• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Windows 11/Future for Us

Scheduled Pinned Locked Moved
General
8
18
6.9k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W
    Wayne Workman
    last edited by Dec 16, 2021, 6:52 AM

    Reading through this thread, I’d say we need a champion to help the FOG Project with the money and process. Here is where any for-profit company reading this should consider helping with two things.

    • Donate some man-hours for a person to work with the FOG devs on this
    • Donate the money to cover the cost.

    Personally, I think it should be Microsoft who helps. If FOG is unable to easily deploy Windows 11 due to secureboot related difficulties, School Districts will have further reason to just buy Chromebooks instead of Windows PCs.

    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
    Daily Clean Installation Results:
    https://fogtesting.fogproject.us/
    FOG Reporting:
    https://fog-external-reporting-results.fogproject.us/

    1 Reply Last reply Reply Quote 1
    • F
      fry_p Moderator @fry_p
      last edited by Apr 13, 2022, 7:13 PM

      Just as an update to this post…We proceeded with moving away from FOG for the time being. We now use a paid solution. It was not a decision we made lightly and ultimately was due to ease of secure booting and bitlocker as well as a more streamlined way to push apps and scripts. It’s really not fair to compare these products because of the volunteer driven, open source free nature of FOG vs. a company who can pay the money easily for certs.

      However, I want FOG to find a champion like @Wayne-Workman said. I have been with two school districts who relied on FOG for many years. I know other districts who could not function without FOG right now as well. I still want to help where I can in the Forums though I have been inactive recently, I plan to change that. Just out of curiosity, how much would it cost to have Microsoft to sign the certs?

      Like open source community computing? Why not do it for a good cause?
      Use your computer/server for humanitarian projects when it is idle!
      https://join.worldcommunitygrid.org?recruiterId=1026912

      W 1 Reply Last reply Apr 13, 2022, 11:29 PM Reply Quote 0
      • W
        Wayne Workman @fry_p
        last edited by Apr 13, 2022, 11:29 PM

        @fry_p said in Windows 11/Future for Us:

        Just out of curiosity, how much would it cost to have Microsoft to sign the certs?

        Microsoft should consider doing this for FOG as a donation.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
        Daily Clean Installation Results:
        https://fogtesting.fogproject.us/
        FOG Reporting:
        https://fog-external-reporting-results.fogproject.us/

        1 Reply Last reply Reply Quote 1
        • S
          Sebastian Roth Moderator
          last edited by Apr 15, 2022, 6:37 PM

          @fry_p said in Windows 11/Future for Us:

          I still want to help where I can in the Forums though I have been inactive recently, I plan to change that.

          Sounds great! You are more than welcome to engage.

          Just out of curiosity, how much would it cost to have Microsoft to sign the certs?

          I have no idea.

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          F 1 Reply Last reply Apr 19, 2022, 5:53 PM Reply Quote 0
          • F
            fry_p Moderator @Sebastian Roth
            last edited by Apr 19, 2022, 5:53 PM

            @sebastian-roth Is this what we would have to do for the signing? This does seem over the top, but then again, I could be looking at the wrong thing.

            Like open source community computing? Why not do it for a good cause?
            Use your computer/server for humanitarian projects when it is idle!
            https://join.worldcommunitygrid.org?recruiterId=1026912

            1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by Apr 20, 2022, 7:33 PM

              @fry_p I am not sure but sounds reasonable. Here is the fun part of the document:

              1. Code submitted for UEFI signing must not be subject to GPLv3 or any license that purports to give someone the right to demand authorization keys to be able to install modified forms of the code on a device. Code that is subject to such a license that has already been signed might have that signature revoked. For example, GRUB 2 is licensed under GPLv3 and will not be signed.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              1 Reply Last reply Reply Quote 1
              • W
                Wayne Workman
                last edited by Apr 21, 2022, 1:36 AM

                It’s got a special section just for iPXE.

                If your submission contains iPXE functionality, then additional security steps are required. Previously, Microsoft has completed an in depth security review of 2Pint’s iPXE branch. In order for new submissions with iPXE to be signed, they must complete the following steps:
                
                    Pull and merge from 2Pint's commit: http://git.ipxe.org/ipxe.git/commitdiff/7428ab7  
                    Get a security review from a verified vendor. Refer vendor to the iPXE Security Assurance Review blog post. Emphasis of the review should be on:
                        NFS functionality being removed
                        Wireless functionality being removed
                        Non-UEFI loaders are not included
                        Ensuring all known reported security problems are fixed (identified in the iPXE Security Assurance Review blog post).
                    Share the specific commits that are made to the project, allowing Microsoft to ensure the expected changes are made.
                

                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                Daily Clean Installation Results:
                https://fogtesting.fogproject.us/
                FOG Reporting:
                https://fog-external-reporting-results.fogproject.us/

                1 Reply Last reply Reply Quote 1
                • F
                  fry_p Moderator
                  last edited by Apr 21, 2022, 12:02 PM

                  I saw both of those requirements. This doesn’t look promising. I guess now it is less about the price and more about the ridiculous hoops to jump through. Also the GPLv3 thing is killer for us.

                  Like open source community computing? Why not do it for a good cause?
                  Use your computer/server for humanitarian projects when it is idle!
                  https://join.worldcommunitygrid.org?recruiterId=1026912

                  1 Reply Last reply Reply Quote 0
                  • P
                    putrzop
                    last edited by Oct 20, 2022, 10:51 AM

                    Get an EV certificate from the certificate vendor of your choice and build you own flavor of the SHIM,

                    1 Reply Last reply Reply Quote 0
                    • P
                      putrzop
                      last edited by Oct 21, 2022, 10:00 AM

                      Microsoft should consider doing this for FOG as a donation.. .

                      1 Reply Last reply Reply Quote 0
                      • 1 / 1
                      • First post
                        Last post

                      147

                      Online

                      12.2k

                      Users

                      17.4k

                      Topics

                      155.5k

                      Posts
                      Copyright © 2012-2024 FOG Project