GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was just saying that the whole secure boot idea comes from MS, and I can't help finding this rather suspicious.
Fair enough, but seeing that Windows systems on the desktop are one of most targetted, I don't really find it surprising that they at least try to come up with solutions to those problems.
Quote:
What is the point of having security features mostly disabled by default for the average user, the same user who has no idea of how to strengthen his machine security, or why he should do that? Do you think this is what a truly security-focused company should be doing? And what is the proportion of average vs tech savvy Windows users?
The point is that support costs and bad reviews would increase dramatically when the average user suddenly is limited by his own system and has to learn security before being able to use them. I guess that is also the reason why most of the distros that aim at the average user (Ubuntu, Mint, ...) also don't implement advanced security features. I totally agree with you that this is not a good thing per se, but I can see where they (both Microsoft and the distro maintainers) are coming from.
Quote:
Edit: TobiSGB, I appreciate your impartiality, and I agree you can possibly re-configure a Windows machine to be more secure. But I just dislike MS attitude. Sales are their number one priority. But security, beyond all they pretend, who cares?
Of course sales are their number one priority, after all Microsoft is a not a non-profit organization, they are a commercial company and their leaders, like in most large companies, have to please their shareholders.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by manu-tm
I was just saying that the whole secure boot idea comes from MS, and I can't help finding this rather suspicious.
It doesn't though, as I mentioned in previous posts. Having a signed bootloader and keys on the device is nothing new -- it's just they haven't really been on general-purpose computers up until recently. I completely agree that M$ will use anything to gain market share but I don't agree that that is the primary reaaon for this. The likes of "secure boot" have been a long time coming to mainstream personal computers.
Juat as an aside, also, it's not just Microsoft who don't apply full security to default installs -- lots of Linux distro's do all sorts of things which are considered bad practice on default installs. Heck, Canonical have been known to capture root equivalent passwords in plaintext during the install...
Distribution: M$ Windows / Debian / Ubuntu / DSL / many others
Posts: 2,339
Rep:
Quote:
lots of Linux distro's do all sorts of things which are considered bad practice on default installs.
I'll take a reasonable amount of convenience of security any day. The average computer user just doesn't need the same level as a business and government security.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by smeezekitty
I'll take a reasonable amount of convenience of security any day. The average computer user just doesn't need the same level as a business and government security.
I am the same, I agree. I was only posting regarding the suggestion that M$ were somehow alone in doing it.
Of course sales are their number one priority, after all Microsoft is a not a non-profit organization, they are a commercial company and their leaders, like in most large companies, have to please their shareholders.
Yeah, and that's why it's totally impossible to trust their official corporate blah blah.
Once they are allowed to, they will. MS knows this.
They were allowed all the time. Nothing at all was preventing them from not offering this option, they only needed to implement it if they wanted to participate in the Windows 8 Logo program. Participating in this program is not necessary, even when you want to deliver machines with Windows 8 pre-installed, and there are many OEMs that didn't participate.
If you've got the skills (which I believe smeezekitty has), you can install Libreboot yourself. Limited options, yes - but I bought a refurbished X200 off an eBay dealer for £83 and it's running Slackware64 14.1 perfectly.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
It will be interesting to see whether any OEMs decide to prevent the disabling of "secure boot" and, if they do, why. I can't see it being cheaper to do so as UEFI and BIOS are surely just third-party standard software so removing routines may even cost more?
I do worry that M$ may revert to their previous style of business though and pay OEMs to lock down "secure boot" via some kind of "loyalty discount" or other plausibly deniable means. Hopefully though they've learned from their previous criminal conduct that they will have some kind of sanctions imposed for that kind of behaviour even if they are relatively mild.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.