Is this something we (as consumers of FreeBSD) need to be aware of?

C. P. Ghost cpghost at
Thu Jun 14 07:51:51 UTC 2012

On Tue, Jun 5, 2012 at 8:19 PM, Kurt Buff <kurt.buff at> wrote:
> UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries
> This would seem to make compiling from source difficult.
> Kurt

I'm not sure I understand the issue, but this is my take on it
so far:

1. What's preventing the makers of boot loaders like GRUB (which can
also boot FreeBSD) from getting a certificate ONCE? And if they have
one, what's preventing them from loading ANY kernel at all? It is only
the first stage boot loader that needs to be signed, or not?

2. What's preventing anyone of us in the EU from stepping up
efforts with the EU Commission and the EU Parliament to stop
Microsoft from monopolizing the ARM (and later x86) platforms,
i.e. by becoming the only gatekeepers? After all, EU sovereign
states and their economies can't depend on a US corporation
having a global kill switch to their whole infrastructure. We're not
just talking about Windows dominance here, but a lot more:
dominance on the whole hardware segment. I'm pretty sure this
scheme is highly anti-competitive, and I guess it runs afoul of a lot
of already existing EU regulations.


Cordula's Web.

More information about the freebsd-questions mailing list