Linked by Thom Holwerda on Mon 4th Feb 2013 22:10 UTC
Google "People are, unsurprisingly, upset that Microsoft have imposed UEFI Secure Boot on the x86 market. A situation in which one company gets to determine which software will boot on systems by default is obviously open to abuse. What's more surprising is that many of the people who are upset about this are completely fine with encouraging people to buy Chromebooks. Out of the box, Chromebooks are even more locked down than Windows 8 machines." Good point.
Thread beginning with comment 551481
To read all comments associated with this story, please click here.
Ironic Title
by Alfman on Tue 5th Feb 2013 06:03 UTC
Alfman
Member since:
2011-01-28

The title is ironic because it implies only those who dislike secure boot have an issue, but it sounds like the chromebook gives the most trouble to users who'd actually want to have secure boot enabled while using a 3rd party OS.

This is one of the cases that I feared would happen, in fact most problems with secure boot were foreseen. The reality is that the feature was designed to be used by venders and not the end users, this really shows.

For an open standard like UEFI, owner control ought to have been *expressly* possible. It's disgraceful that the standard didn't require compliant implementations to enable owners to take control over their own hardware keys as they want to. As it stands, there's no requirement for owners to have access to their own hardware keys and it's only by the graces of anti-trust threats that Wintel owners have largely avoided a skirmish.

I hope there's enough public outcry on non-wintel platforms to pressure all vendors to open up Secure Boot on their respective platforms as well. Google, for it's part, is going to find itself in a tossup between it's role in standing up for open principals or behaving more like OS/hardware vendors who want to lock out end users & competitors.

Reply Score: 7

RE: Ironic Title
by pgeorgi on Tue 5th Feb 2013 18:27 in reply to "Ironic Title"
pgeorgi Member since:
2010-02-18

I hope there's enough public outcry on non-wintel platforms to pressure all vendors to open up Secure Boot on their respective platforms as well.

chromebooks don't use UEFI SecureBoot, which is what Matt is whining about. ARM chromebook with locked down UEFI SecureBoot would probably be okay, as long as it's UEFI.

Fanboys are a weird bunch.

Google, for it's part, is going to find itself in a tossup between it's role in standing up for open principals or behaving more like OS/hardware vendors who want to lock out end users & competitors.

Lock out end users? You can install whatever firmware you want. chromeos verified boot (with your own keys), UEFI (with your own keys if you so desire), seabios for "normal" BIOS (on x86 chromebooks anyway).

They do lock out competitors - as commented in the comments to mjg's rant, the chromeos devs want to enable user installable keys in the default install.

That might solve it, or not. Depending on how they do it, that still won't help Redhat.
I don't care, it's about user freedom, not 1bio us$ revenue, 800lbs gorilla company freedom.

Yes, I'm grumpy. mjg praises UEFI SecureBoot, a closed standard of which all real-world implementations are closed sorce, as if it was his own invention, while ranting against other open source projects.

Ironically, I might be the first to release an open source x86 UEFI with SecureBoot soonish - mjg is best ignored IMNSHO.

Reply Parent Score: 4

RE[2]: Ironic Title
by Alfman on Tue 5th Feb 2013 19:10 in reply to "RE: Ironic Title"
Alfman Member since:
2011-01-28

pgeorgi,

"chromebooks don't use UEFI SecureBoot, which is what Matt is whining about."

Yes, you are right. The article didn't make clear he was comparing apples and oranges, and I didn't catch it, facepalm...

"ARM chromebook with locked down UEFI SecureBoot would probably be okay, as long as it's UEFI."

Are you saying this is what mjg would think? Somehow I don't think so.


"That might solve it, or not. Depending on how they do it, that still won't help Redhat. I don't care, it's about user freedom, not 1bio us$ revenue, 800lbs gorilla company freedom."

BTW mjg is not a redhat employee any longer so his blog posts shouldn't be affiliated with them.
http://mjg59.dreamwidth.org/19695.html

Reply Parent Score: 2

RE[2]: Ironic Title
by mjg59 on Tue 5th Feb 2013 23:25 in reply to "RE: Ironic Title"
mjg59 Member since:
2005-10-17

Closed standard? It's a publicly available document. You don't need to pay any license fees. You get the right to use all the embodied patents. There's a complete implementation of the specification available under a free software license, including Secure Boot support.

I'm not in favour of any platforms locked to a specific vendor, but nor am I in favour of platforms where one vendor gets special control over what I run. If they're able to lock down my system, I want to be able to lock down my system.

Reply Parent Score: 2