Yesterday I learned from one of my colleagues that the newer versions of OSX will only run kernel extensions signed by Apple.
The need for the GNU project is as great now as it was in the 1980s.
Also, OSX doesn't require the kexts to be signed by Apple themselves - the requirement is that the kext is signed by a certificate that is blessed by Apple's CA. There are plenty of third party kexts out there.
Also, you can modify the bootloader's kernel parameters to disable kext signing and you will be back where you were on 10.9 security-wise.
A much bigger problem is how Microsoft is no longer requiring Windows 10 compatible PCs to ship with a way to disable Secure Boot.
Apple is the only one that enables OSX signing and it's done in conjunction with your Apple ID that you pay Apple a yearly fee to enable developer abilities on.
Id be curious to know of an instance where apple abuses their power and denied a competitor the ability to sign a binary.
Personally I'd much rather have someone like apple be able to have some kind of audit where by malicious extensions can be revoked. There might be some super clever way that you could do this with the block chain or the like, but ultimately I don't know how this doesn't come down to a person somewhere deciding.
I would have absolutely no problem with Ubuntu shipping with this exact same feature, assuming that I can also add in other sources of trust and self sign extensions I want to place in.
My point is that the problem isn't whether someone can make these decisions or not. It's good to have people make them, and that extra level of protection can mean a lot. None of that is a problem- the real issue is Apple attempting to enforce exclusive trust.
This will happen the instant it becomes opportune, Apple being a business, having shareholders and all that. No precedent is needed (they surely have used their power to deny stuff that is not "malicious" in the App Store before).
You'll see. Personally, I'm happy to be at least notified when something random attempts to install an unsigned kernel extension.
Apple certificate costs 99$. Indeed, you won't be able to sign anything else, but it is still more that 2 times cheaper.
As far as I can see the requirement is that the CA is cross-signed by Microsoft, and that's quite a large list .
I'm only familiar with one of them (StartCom), and that one charges $59 a year for unlimited domain certificates and 1 code signing certificate.
I'm curious who has Apple blessed to do so, and what those kexts are?
The need for F/OSS operating systems (kernel and related tools) is as great as it was in the 1980s.
The significance of the GNU project in meeting that need is less than it was in the 1980s.
I suggest people to look for Samuel Thibault past talks about HURD to see how different layering of components open for fine usages (mounting remote .isos from FTP without suffering too much).
The HURD design was always more elegant, and should result in a more stable and secure system. That's absolutely a project worth pursuing.
In 2017 or 2018 Microsoft releases "Microsoft Linux with containerized Office-by-wine-who-cares-how and selected applications available from the App Store"
Then Microsoft ships another version of Microsoft Linux and breaks user-space, breaks ABI, other libraries, and brings in encryption-which-only-runs-Microsoft-signed-libraries-and-tools and other hassles which is effectively a fork of Linux kernel + most other tools.
Microsoft becomes just like Apple - a leech on GNU and FOSS.
Confusion is total, people are working on "free you see but not free" software. "Well free for me, developer, my employer, not for you user."
And, as others have noted - you can always disable that feature if you don't like it.
Oh, no, won't this kill or greatly hurt the hackintosh community's ability to install on non-Apple hardware?
So long as the hardware doesn't require Secure Boot, anyways.
It's possible to separate what the GNU Project does now from what it was originally slated to do 30+ years ago. Providing a solid userspace and suite of libraries is no less important than providing a specific kind of microkernel.
If the FSF wants to make more of an impact, perhaps they should build software in a higher level language.
You can turn off the kernel needing signed kernel extensions. It is a big annoyance - so much is true. You don't tell the reason why Apple is doing it - Security. That's the reason why Linux is also adopting it . You do this to put Apple as the big evil in contrast to our saviour GNU (and RMS is Jesus or what?). But the thing is that you don't need GNU for a system with free software. Nobody needs Hurd when we have Linux. We also don't need GCC anymore as we have LLVM+Clang. The GNU project doesn't like that as they're becoming less and less needed.
You're right, maybe this place does need word filters.
/sarcasm... well, kinda
It seems there is a 500 karma threshold for down-voting comments and another one to down-vote posts.
Edit: And another karma level to down-vote comments beaten to death.
I just don't understand why developers, of all people, persist with systems like OSX and Windows.
Yes, Apple hardware is nice (although the XPS13 and X1 push them pretty hard.
But I'd have thought that if there was a group that'd see beyond that and ask fundamental questions about openness, digital rights, etc. it'd be developers.
