On Thu, Jan 28, 2016 at 06:55:49PM +0000, Brad Rogers wrote:
On Thu, 28 Jan 2016 19:20:19 +0100 jdd <jdd@dodin.org> wrote: Hello jdd,too bad if real.Yes, there are (theoretical) security issues, but IRL, it isn't going to affect non-Windows machines until/unless they get a larger market share. In any case, the way licensing is done would you want to pay to install a free OS? It's anathema to me.
What's to license? As I understand it, UEFI is a fairly open standard. Generating a key for it and loading that in doesn't require any licensing as far as I know.
Where the FUD comes from is that *some* UEFI implementors only allow the firmware to store one secure-boot key. This is where the problems come, if you want to dual-boot Windows and Linux. Namely that, because you can't change the key Windows uses, you have to sign Linux with Microsoft's key, or else do without secure boot.
However, as far as I'm aware, a good UEFI implementation will allow you to associate different keys with different boot partitions. Therefore Windows boots in secure mode because it verifies its own key and Linux ALSO boots in secure mode, because it verifies ITS own key.
Granted, getting this all to work is rather complex at the moment, but there is nothing in UEFI per se stopping dual-secure-boot.
if so verify after turning it off than windows still bootDon't know, don't care; I've never owned a Windows machine. I have no reason to start now. -- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent" Dream on white boy, dream on black girl Original Sin - INXS
-- For more information, please reread.
Attachment:
signature.asc
Description: PGP signature