Linked by Thom Holwerda on Fri 23rd Sep 2011 22:22 UTC, submitted by kragil
Windows The story about how secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog - but didn't take any of the worries away. In fact, Red Hat's Matthew Garrett, who originally broke this story, has some more information - worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
Thread beginning with comment 490867
To view parent comment, click here.
To read all comments associated with this story, please click here.
modmans2ndcoming
Member since:
2005-11-09

apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so.

Reply Parent Score: 2

Alfman Member since:
2011-01-28

modmans2ndcoming,

"apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so."

This is vague, a citation or at least a manufacturer would be good.

It's true, there are instances of windows drivers being infected, however as far as I know these have all been correctly signed to load under windows.

The windows code signing certificates that are sold to developers tell the windows to trust their code, and tell the user the identity of the developers (with the same caveats faced by SSL certificate authorities). However cryptography offers no features to block malicious code from being signed. Secure boot will not fix this, and can never hope to.

I have no idea which driver malware you are talking about, but unless it involved the bootloader, chances are secure boot would not have made a difference.

Reply Parent Score: 2

Soulbender Member since:
2005-08-18

apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so


Yes I am so please enlighten us. I would expect a mobo manufacturer to already sign the drivers so neither driver signing nor secure boot would protect you from that.

Edited 2011-09-28 19:48 UTC

Reply Parent Score: 2