It is all about control, who control who through what. It is their brand new control toy for sure, don't be naive, even if they say, "oh you can disable it", that is just a ground been prepared for later on. Every coin has 3 sides, and people normally don't pay attention to the 3rd side. Threats aren't to be detect, until is too late. Fences are been built around, you can see through it but if you jump over it well...
Then the fences get electricity, barbwire, you name it. At the end you will be locked, in or out, still locked.

"Lets control the computers, the internet, so the people will be controlled too." That is their(governments, corporations) plan, if you can't see it, you have been controlled already.

Regards

If Microsoft wants UEFI then so be it. There will be countless ways to bypass this, since security is not a strong point of this company. And how can one pretend UEFI is for security reasons anyway? They simply try to lower the piracy rate of their systems which is a total failure.

Furthermore, no one should be able to decide what's best for you. You pay for a PC and you should be able to do whatever you want with it, that includes installing a malware filled system. You do it at your own risk.

Once again, UEFI is not the same as Secure Boot. Also, Secure Boot can not be used to prevent piracy, since the copied bootloader is still signed. By the way, it is their good right to prevent people from circumventing their license. If you don't agree with that license than don't use it, in the same way you are not allowed to circumvent any other license,like the GPL.

Besides that is it a non-sense argument that it is your right to install a malware filled system. Don't get me wrong, if you want you can do that, but then disconnect that machine from the net, so that it doesn't fill our mail accounts with spam or is used to attack our servers.

Hi,
Hopefully you have read information on 'UEFI' if not then please consider 'Unified Extensible Firmware Interface (UEFI)';You could go to: http://www.uefi.org/home/ for more help & information.

There is too much 'FUD';

I'm not trying to spread FUD or anything. I'm not an expert on the subject but according to Wikipedia:

So from what I understand so far BIOS is too primitive to have a feature like secure boot implemented so they needed a replacement.

UEFI is far older than Secure Boot, so no, UEFI was not invented with the intention to years later implement Secure Boot.

I didnt said UEFI was invented for secure boot. What I meant is that they figured out UEFI is much more advanced than BIOS ( and by all means it should be, considering the age of BIOS ) and so the replacement process began.

Anyway, we'll have to wait and see what happens, but I'm afraid that this won't end here.

My last post was removed and/or I was reprimanded by
the moderator God, for something or other which I think
He didn't understand. Sarcasm with intelligence, for example,
is communication. This topic deserves repeats from every side in
my stupid opinion, sir, because it relates to the future of
Linux for Everyman.

This is what He, and many, don't get:

There is a reason to hope that Linux will be popular
outside of *nix professionals. It gives us a lot of levers.

However, that requires easy access to Linux on new, dumb-bought
machines, by ordinary joes. <=

I probably am disqualifying myself right here by mentioning
this but I am artist. My main thing. But however (long story)
I also have enjoyed the UNIX line since version 7, at a
Canadian university.

The thing is, there are still at least two sorts
of people - ones who are comfortable with techie things,
and those who would really rather not. There is a complicated
continuous conversation here as you realize.

The thing is, if we want the levers (for Openness and
Goodness) that Linux will potentially give us still, it at
least has to continue to have it's current popularity,

-> OUTSIDE of the community that can compile and
do any whiz thing necessary to get what
they want.

i.e. Dumb guys like me have to have a way.
And that's what -so far- it looks like Windows 8
and the bloody greedy vendors .. are going
to do.

Close the "civilian" users of Linux free "market".

For instance, I no doubt will be fine, but how am I going
to support Linux for dummies, if that's what I might
make money on, when the possibility evaporates?

Somebody said somewhere that no one has stepped
up to the plate to do a UEFI boot for us all.

Or I hallucinated again.

I think, at the very least, that this issue is a real
sore soreness, and should stay alive, and am kind
of pissed that Linuxers should shut me up when
it's kind of important.