Linux does well in the server world, and Apple get a lot of attention, but even then, between them, they account for something like 4% of OS installs.
I'm also not sure there is much need for GNU. The licenses are absolutely awful for things that claim to be free... sometimes if something is using LGPL with exceptions it will see some serious reuse (Qt as an example) but the GPL license is a great way to stop a project ever reaching its full potential due to its viral nature.
These arguments were tiresome then; they are boring now.
You are conflating GNU, GPL and LGPL.
The GNU system may never be as successful as you think. But portions like The GNU Compiler Collection (gcc, go, etc.) and GnuPG (GNU Privacy Guard) and thinks like GNU Emacs are the standard which others are measured against.
Second the "absolutely awful" licenses; being under the GPL has certainly hindered Linux adoption. And Samba. And ...
The GPL and LGPL are amongst the, if not the, most successful software licences in history. What's more they are one of the few that has resulted in more freedom.
Things such as Netgear's WRT-54G are classic examples of where these "awful licences" have changed the world for the better.
re: GPL/LGPL being the most successful software licenses, that seems to be changing in favour of permissive licenses like MIT/BSD/Apache
Back in 2013, Aaron Williamson of the Software Freedom Law Center did an analysis of licenses used on Github. The MIT license outnumbered all variations of GPL + LGPL licenses combined, second to MIT on the list was BSD (of course, it should be mentioned that most repositories on Github lacked any identifiable license at all)
Martin Thoma analyzed PyPi (Python Package Index) metadata in January and also found that no license was the top category, but where there is a license, MIT/BSD/Apache licenses outnumbered GPL/LGPL by quite a bit.
There are lies, damn lies, and statistics.
As to why github is mostly MIT, a reason I read is that github replaced private cvs, ftp and folders on ones laptop with a web service that has the dual functionality of work platform and collaboration platform. It follow the same path when people moved away from using office programs and started to use google docs.
 "The decline of the GPL and what to do about it"
I was thinking of his original talk:
gcc has done okay, and its a fantastic project in many ways... some of the optimisations its capable of are really quite smart. that being said though it has usually been held up as example of how hairy compilers can be. there was a period where gcc saw some real use from apple and sony, but other than that its always been considered the outsider in practice... at least during my career. maybe in the dark and distant past when it was even harder to use GNU/Linux and Unices then it compared favorable against borland and the ms vc 5 compiler... but i doubt that is true.
I'm never going to be onside with licenses like GPL when there are MITs and BSDs which do not impose draconian restrictions to help further a philosophy instead of being actually free. The single most common reason I hear not to use a library, borne from practicality, is that it is GPL or LGPL licensed.
The fact that you cite something that, to a close approximation, nobody has heard of as an example of how this stuff has made the world better is a brilliant example of what I am talking about.
Open source is great in lots of ways, but I'm convinced it would be better if its proponents and contributors were a little more in touch with reality.
Equally convince that you are about your reality, so am I that opponents to GPL are exclusive those who wish to add restrictions on software. Those who only wish to share software and doesn't add restrictive licenses to their work can treat GPL, MIT and BSD as equivalent. It would be nice if the vocal minority would in this regard be "little more in touch with reality" and be upfront about their intension.
Following Gartner , 60% of all devices shipped in 2014 have an OS based on Linux or delivered by Apple.
Do you think that a law that prohibits making other people slaves is non-free in nature? Because the GPL prohibits something similiar.
i don't just pull my opinion out of my arse, at least not entirely... :)
your source of figures is very dodgy. you need to account for the devices that aren't brand new, and especially third world and the millions and millions of cheap androids and desktop pcs. looking at america or limiting to new purchases is very special and has nothing to do with the wider market (its not uncommon for people to have a "who buys these things new? what a bunch of idiots" mentality in poorer parts of the world). Apple do much better in the US than anywhere else, and new purchases are not the majority of devices in use in the wild.
try a google search like this:
and pick from many many sources of more useful figures
as you can see from very many sources, aside from OS X - which is not really a linux, gnu/linux may as well not exist.
I wasn't advertising any political goals. I just thought that the idea behind the GPL wasn't understood and wanted to make it clearer.
Freedom is something we are born with, and I am free to do what I want with any software. The GPL asserts rights based on societal understanding to the contrary. Most nice licenses just ask for credit if its appropriate.
This idea that having priority in solving a problem entitles you to something is harmful for the whole of society for the whole of the future.
Just remember, hyperbole serves no master. Employ it at the risk of having it employed right back against you.
