets until there's nothing of value left.

250 million-plus unused IPv4 addresses should be left alone, argues network boffin

Jusme

Re: Well...

> I have had no issues with my zen + HE tunnel setup...

> In day to day use however, lots of places seem to block HE IPv6 ranges.

I used the same approach (using Zen and Virgin for IPv4 connectivity), and yes, some things work fine. Reading around, it doesn't seem to be that sites are blocking HE, but there are peering issues that HE seem to be on the wrong side of. Until that nonsense is sorted, using IPv6 is a bad joke.

Edited to add:

Zen seem to provide some level of IPv6 capability on the Fritz Box router they supply, but I couldn't get it to work at all. Virgin seem to have absolutely no interest in IPv6, and are still delivering their cable TV over proprietary co-ax, not IP (I know this because they foisted their STB on me to get a decent discount on the broadband. Since I way paying for it, I hooked it up (via the ethernet port) and it seemed to be going ok with the menus etc. but as soon as I tried to watch any content it errored out because the co-ax wasn't connected. Unfortunately the Virgin termination point is in the server room, and the big TV isn't, so their fancy STB went back in its box.)

Jusme

Well...

> Tests show it's just too hard to put the unused 240/4 block to work

Probably easier than deploying IPv6

> Two thirds of the internet is not on IPv6 and is thriving on network address translation

Exactly.

IPv6 reminds me of OSI networking, as beloved by mainframes of a certain flavour. Designed by committee, and including all sorts of clever stuff to satisfy everyone. Unfortunately they both ended up being too hard to implement, and as a result, the simplicity of IPv4 still rules the internet.

(Yes, I've deployed IPv6, and until recently had a fully IPv6 enabled network - DNS, email, web, etc. Unfortunately the problems it causes (several*) seem to exceed the benefits it gives (none), so I'm now removing all IPv6 capability - I just don't need it.

<asbestos underwear installed...>

* For starters:

Problem 1: The IPv6 internet seems to be fragmented - not all addresses are always reachable from all providers due to commercial politics.

Problem 2: If I change provider, I have to change addresses on everything. Yes, I could use IPv6 NAT, but that was strongly discouraged by the IPv6 cult and only got included (late in the day) because it's necessary in the real world.

Problem 3: Practically no consumer ISPs (in the UK at least) support IPv6 properly (i.e. give you a /48 global prefix)

FTC urged to stop tech makers downgrading devices after you've bought them

Jusme

"smart", "eco", "green", "AI": Warning labels...

Ex-Microsoft engineer resurrects PDP-11 from junkyard parts

Jusme

Re: Funny...

> The QBone is probably cheating a bit, but I/O devices are typically large/rare/mechanical so acquiring them working can be a significant challenge and expense.

Doesn't TNMoC use a Raspberry PI to emulate a room full of washing machine-sized discs on their ICL 2966?

Still impressive that the original OCP and IOC cabinets still work :)

UK's 'electricity superhighway' gets green light just in time for AI to gobble it all up

Jusme

> There were several aesthetically pleasing designs: https://www.theguardian.com/environment/gallery/2011/sep/14/shortlist-designs-electricity-pylons-in-pictures

Hell's teeth, there's some real fugly nonsense there! I actually quite like the British Standard Pylon, a majestic steel giant holding wires aloft. A small price to pay for the benefits of mains electricity, that we all depend on for every aspect of our lives.

Chrome Web Store warns end is nigh for uBlock Origin

Jusme

Broken record time...

I've said this before, and been downvoted, but I'll say it again.

Google wants Chrome to be a secure content delivery platform, so they can fully control and monetise the web, just like a cable TV company. They've locked down the network side by making everything https, now they're locking down the browser so you can't tamper with the content. They've turned their search engine into a curated portal (you'll only get your site seen if you pay them or they think it's good enough to be included). What next? I suspect further tightening of certificates so that "unapproved" ones get some kind of subtle warning, then less subtle, then blocked by default?

