Linked by Thom Holwerda on Thu 3rd Nov 2011 19:34 UTC, submitted by lucas_maximus
Hardware, Embedded Systems A big issue right now in the world of operating systems - especially Linux - is Microsoft's requirement that all Windows 8 machines ship with UEFI's secure boot enabled, with no requirement that OEMs implement it so users can turn it off. This has caused some concern in the Linux world, and considering Microsoft's past and current business practices and the incompetence of OEMs, that's not unwarranted. CNet's Ed Bott decided to pose the issue to OEMs. Dell stated is has plans to include the option to turn secure boot off, while HP was a bit more vague about the issue.
Thread beginning with comment 495724
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[5]: Comment by Soulbender
by lucas_maximus on Thu 3rd Nov 2011 22:39 UTC in reply to "RE[4]: Comment by Soulbender"
lucas_maximus
Member since:
2009-08-18

There has been numerous evidence given that Secure boot and well reasoned arguments (booting old versions of Windows for business which MS still make money on) ...

But you guys keep chanting the same shit again and again and again.

Even people at Microsoft that are actually speak against Microsoft about some stuff (Scott Hanselman) says that Microsoft is too cumbersome and disjointed to actually "be evil" like Darth Vader .. imperial march stuff ... but whatever you probably won't listen.

http://www.hanselman.com/blog/SixMonthsInTheInsideAmIEvilYet.aspx

Edited 2011-11-03 22:40 UTC

Reply Parent Score: 1

RE[6]: Comment by Soulbender
by Alfman on Thu 3rd Nov 2011 23:38 in reply to "RE[5]: Comment by Soulbender"
Alfman Member since:
2011-01-28

lucas_maximus,

"But you guys keep chanting the same shit again and again and again."

Until our concerns are addressed, I'm afraid your going to have to continue listening this same shit again and again... You haven't addressed them either by the way, I welcome answers from you or anyone else (although I need official sources in order to take them seriously), but it seems the details are being kept behind closed doors.

These are the same questions you haven't answered before, but feel free to take a stab at them this time:

Will duel booting be possible without switching bios settings back and forth and without crippling windows?

Will users be able to use system utilities like barepe or utlimate boot cd?

Will owners be able to control the platform keys out of the box?

Will owners be able to get access to keys by contacting manufacturers?

Will manufacturers use shared or individual platform keys? If shared, then how can they transfer control for some machines while maintaining secure ownership of all the others? If individual, then how will they verify the ownership of the person requesting the transfer?

Will independent operating systems (smaller than linux) be able to get their keys signed in practice?

Will owners have the ability to not trust microsoft on their personal system?

How will manufacturers who hold the platform keys verify that independent operating systems (like Neolander's here) aren't in fact malware?

If an exploit is found in the installation media for a signed OS, will that key be revoked? If so, how will people reinstall their OS?

How will vendors convey these restrictions at the point of sale?

Will people be entitled to refunds if they find secure boot giving them trouble?

Will the manufacturers continue updating OS keys for older systems after warranties expire?

Can we trust that vendors won't tighten their grip over secure boot restrictions as time goes by and more and more systems have it installed?


You may find some of these questions irrelevant to you, but they are extremely relevant to anyone who believes in the merits of open computing.

Reply Parent Score: 8

lucas_maximus Member since:
2009-08-18

tl;dr;

Read the f--king article.

UEFI doesn't allow any OS interaction with it. That is the whole idea there isn't an OS API to interact with it .. which is why it is secure.

There are manufacturers (big ones) that say they aren't going to be dicks and not give you the option. Even the BIOS guys are saying "We want you do to it not piss people off". WTF more do you guys want?

You can boot your precious Operating System (I am an OpenBSD/Win 7 user).

GPL is incompatiple with secure boot (thanks to RMS, but BSD is alright).

WTF more do you want?

Edited 2011-11-03 23:58 UTC

Reply Parent Score: 2

RE[7]: Comment by Soulbender
by Neolander on Fri 4th Nov 2011 07:42 in reply to "RE[6]: Comment by Soulbender"
Neolander Member since:
2010-03-08

Hi,

Did you have a look at the proposal made to the UEFI standards body to allow installing new signing keys from live media ? It's linked to somewhere in the first 30 comments of this article. Although not yet full user control on keys (can users revoke the Microsoft key if they want to ?), it would already be something...

Reply Parent Score: 3