[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Re: the ghost of UEFI and Micr0$0ft

On Tue, Jun 5, 2012 at 1:22 PM, Camaleón <noelamac@gmail.com> wrote:
> On Tue, 05 Jun 2012 19:03:54 +0200, Claudius Hubig wrote:
>> Camaleón <noelamac@gmail.com> wrote:


> Microsoft (I can't tell for the rest of the hardware manufacturers
> because their position is not mentioned in detail in the blog post) is
> forcing a needing for something I (and I guess others) _don't need_, like
> TPM modules, using a password in GRUB2, using encryption nor signing for
> safe code.


>>> "Blindly" here means there's no technical reason that supports the path
>>> they want to take for UEFI, but a marketing strategy.
>> UEFI has many benefits over the traditional BIOS, secure boot being one
>> of them. Why do you think there is no technical reason to support secure
>> boot? And what other mechanism would you suggest to use to get a chain
>> of trust from the BIOS(-replacement) to the desktop?
> UEFI is not the problem here. People is using UEFI nowadays without any
> issue. Is MS who is building a fictional wall in between.

The concept of Secure Boot is sound; it's to secure the firmware boot
of a box and the handoff from the firmware to the OS; it has nothing
to do with TPM (although I understand that they can be combined) or
grub2 passwords.

It's the implementation of Secure Boot that sucks, from a Linux
perspective. A dominant power, in our case Microsoft, will always
impose its will on others. It's the same in politics. When Great
Britain was the world's superpower, it used to impose its will on
countries, companies, and people. The US has imposed, is imposing, and
will impose for the forceable future its will on others. And China
will, if it becomes the world's superpower, do the same in the future.
Others may not like it but they don't have a choice. Secure Boot can
be turned off so there's some freedom available to those who want to
reject it - for the time being...

The board of directors of UEFI includes representatives from Apple,
Dell, HP, IBM, and Lenovo. So, even though Acer, Asus, and Samsung (to
cite a few) aren't represented, it's pretty safe to conclude that the
manufacturers are on-board.

Reply to: