Linked by Thom Holwerda on Mon 4th Feb 2013 22:10 UTC
Google "People are, unsurprisingly, upset that Microsoft have imposed UEFI Secure Boot on the x86 market. A situation in which one company gets to determine which software will boot on systems by default is obviously open to abuse. What's more surprising is that many of the people who are upset about this are completely fine with encouraging people to buy Chromebooks. Out of the box, Chromebooks are even more locked down than Windows 8 machines." Good point.
Thread beginning with comment 551552
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Ironic Title
by pgeorgi on Tue 5th Feb 2013 18:27 UTC in reply to "Ironic Title"
pgeorgi
Member since:
2010-02-18

I hope there's enough public outcry on non-wintel platforms to pressure all vendors to open up Secure Boot on their respective platforms as well.

chromebooks don't use UEFI SecureBoot, which is what Matt is whining about. ARM chromebook with locked down UEFI SecureBoot would probably be okay, as long as it's UEFI.

Fanboys are a weird bunch.

Google, for it's part, is going to find itself in a tossup between it's role in standing up for open principals or behaving more like OS/hardware vendors who want to lock out end users & competitors.

Lock out end users? You can install whatever firmware you want. chromeos verified boot (with your own keys), UEFI (with your own keys if you so desire), seabios for "normal" BIOS (on x86 chromebooks anyway).

They do lock out competitors - as commented in the comments to mjg's rant, the chromeos devs want to enable user installable keys in the default install.

That might solve it, or not. Depending on how they do it, that still won't help Redhat.
I don't care, it's about user freedom, not 1bio us$ revenue, 800lbs gorilla company freedom.

Yes, I'm grumpy. mjg praises UEFI SecureBoot, a closed standard of which all real-world implementations are closed sorce, as if it was his own invention, while ranting against other open source projects.

Ironically, I might be the first to release an open source x86 UEFI with SecureBoot soonish - mjg is best ignored IMNSHO.

Reply Parent Score: 4

RE[2]: Ironic Title
by Alfman on Tue 5th Feb 2013 19:10 in reply to "RE: Ironic Title"
Alfman Member since:
2011-01-28

pgeorgi,

"chromebooks don't use UEFI SecureBoot, which is what Matt is whining about."

Yes, you are right. The article didn't make clear he was comparing apples and oranges, and I didn't catch it, facepalm...

"ARM chromebook with locked down UEFI SecureBoot would probably be okay, as long as it's UEFI."

Are you saying this is what mjg would think? Somehow I don't think so.


"That might solve it, or not. Depending on how they do it, that still won't help Redhat. I don't care, it's about user freedom, not 1bio us$ revenue, 800lbs gorilla company freedom."

BTW mjg is not a redhat employee any longer so his blog posts shouldn't be affiliated with them.
http://mjg59.dreamwidth.org/19695.html

Reply Parent Score: 2

RE[2]: Ironic Title
by mjg59 on Tue 5th Feb 2013 23:25 in reply to "RE: Ironic Title"
mjg59 Member since:
2005-10-17

Closed standard? It's a publicly available document. You don't need to pay any license fees. You get the right to use all the embodied patents. There's a complete implementation of the specification available under a free software license, including Secure Boot support.

I'm not in favour of any platforms locked to a specific vendor, but nor am I in favour of platforms where one vendor gets special control over what I run. If they're able to lock down my system, I want to be able to lock down my system.

Reply Parent Score: 2

RE[3]: Ironic Title
by pgeorgi on Wed 6th Feb 2013 07:29 in reply to "RE[2]: Ironic Title"
pgeorgi Member since:
2010-02-18

Closed standard? It's a publicly available document. You don't need to pay any license fees. You get the right to use all the embodied patents.

You don't get: Useful access to the test suite. Access to the development process without shelling out at least $2500/year (Contributor membership as can be seen on http://www.uefi.org/join/).

That's worse than the Java Community Process, which often was subject to critic - at least participation is free there.

It's all guarded behind weird agreements, even the plain documents: http://www.uefi.org/specs/agreement

There's a complete implementation of the specification available under a free software license, including Secure Boot support.

Except for some standard relevant parts (eg. FAT) which aren't under a free software license. And some parts that are plain missing (eg. SMP init).

I'm not in favour of any platforms locked to a specific vendor, but nor am I in favour of platforms where one vendor gets special control over what I run. If they're able to lock down my system, I want to be able to lock down my system.

You're able to unlock the system, then lock it down the way you want it. "Bring your own lock" is slightly more annoying than "Bring your own key" for distributors. For users it doesn't make much of a difference. In fact, I'd prefer to be reasonably sure that the old tenant is shut out completely, but I concede that I'm no average user when it comes to firmware.

Edited 2013-02-06 07:32 UTC

Reply Parent Score: 4