Linked by Thom Holwerda on Thu 3rd Nov 2011 19:34 UTC, submitted by lucas_maximus
Hardware, Embedded Systems A big issue right now in the world of operating systems - especially Linux - is Microsoft's requirement that all Windows 8 machines ship with UEFI's secure boot enabled, with no requirement that OEMs implement it so users can turn it off. This has caused some concern in the Linux world, and considering Microsoft's past and current business practices and the incompetence of OEMs, that's not unwarranted. CNet's Ed Bott decided to pose the issue to OEMs. Dell stated is has plans to include the option to turn secure boot off, while HP was a bit more vague about the issue.
Permalink for comment 496263
To read all comments associated with this story, please click here.
RE[7]: Ok, let's be fair
by Alfman on Mon 7th Nov 2011 05:57 UTC in reply to "RE[6]: Ok, let's be fair"
Member since:


You're still avoiding all of the questions. You say we shouldn't speculate over what hasn't happened yet, but that just reaffirms my point that these things are open questions. Also, regardless of how things play out, it is completely reasonable to criticize the spec today for excluding the owner from the chain of trust.

Even for OEMs that do want to allow owners to have control, there will be no universal mechanism for owners to load platform keys, since it's absent from the spec. This creates administrative problems for enterprises who prefer to manage their own keys.

On the topic of whether many OEMs will implement owner key controls outside the scope of the spec, that's undetermined. Sure, we could wait-and-see, and then complain afterwards - but that's not a favorable outcome. My opinion is that we should try to put public pressure on them right now before they ship.

Reply Parent Score: 2