Most people would say that it's ridiculous to compare drivers licenses to slavery, even libertarians will tell you it's a loss of freedom but few would compare it to slavery, because for the most part drivers licenses and slavery have nothing in common.
- in-car infotainment systems
- in-flight infotainment systems
- running digital billboards
- mobile phones (hello android, meego, maemo, webos, etc)
- smart televisions
- smart dvd/blue ray players
You see Linux out in force on all of the above mentioned hardware platforms.
The global Linux installbase absolutely dwarfs Windows in comparison by the simple nature that Linux runs on more hardware architectures than any general purpose operating system ever created (which rules out iTron, eTron, and the tron variants).
Pretty much all of the new IoT "smart devices" are some Linux variant as well. I could go on and on, but really think you miss the forest for the trees here.
Yes Windows beats the snot out of Linux on the Desktop. The desktop is quickly becoming irrelevant as the world becomes more connected.
in-flight infotainment? Let's start with Alaska 
digital billboards? Given the number of snarky pics on the internet of billboards rebooting, etc, are you really gonna even try to go there?
Windows has a lot of play in the embedded world too. Yeah, certain areas not as much as others, but it definitely is out there.
Mind if I ask for non-biased sources? The first one has no date and the second is only for alaska airlines.
America and new purchases are the tip of the iceberg of the market... maybe those kinds of statistics will be accurate in 15 years time when everything trickles down. Nobody has a mobile phone with a fancy OS to a reasonable approximation, and if they do they are all androids (which you can call it linux all you want, but Google did a whole pile of work to make it viable and has locked up and made it difficult to work with the usual tools people associate with that environment)
From a desktop perspective, yes, but Linux at this point has a majority stake in pretty much every other realm of computing.
When it comes to building an actual app that's open-source (and not meant to be included in other projects), GPL is a really great way to go. In my mind, it protects the end-users of the app such that it can never be infected by closed-source software, via me or by anyone else, as long as it stays GPL.
For things like protecting a project against the hooked tentacles of the US government's spy machine, it's a great tool. Sure I can put in backdoors, but everyone in the world will see it.
Market share on desktops might be low, though I don't actually care. I care that when microsoft or apple decide you can't install software outside of their app stores, when they decide you can only use DRM enabled video players, etc, that there's somewhere to turn.
Tech Crunch states that OS X has a 13.6% market share of consumers purchases. http://techcrunch.com/2014/11/07/mac-achieves-highest-u-s-pc...
I myself use Linux and Windows machines. I prefer my own hackery terminals and tiled window manager for my desktop so I am in that tiny minority. I do not support most of RMS (Richard Stallman) says but Absolutly GNU has been a technology changer and all Open Source which effects all operating systems today owe a debt to GNU and that license.
So please don't just post bah humbug without backing up why you would say such harsh things about anything. The more you disagree the more that is needed to be communicated on the your part to start a conversation.
Between this, OpenBSD, Haiku/BeOS, Linux and DragonflyBSD are my fav in term of news and interesting things to read. The dude from DragonflyBSD was over at Slashdot talking about batchprocess vs msg passing pro, con, when to use it.
This sounds just like "HURD is almost ready" back in 1990s
On a completely different note, just what is it about some software projects that stretches them out over such huge time scales? Hurd, Perl 6, LaTeX 3, etc.
Regarding the second question, a mix of not a lot of resources, stubbornness and in a lot of cases, petty bickering.
Technically it's not any kind of kernel. Mach is the kernel, and Hurd is a collection of servers.
Well, I said it's a virtual kernel. That's virtual in the sense of "same interface, different implementation". A virtual X is not an X; it's just handled like an X. A virtual file is not a file. Virtual memory is not memory. Virtual reality is not reality. Etc.
Since it is not a kernel, but is supposed to replace one, virtual kernel would seem to be an accurate term. However, it's too easy to misunderstand, due largely to horribly incorrect usages like "virtual bank" and "virtual classroom" that have been floating around for a while. Alas!
If anything, that makes even more sense for a microkernel, with different function call families being provided by different servers.
quote: Also note that you cannot run the Hurd "in isolation": you'll need to add further components such as the GNU Mach microkernel and the GNU C Library (glibc), to turn it into a runnable system.
Of course making it easy is a ton of work.
If they want to gain some traction maybe they should work on a version of the OS in Rust. That would be interesting. glibRust.
Of course, in practice it's a distro's job to make things easy. There's a version of Debian running HURD, but I don't know how up-to-date it is: https://www.debian.org/ports/hurd/