Linked by Howard Fosdick on Thu 6th Dec 2012 05:26 UTC
OSNews, Generic OSes With computers now shipping with UEFI Secure Boot enabled, users of any OS other than Windows 8 will want to know how to circumvent it. Jesse Smith of DistroWatch tells how he did it here. The Linux Foundation describes its approach here. If you want to boot an OS other than Windows 8, you'll want to figure this out before you buy that new computer.
Thread beginning with comment 544532
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[5]: Fedora Shim
by Alfman on Fri 7th Dec 2012 17:58 UTC in reply to "RE[4]: Fedora Shim"
Alfman
Member since:
2011-01-28

ssokolow,

"That is, assuming they can convince the motherboard manufacturers to support things to a suitable degree."

Haven't they already?

Reply Parent Score: 2

RE[6]: Fedora Shim
by ssokolow on Fri 7th Dec 2012 18:29 in reply to "RE[5]: Fedora Shim"
ssokolow Member since:
2010-01-21

ssokolow,

"That is, assuming they can convince the motherboard manufacturers to support things to a suitable degree."

Haven't they already?


You honestly expect motherboard manufacturers to obsessively release patches for every single motherboard they offer for the entire 5-10 year lifespan of the manufactured boards and not screw up getting them actually installed in the end users' PCs?

Last I checked, with BIOS-based motherboards, the solution was "release something tested, expect no more than 1% of users to need to update, and possibly provide updates when a hardware incompatibility or software bug is discovered."

(I know of at least once instance where a Gigabyte rep insisted that it must be the owner's fault that a fully-updated BIOS was still exhibiting a problem... maybe because they were running Linux before the problem was also proven to be present on Windows)

I seriously doubt motherboard manufacturers are prepared to handle reliably providing ongoing security fixes for what is essentially a small operating system.

Reply Parent Score: 3

RE[7]: Fedora Shim
by Alfman on Fri 7th Dec 2012 22:40 in reply to "RE[6]: Fedora Shim"
Alfman Member since:
2011-01-28

ssokolow,

"You honestly expect motherboard manufacturers to obsessively release patches for every single motherboard they offer for the entire 5-10 year lifespan of the manufactured boards and not screw up getting them actually installed in the end users' PCs?"

The good ones will offer updates to older MBs retroactively, the others will only fix it going forward. Either way real defections seem unlikely.

"I seriously doubt motherboard manufacturers are prepared to handle reliably providing ongoing security fixes for what is essentially a small operating system."

There's a huge technical difference. A real OS has to be secure while running arbitrary user programs. With UEFI, you'll be hard pressed to find the opportunity to run your code in the first place because it's not authorized. So you might have to find an OS level vulnerability to get system access in order to exploit the UEFI vulnerability.

Although that's likely to happen eventually, it would become more useful to real hackers than users who just want to run linux. Once the windows vulnerability gets fixed, the UEFI one becomes inaccessible again.

Edited 2012-12-07 22:44 UTC

Reply Parent Score: 2