Re: [OT] Re: the ghost of UEFI and Micr0$0ft
On Wed, 06 Jun 2012 03:13:23 -0400, Tom H wrote:
> On Tue, Jun 5, 2012 at 1:22 PM, Camaleón <firstname.lastname@example.org> wrote:
>> On Tue, 05 Jun 2012 19:03:54 +0200, Claudius Hubig wrote:
>>> UEFI has many benefits over the traditional BIOS, secure boot being
>>> one of them. Why do you think there is no technical reason to support
>>> secure boot? And what other mechanism would you suggest to use to get
>>> a chain of trust from the BIOS(-replacement) to the desktop?
>> UEFI is not the problem here. People is using UEFI nowadays without any
>> issue. Is MS who is building a fictional wall in between.
> The concept of Secure Boot is sound; it's to secure the firmware boot of
> a box and the handoff from the firmware to the OS; it has nothing to do
> with TPM (although I understand that they can be combined) or grub2
I put TPM as an example of another technology that was intended to
"secure" our lives. I wonder how many linux users are currently taking
advantadge of it.
> It's the implementation of Secure Boot that sucks, from a Linux
It sucks because there's still not developed a normalized way of using
it. And it sucks because closed source sofware developers are using it as
a weapon to get their own purposes and goals and not considering another
approaches... and such position can be valid from their point of view but
not from ours :-/
> A dominant power, in our case Microsoft, will always impose its will on
That will be so until we stop it. And buying a single certificate is not
what I understand for a proper solution: you're only solving "one"
problem, there will be more to come.
> It's the same in politics. When Great Britain was the world's
> superpower, it used to impose its will on countries, companies, and
> people. The US has imposed, is imposing, and will impose for the
> forceable future its will on others. And China will, if it becomes the
> world's superpower, do the same in the future. Others may not like it
> but they don't have a choice. Secure Boot can be turned off so there's
> some freedom available to those who want to reject it - for the time
The true freedom starts by telling users about the real situation and not
by hidding the bad policies of a company just to gain your user base by
saying "Hey, look, we're cool. We're a user-friendly linux
> The board of directors of UEFI includes representatives from Apple,
> Dell, HP, IBM, and Lenovo. So, even though Acer, Asus, and Samsung (to
> cite a few) aren't represented, it's pretty safe to conclude that the
> manufacturers are on-board.
My guess is that manufacturers will take a "low-profile" approach: they
will just provide a way for disabling "secure boot" from BIOS/UEFI and
let the user decides what to do.