We're all dooooomed....

Yes, I am being intolerably smug – because I ignored you and saved the project

Jusme

Re: The boss forbade any such plugfest

> This sounds like the boss needed educating that plugging ethernet cables into the wrong port is not going to cause explosions (or other less spectacular types of physical damage).

Unless someone was using an "unconventional" PoE implementation (not impossible if analog CCTV, telephony, or the coffee maker was also being patched through the structured cabling).

Tape is so dead, 152.9 EB of LTO media shipped last year

Jusme

In tape we trust

I sleep better knowing our data is being carved into sophisticated linear rust* and taken offsite**

It scares me when I hear of companies that think replication is a sufficient backup, and long-term archive? Whassat?

It depresses me that requesting a tape library in our datacentre raises eyebrows and sarcastic comments.

* Yes, we do regularly test restore too.

** Yes, it is encrypted.

Is the long awaited Raspberry Pi flotation about to happen?

Jusme

Oh dear...

n/t

Broadcom terminates VMware's free ESXi hypervisor

Jusme

Re: OpenStack

OpenStack is used by some extremely large users... So, it is very much a "product". NASA, UK GDS, CERN, China Mobile, not to mention a bunch of hosting companies running their own cloud products (eg OVH)...

Exactly, those large users can afford to dedicate teams to configuration and deployment of OpenStack. For smaller organisations there is no click-and-play, as there is (was) with VMware. OpenStack is a huge learning curve when virtualisation technology isn't your core business.

Jusme

OpenStack

I guess if the dealer is getting out of the market there's no need for "first ones free" offers anymore. Like with early Windows, we could play at home for free and learn about all these great new toys, then take them into the workplace and get our employers to pay big bux for them. Classic 1...2...profit!

It'a a pity OpenStack never made it as a product. From 2020 (https://forums.theregister.com/forum/all/2020/10/22/openstack_at_10/):

"Last time I looked, OpenStack was still a science project. You get a bag of bits (very nice bits, certainly), but putting them together to make a working virtualisation environment takes a lot of time/effort/knowledge. Compare with VMware, which "just works" (though they're trying their best to break it with every new release), and you can be spinning up VMs through a nice-ish GUI within minutes of installation. OpenStack needs to be a product, not a technology..."

Don't think much has changed.

Chrome engine devs experiment with automatic browser micropayments

Jusme

Re: Good luck

The thing is, you pay for an ad-free experience. then eventually they start showing ads to paying customers[1] too, just to keep the price down[2].

I'm conflicted, as people need to earn a living, and content/hosting isn't free, but overall I think this is another "nope", as the money will likely go to the wrong people.

[1] Well typically if you're seeing ads you're their product.

[2] aka increase their profits

Wait, hold on, everyone – Mozilla thinks Apple, Google, Microsoft should play fair

Jusme

Endgame

We need to start thinking of browsers as modern day cable TV receivers. That's what Google/Apple/Microsoft want them to be - secure content delivery tools for their ad/media businesses. Firefox doesn't have a place in that world.

Could immutability be a Leap too far for openSUSE users?

Jusme

Re: re: A read-only root file system makes the OS much more resilient against disk corruption,

"The bigger picture view: iOS, iPadOS and Android have shown that immutable OS deployment and image-based update distribution works, well, in the field, at vast scale, on devices with no local tech support. This stuff is out there today and used by literally billions of people. It works."

And for an applicance, that's great. I have an iPhone and a PS5, and am quite happy that they're locked down and managed, because I just want them to work.

But I also want to be able to learn and develop, and this march to "closed" systems is making the barrier to entry higher and higher. How long before Windows gets locked down to make loading unapproved "apps" difficult? Can't be far off that now. And it seems Linux is hot on it's heels. Will I need a vendor-supplied SDK to develop my own software?

"So go get the source and build it yourself." Yep, that certainly works today. Until I need to get the bootloader signed by MS for it to run on any modern hardware. And it won't be able to connect to the internet because it won't have the necessary certificates.

Ok, I'm being a bit pessimistic, but there are people out there who would approve of this.

Google Groups ditches links to Usenet, the OG social network

Jusme

Good

They can't monetise, track or censor you on usenet. Port 119 ftw!

Raspberry Pi sizes up HAT+ spec for future hardware add-ons

Jusme

Interesting...

I see where they're going with this, but I hope they don't lose sight of the biggest USP of the Pi - the ability to tinker with hardware via GPIO on a cheap (throw-away) module. PCIe is hardly a hobbyist accessible interface, and by the time you've added M2 SSDs etc. and made this a (pretty decent, if still minimal) ARM PC, you're not going to want to be poking wires into it.

I'm sure they've run the numbers and know that a lego-kit PC is probably going to sell better than a souped-up microcontroller, but learning about the nuts and volts is something we seem to be losing out on these days </grumpy old man>

Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections

Jusme

Re: Never understood certs

> Oh wow. How does that work? Surely forcepoint doesn't have the root certs for all certs? How can it replace all certs in one swoop so all https connections from a company PC are compromised?

They (my employer, the company that owns the kit) installs their own CA by group policy (these devices are locked down tighter than a gnats chuff). All https connections are intercepted by the Forcepoint proxy, which generates and presents a server certificate for the site being accessed. The client (browser) sees this as valid, as it's signed by an installed CA, and makes the HTTP request. The Forcepoint proxy checks the request against its naughty list, and if ok, makes the request out to the real site. The response passes back through the Forcepoint proxy, which scans it for naughty words and naked aardvarks, and if you're lucky, passes it back to the client (browser).

I think they bypass this for some know sites like the big banks, presumably to avoid liability if anyting goes wrong, but I wouldn't use the work kit for anything like that anyway (which is fine by them).

Jusme

Re: Never understood certs

> In the second situation your connection is encrypted, and only readable by that specific website. No way for anyone else to listen in.

Except that isn't true. It only needs *one* of the many CAs to have leaked, or allow, their root cert or an intermediary to be used by a person with interest and they can m-i-t-m *any* site by issuing their own cert for it, on the fly. Heck, that process is standard practice in corporate environments (the certificate for every site I visit on our corporate kit is signed bt Forcepoint). At this point https is pure security theatre.

(Sorry, that's not an elephant, really...)

Jusme

> Have they considered that anything the "good guys" get on Monday, the "bad guys" get hold of by Friday?

The Friday before, that is...

Privacy advocate challenges YouTube's ad blocking detection scripts under EU law

Jusme

Re: I've always been curious...

> This, or real-time (or faster) video encoding for every targeted advert they insert into the playback stream, which is computationally expensive, and thus expensive in terms of hardware and power usage in a data centre.

Too many years ago, a "friend" signed up with a usenet provider that specialised in binary newsgroups, possibly easynews. I was quite impressed that they generated zipfiles of the selected, er, "articles", on the fly as you downloaded them. Back then I thought that was computationally expensive. I don't have a problem believing that real-time splicing of a pre-encoded, but dynamically selected, ad bitstream into an outgoing video stream would be too big an ask, and that allows tailoring right down to the individual.

> I suspect the ads would exactly have to match a "gap" in source video to avoid having to re-encode the next chunk of that (until the next video 3 minutes later).

The odd time I've been unfortunate enough to witness ads on Twitch (which makes it doubly unfortunate), they didn't seem to mind splatting them over the stream regardless of the content.

Jusme

I've always been curious...

I've always been curious why the ads aren't burned in to the video stream on YT. The technology to do this certainly exits, and they would be unblockable and unskippable, so the reason must be commercial.

Don't get me wrong, I'm not suggesting this as a solution (and it's fairly likely someone at YT has thought of it already...), and if they ever did implement it my YT hours would drop from negligible to nil. Maybe that's the reason - there is nonzero value to the borg in having me watch the occasional Big Clive or Photonic Induction video, and nonzero x 10^100 buys a lot of yachts...

GNOME Foundation's new executive director sparks witch hunt

Jusme

Re: It's not a witch hunt.

Teletype KSR33 or bust :)

<old git>I programmed my first computer using a hex keypad and rotary switches to load the instructions into RAM</old git>

Workload written by student made millions, ran on unsupported hardware, with zero maintenance

Jusme

I'm curious...

Exactly what crucial financial parameter needs to be read over GPIB? That's more about reading volts and amps from electronic test gear isn't it?

Scripted shortcut caused double-click disaster of sysadmin's own making

Jusme

Re: cd /tmp && rm -rf *

I dislike having certain "dangerous" commands in the history, in case a little bit of lag, or jitters on the arrow keys, causes them to reappear at an inconvenient time. I tend to do things like:

# mv important-sounding-dir xyzzynosuch

# rm -rf xyzzynosuch

Or

# bash +o history ## new shell with no history retained

# dd if=/dev/zero of=/dev/sdb

# exit

Of course I've still had several ohnoseconds over my ${too_many} years in this game. That's why I'm quite keen on backups...

Ten-day optical burst shows star eating giant planet, scientists say

Jusme

Is that you Galactus?

Urrrrrrppp!

America ain't exactly outlawing gas cars but it's steering hard into EVs

Jusme

Re: Change can happen quickly...

"I’m people, and I want an electric car, so does my wife"

Really?

Or do you actually want a means of transporting yourself, your cohorts and your chattels from A to B cheaply and conveniently?

Most people don't really care if their vehicle is powered by dead dinosaurs, angry atoms or unicorn farts, they just want "a car", and today, the ICE is generally the best fit solution for that problem, and the BEV isn't.

Jusme

Re: Current EV battery technology is unsustainable

Batteries are crap.

If battery technology had advanced the same rate semiconductors, magnetic media and networks have over the last decades we'd be flying across the Atlantic on a pack of AA's by now. The fact that it hasn't suggests it won't, it certainly isn't for the want of trying*. Your phone battery lasts so much longer now not because the battery is so much better, but because the electronics are. Unfortunately it still takes the same amount of energy to move a tin can and it's contents now as it always did, and always will, so there's little other scope for improvements to the range.

There's also the problem of charging, even if a perfect battery existed. The filler hose at your local supermarket delivers the equivalent of around a megawatt of power while it's dispensing fuel. That's a lot of amps and a lot of volts to get the same energy delivery in a short time. Electrical things with megawatts on their nameplates tend to live in locked rooms with big warning signs, for good reasons, not out on the high street for anyone to play with.

* Unless you think Big Bad Oil has been keeping it hidden for all this time, which requires strong metallic millinery to believe**

** Unlike the much more plausible conspiracy that Big Bad Oil has been suppressing it's real enemy, nuclear, by funding FUD for 50 years...

Jusme

Re: Change can happen quickly...

"Change can happen quickly...If there is a structural or a monetary imperative"

Actually I think that's exactly wrong. Trying to coerce people into something they don't really want is, at best, a slow process. The reason ICE vehicles took over from horses so quickly was because people wanted the freedom they gave, despite their initial limitations. The huge demand fuelled their mass production, and provision of the infrastructure to support them. There was no "government incentive" to get an ICE vehicle, people *wanted* them.

Compare with those abhorrent CFL lamps that they tried to push on us a few years back. They may have had a lower energy consumption than incandescent lamps, but in every other way they were significantly worse. People didn't really want them, so they had to be forced on us, by banning incandescents and subsidising their production, and by getting the energy companies to supply them to disinterested customers and add the costs to their bills. Then along came viable LED lighting. *Poof* CFLs (and finally incandescents) were history. No incentives or laws needed - they are actually better than the alternatives, and people wanted them.

People don't really want electric cars. They may have lower emissions at the point of use (but it's not clear if their total environmental impact is actually that much less than ICE), and they are generally inferior in most other respects (cost, range, choice...). Unfortunately there probably won't be an "LED" moment for personal transport. Barring a 10-fold improvement in battery technology, which is unlikely at this point, or development of a safe suitcase-size fusion reactor, which is still pure sci-fi, the only solution to the very real problem of fossil fuel exhaustion is a significant reduction in the availability of personal transport. This will most likely happen by pricing them off the roads, as "cheap" ICE vehicles are outlawed and only those who can afford BEVs will be able to enjoy the freedom of personal transport. People won't like that.

OVHcloud opens up Bring Your Own IP service for IPv4 failover

Jusme
Headmaster

An IPv6 block...

...should be a /48. Anything smaller is doing it wrong.

IPv6 address: Prefix 6 bytes (/48), subnet 2 bytes, interface 8 bytes (/64).

Red Hat signals Intel's software-defined silicon will debut in Linux 5.18

Jusme
Black Helicopters

Re:

> But if you are giving it away with the GPL why not just enable it in the first place?

and

> So hell the how can the Linux devs review this to include it? Will the source code have all the details in the Git headers/comments?

I strongly suspect the kernel code is nothing more than a channel from user-space to the hardware, which will be used to send encrypted keys that will have as-yet undefined purposes (but likely, as suggested, enabling features in return for extra £, DRM etc.).

Given the prime movers of this (Intel, IBM), I also strongly suspect it is intended to be of more benefit to corporate users than us proles.

Windows XP@20: From the killer of ME to banging out patches for yet another vulnerability

Jusme

> They're there to run Quicken 2004, never found a better substitute for that

gnucash does a fair job, I think it was written to emulate the original Quicken, before it became cr@pware. It can (or at least could) import your Quicken data.

Microsoft turns Windows Subsystem for Linux into an app for Windows

Jusme

Re: Found a shortcut

> No need for all this WSL nonsense, it's just a solution for a non-existent problem.

It solves a very real problem (for Microsoft): how to keep corporates paying for Windows licences when their workloads are slowly-but-surely moving to Linux...

Config cockup leaves Reg reader reaching for the phone

Jusme

I thought that was plusnet...

https://www.theregister.com/2006/07/11/plusnet_email_fiasco/

I'm sure ex demons have a few tales to tell though (floor SWL exceptions and ice lollies spring to mind...)

Good times, long gone :(

Hacking the computer with wirewraps and soldering irons: Just fix the issues as they come up, right?

Jusme

Re: Wire-Wrap Gun?

> RSI? We shopped at Farnell.

+1

The RS rep at Uni was a snobbish prat who didn't think students should get copies of their catalogue, or be allowed to order directly. Luckily by that point I already had a Farnell trade account (set up by a friendly rep when they noticed how much I was spending with them), and regular free copies of their catalogue (back when the catalogue could double as building material). They were rewarded with plenty of business sent their way after graduation. At one point I even had a better credit line on my personal account than the company I was working for, due to some issue over payment terms, so had to put a large order through on expenses!

Pity they've now been taken over by a corporate conglomerate and don't seem to be as efficient as they used to be. Nothing lasts, nothing lasts...

Jusme

I'd hire him...

Reads to me that "Matt" actually did a heroic job working around the problems caused by broken hardware:

"The reason that the reported fault address had been incremented to the next instruction was that the machine had actually executed the instruction, using whatever noise was on the memory bus at the time the instruction executed."

CentOS Stream: 'I was slow on the uptake, but I get what they are doing now,' says Rocky Linux founder

Jusme

"Kurtzer said that Microsoft, which issues the certificates, had delayed things"

Do these words not make anyone who cares about open and free software a little bit worried?

The fact that _Microsoft_ have total and absolute control of what you are allowed to run on your hardware?"

The may well be playing sort-of fair at the moment (but still dragging their feet and griefing a legitimate project), but they can raise the barrier whenever they want.

And don't say "secure boot is totally optional, so it doesn't matter". It's a very small step to it becoming mandatory in the current paranoid climate...

Page: