Linked by Thom Holwerda on Fri 23rd Sep 2011 22:22 UTC, submitted by kragil
Windows The story about how secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog - but didn't take any of the worries away. In fact, Red Hat's Matthew Garrett, who originally broke this story, has some more information - worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
Permalink for comment 490700
To read all comments associated with this story, please click here.
Alfman
Member since:
2011-01-28

oiaohm,

"The prime reason for this is not DRM. Its the rate of infected machines out there. Something has to be done when more and more users are getting infected and the infection not being detectable."

How do you know that this isn't about DRM? The inability for the owner to control their own keys is extremely conspicuous of this design, which seems to be a backdoor way of imposing DRM upon the public.

Assuming the OS is entirely secure (yes, that's a big leap of faith), do you acknowledge that this "security mechanism" enables microsoft to enforce application store restrictions as well as protecting from bootloader malware?


"Mandatory secure boot I have no problem with as long as I can add my own keys when I want to. And remove keys I know they are breached.

Most of the Linux world would not care either if they can added the keys required."

I think we are all in concurrence, however it is sounding like this is not part of the spec for new systems sold with secure boot.


"Simple fact here the rate viruses are growing its getting too cpu consuming to be working by black list. Items like secure boot based on public key encryption has to come."

If this is your criticism of signature based antivirus scanners, then I agree it's a problem. However adding vendor controlled PKI authentication to secure boot neither addresses this problem, nor is it required of the security problem which secure boot allegedly tries to solve.

Why put all this effort in locking the front door when it's the windows that are broken? (I hope you appreciate the play on words).

Reply Parent Score: 2