Hi,

I am not sure about the admin structure of 'UEFI'. Arm has been a member since 2008;
As to your analogies, to me that was absurd. No one was talking about driving or other wise. You are not going to dictate designs to a manufacture. If market drives the need for design changes then possibly things can be aligned or changed.

As I have said to others: Your choice to buy or not. If the device supports user defined exemptions then great. But if you purchase something and it does not allow secondary usage or alternate use then you either default the device(possibly junk it) or return it. Your purchase of a known controlled closed environment does not give you any rights to demand it service your needs. Cry foul all you want, it will not change things.

Yup, you can't exactly stop him from stealing the disk drives. (But in some secure data centers, those drives are encrypted and locked to a particular disk-controller serial number.)

But you know, a lot of pragmatic security just comes down to putting even a very slight obstacle in the way. A friend of mine in high school kept a very expensive 12-string guitar in a cardboard case with the tiniest padlock imaginable. The lock was put there, he said, "to keep the honest people out." There are many stories of "pizza-box cat burglars" who stole from houses, even houses with very fancy burglar-alarms, just by trying the front door and seeing if it was unlocked. It often was, and the fancy-pants alarm system was turned off. They took whatever they could find in the first couple rooms and popped it into the box (which actually contained a pizza).

There is nothing to stop me removing Windows and installing Linux, or dual-booting the two OS's, on an x86 device. So I'll ask one more time: WHY should it be any different for an ARM device?

Hi,

Purchase one you can have selective choice and have the options to update or add keys. If you choose one with Microsoft Win/8 then you will not have the choice to modify for a alternate OS. As stated before, buy one that allows the UEFI user control.

You haven't answered the question: why should ARM be any different from x86? As for choosing to buy something that allows UEFI user control, that may be near impossible if Microsoft has the same influence over ARM device manufacturers as they have in the PC field. It would be in their interest to get a lock-down on all new x86 computers sold, too.

Hi,

So in your mind all ARM devices will be secured. Not so! There are loads of other major market share companies that will have ARM based devices other than just Microsoft. I have answered your question. You just fail to realize that not every device will be locked. Speculations & fear, that is the trap you are falling into. Thus spreading FUD!

Brian, you are the provocateur that you attempted to label me as.

Other ARM providers will be using hardware designs with ANDROID/Propriety OS thus the problem is non existent so no lock out. That is unless they too decide differently. Some ARM devices had to be jailbreaked to use but that too was not a big problem except for warranty.

No matter how much you openly complain about Microsoft locking ARM devices designed to work with Win/8 there will be no change. And in my mind there is no need. At this point I will not need to purchase a ARM based Windows/8 Netbook,Notebook system. No need or purpose to use value based Netbook/Notebook at this time.!

Openness for x86 arch system has continued from the onset thus the reasoning for continued openness for the design. That doesn't mean all future x86 systems will have the BIOS extensions to openly allow a user choices. At present there will be secure boot OEM for the x86 designs but to date that will have BIOS extensions to enable/disable. This latter point will allow a user to provide/generate keys for other OS.

Hi,
Of course 'UEFI' will prevent the night operator from booting with his/her Win/8 boot media. Public part of the pk(platform key) in the firmware will not allow the boot. The 'UEFI' can have additional exchange keys(kek) in the firmware which is a signature database. This database contains public keys to be used to verify different components that may be used by UEFI: drivers, boot-loaders and other OS that may be allowed to load from external sources(disks, network,USB or whatever is allowed by 'UEFI').

This database also has the means to provide revocation(s) within the database via 'forbidden signatures' that are stored and provided by UEFI organization. This list contains both authorized and forbidden signatures.

I suggest that you look at Versions 2.0, 2.1, 2.2 and 2.3 of the 'UEFI' Specification. Current is 2.3.1 with errata.

'UEFI' protocol is nothing like the BIOS of old.

HTH!