Linked by Elv13 on Sun 17th Jun 2012 10:35 UTC
Hardware, Embedded Systems "The UEFI secure boot mechanism has been the source of a great deal of concern in the free software community, and for good reason: it could easily be a mechanism by which we lose control over our own systems. Recently, Red Hat's Matthew Garrett described how the Fedora distribution planned to handle secure boot in the Fedora 18 release. That posting has inspired a great deal of concern and criticism, though, arguably, about the wrong things."
Permalink for comment 522669
To read all comments associated with this story, please click here.
RE[3]: uefi disable
by pgeorgi on Mon 18th Jun 2012 16:00 UTC in reply to "RE[2]: uefi disable"
Member since:

I failed to see how the proposed solution is somewhat unfitting. He asked for a simple jump or switch on motherboards, nothing more. I think it is the best and simplest solution I ever heard.

After some kicking and screaming, Microsoft was coerced to require a soft switch (somewhere in the firmware menu) to disable secureboot in order to gain the Windows 8 Logo. That's not the concern.

There are numerous others, eg.: Will that switch cease to exist sometimes, eg. with Windows 9 Logo? Why can you only ever sign files, incl. UEFI drivers with one signature, which grants an effective monopoly to Microsoft?

It will not lessen what Red Hat can do or claim for their systems and provides a fair level playing field for all others involved on linux/*BSD, or whatever camps.

Using such a switch (no matter if hardware or software) prevents the "boots securely" checkbox item on the RHEL sales material. Redhat _needs_ secureboot capability - not so much for Fedora, but for RHEL.
I guess that they do it for Fedora is just a way to get it tested before they run it by their paying customers.

Reply Parent Score: 2