Re: Flame Linus to a crisp!

Linus Torvalds (torvalds@transmeta.com)
Wed, 23 Apr 2003 22:16:50 -0700 (PDT)


On Wed, 23 Apr 2003, Andre Hedrick wrote:
>
> Now the digital signing issue as a means to protect possible embedded or
> distribution environments is needed. DRM cuts two ways and do not forget
> it!

This is _the_ most important part to remember.

Security is a two-edged sword. It can be used _for_ you, and it can be
used _against_ you. A fence keeps the bad guys out, but by implication the
bad guys can use it to keep _you_ out, too.

The technology itself is pretty neutral, and I'm personally pretty
optimistic that _especially_ in an open-source environment we will find
that most of the actual effort is going to be going into making security
be a _pro_consumer_ thing. Security for the user, not to screw the user.

Put another way: I'd rather embrace it for the positive things it can do
for us, than have _others_ embrace it for the things it can do for them.

> For those not aware, each and every kernel you download from K.O is DRM
> signed as a means to authenticate purity.

Yup. And pretty much every official .rpm or .deb package (source and
binary) is already signed by the company that made that package, for
_your_ protection. This is already "accepted practice", so allowing
signing is not something new per se, including on a binary level.

So what I hope this discussion brings as news is to make people aware of
it. And that very much includes making people aware of the fact that there
are some scary sides to signing stuff - and that they're par for the
course, and part of the package. I know for a fact that a number of
people were hoping for the upsides without any of the downsides. That's
not how it works.

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/