-jae

Your post was removed because of the failure to edit & remove the masked vulgarity. Plus you were in violation;You were given the opportunity to edit & revise your post. When you did not then the post was deleted for not abiding the LQR.I do understand the proper use of 'UEFI' protocol. Too much 'FUD' and rumors that misstate the facts to suit their argument or to the their understanding(s) thus causing issues.
Your views are not clear. Documentation is available to help ordinary 'joes' to understand what and how someone can use a 'UEFI' based machine.
I do not see how that will dis-qualify you.
Then maybe stick with turn key equipment. If you are not willing to learn how to use the newer systems with protocol changes then it will be difficult.
I really do not see an issue. Informed users will continue to use equipment with Gnu/Linux.
Review the documentation available so you will be informed.
Only if you and people like you will not inform so that the ability to perform will evolve.
False fear(s), you will always have *buntu like Gnu/Linux available to hold your hand thus limit abilities. Yet, you will be able to use a Gnu/Linux.
There you go again! Someone passes 'FUD', you believe it thus pass it on. 'UEFI' with a Gnu/Linux is doable. No issues! Do us all a favor and do some searching or read some of the previous linked information for 'UEFI' within this thread.
No one is shutting you up! You are not informed nor tooled to understand 'UEFI'. Spend a little time reading the protocol(s) for 'EFI' then for 'UEFI' so when you do present information then it will be formed and reliable information. Look at 'UEFI_Home'; & From 'UEFI_About';If you wish to dig deeper then look at 'UEFI_Specifications'. When & if you do not understand something then post a query here.

Someone will help you to understand once you inform and re-learn why 'UEFI' is necessary.

2 members found this post helpful.

Well, let's just skip this rambling talk, that's off-subject anyhow, and stick to subject: what are the technical requirements for getting Linux to respect the secure-boot protocols, and where does Linux now stand in fulfilling them?

The exploits of Microsoft Windows that have occurred are legend: root-kitting the entire system, reprogramming the Flash ROMs on the mobo ... as thorough and complete an "exploit" as an "exploit" could possibly be.

It's no accident that there are NTFS drivers for MS-DOS. Boot up the ol' command-prompt of yesteryear, if the computer will allow you to easily do it i.e. without removing the thing from the rack and opening it up, and you can do any damm thing you want with that supposedly "secure" machine. No one's paying attention to you at 3:30 AM. No one knows you're an industrial spy or saboteur ... and no one will easily be able to detect what you have done. They will go on, maybe for years, supposing that their machines are uncompromised. The invisible Trojan Horse.

And so, people are just as interested in making sure that their production Linux systems cannot be easily exploited in this way, as they are with their Microsoft and Apple operating-systems and for precisely the same good reasons.

So ... let's just put the kibosh on off-topic diatribes about conspiracy theories, as often as necessary, and follow the progress of the Secure Boot support in Linux. That support, done correctly, is necessary to everyone concerned.

No, UEFI won't be impenetrable. Nothing is. But Master Padlock Company made millions selling devices that can be opened with the help of a soft-drink can, because they worked. The existence of the security alone is a deterrent, and Linux must support it correctly also, for those sites who wish to use it.

And there is the support: http://www.linuxfoundation.org/news-...em-open-source

Hi,

Thanks for the link.

... and this does seem to be a pragmatic solution to the matter. If you want to use hardware in your shop that implements this protection, then this solution extends that protection to cover your Linux systems while avoiding actual changes to the plentitude of Linux systems that already exist -- both within your shop and elsewhere.

It will be interesting to see how long this strategy lasts, because I can see rather obvious holes in it unless a particular operating-system image can be keyed to a device. It won't take very long for various "properly keyed" OS images to show up: of necessity, software-service and sysadmin-defribillator discs will have to have the proper keys on them. And when this happens, I suspect that we will be right back where we started from. This whole concept is really trying to tiptoe along a very delicate line between "secure" and "maintainable," and the jury might still be out as to where that line will actually turn out to be located.

I don't get how can it be a new standard, which favors one OS, and puts obstacles for the other. Yes, there is a workaround by cutting a deal with M$ and obtaining their key - wow, is that the best that can be done.
And I don't think that leaving some users at the mercy of *buntu like Gnu/Linux is a right thing to do, just because they're not techie enough. Besides I don't trust *buntu as I don't trust M$.


Stand up for your freedom to install free software

Free Software Foundation recommendations for free operating system distributions considering Secure Boot