Linked by Thom Holwerda on Wed 21st Sep 2011 22:06 UTC, submitted by kragil
Windows After the walled garden coming to the desktop operating system world, we're currently witnessing another potential nail in the coffin of the relatively open world of desktop and laptop computing. Microsoft has revealed [.pptx] that as part of its Windows 8 logo program, OEMs must implement UEFI secure boot. This could potentially complicate the installation of other operating systems, like Windows 7, XP, and Linux.
Thread beginning with comment 490317
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Comment from a dumb user
by WorknMan on Thu 22nd Sep 2011 06:54 UTC in reply to "Comment from a dumb user"
WorknMan
Member since:
2005-11-13

To my uneducated mind, this sounds like the issue that people are having with some Motorola Android devices. They have locked bootloaders that don't permit any firmware not signed by Motorola to be installed.


Well, not just Motorola Android devices, but several different kinds of Android devices. And do you know what? Pretty much every one of them get rooted anyway.

From my point of view, it's a good safety measure on PCs, since 99% of people would never try to boot another OS anyway. Just give people an option to unlock if they want, and make it so that you need physical access to the PC, and make it just hard enough to find so nobody could/would do it on accident.

Reply Parent Score: 2

RE[2]: Comment from a dumb user
by Alfman on Thu 22nd Sep 2011 07:23 in reply to "RE: Comment from a dumb user"
Alfman Member since:
2011-01-28

WorknMan,


"From my point of view, it's a good safety measure on PCs, since 99% of people would never try to boot another OS anyway."

Can you explain why you think it's a good safety measure? Unless I've missed something, there would only be two ways to boot a malicious bootloader/OS:

1. The system is already compromised and rooted such that the attacker was able to overwrite the bootloader/OS. In this case, chances are very high that the attacker can do whatever he pleases already with or without secure boot.

2. The user boots from external bootable media like a cd/thumbdrive.

If secure boot is going to prevent 99% of bootable media from booting anyways (seeing as most of us won't be able to get them signed), then I question the need for disabling external booting via secure boot instead of simply disabling external booting outright by default?


"Just give people an option to unlock if they want, and make it so that you need physical access to the PC, and make it just hard enough to find so nobody could/would do it on accident."

I agree that the ability to disable secure boot would be one option. Better yet would be to allow owners to control the keys on their own systems such that they could actually use secureboot with alternative operating systems. There is no reason for this feature to be hard coded for use by microsoft/manufacturers (other than to shift control to them).

Edited 2011-09-22 07:31 UTC

Reply Parent Score: 2

RE[2]: Comment from a dumb user
by bert64 on Thu 22nd Sep 2011 10:45 in reply to "RE: Comment from a dumb user"
bert64 Member since:
2007-04-23

This should not be something that is configured by the manufacturer or software vendor...
It should be up to the purchaser of the hardware, be it an end user or a corporation, to load their trusted keys into the firmware.

If the keys are provided by someone else then it does little to help corporate security, as an attacker could just boot their own copy of a signed OS.

Similarly, using CAs is not a good idea, look at the recent hacks against various CAs...

Corporations should maintain their own internal CA, and keep the private key secure, that way their workstations would only be able to load software signed by the corporate key. Remember any given corporation will decide what software it wants to run, and won't be happy having that dictated by a third party who holds the signing keys.

Changing the key should require the setting of a hardware jumper, and the execution of an EFI based key management tool signed by one of the currently trusted keys.

Yes this would provide a method to brick hardware if you lose the keys or load an invalid one, and since the devices are under user control there would always be a way round it even if that required hardware mods.

Reply Parent Score: 4