LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 07-20-2012, 05:42 PM   #16
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 6,919
Blog Entries: 51

Rep: Reputation: Disabled

Well, as long as that is all there is to it, OK. But this tiny paranoid streak in me suspects an hidden agenda.
 
Old 07-23-2012, 09:43 PM   #17
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,268

Rep: Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086
It's really not a "hidden agenda," as long as the technology (a) actually works, as verified by peer-review; and (b) can be used by other operating systems.

We have a genuine business need, when constructing "trustworthy" computing environments, to be able to control the entire software environment, including the built-in (flash...) ROM software.
 
1 members found this post helpful.
Old 07-24-2012, 02:47 PM   #18
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 138Reputation: 138
Given Microsoft's past behaviour one could make a case for a "hidden agenda".

1) back UEFI (done)
2) back SecureBoot (done)
3) make sure all UEFI BIOSes incorporate SecureBoot (done)
3) strike deal with ARM manufacturers so their SecureBoot BIOS only boots Windows (almost there)
4) strike deal with desktop OEM's so that their SecureBoot BIOS only boots Windows (pending)
5) strike deal with desktop motherboard manufacturers so that their SecureBoot BIOS only boots Windows (pending)
6) strike deal with server OEM's so that their SecureBoot BIOS only boots Windows (pending)
7) strike deal with desktop motherboard manufacturers so that their SecureBoot BIOS only boots Windows (pending)
8) 99.9% of all "PC" and related servers now only boot Microsoft products.

Have they considered it? Probably.
Is it practical? No.
Could it be practical as far as step 4? Yes, possibly even step 5.

It starts to break down on the server market. Then there would be the inevitible legal hurdles such a strategy would entail and the costs involved. Another very practical obstacle to trying to implement such a plan beyond the OEM desktop.
 
2 members found this post helpful.
Old 07-24-2012, 03:05 PM   #19
PhoenixAndThor
Member
 
Registered: Sep 2009
Location: Geogia, USA
Distribution: Ubuntu, Debian, Live CDs
Posts: 213

Rep: Reputation: 38
NyteOwl, your step 7 is redundent. If it ever gets as bad as all new desktop motherboards being pre-locked to Windows, then vendors like System76 are going to have a lot more customers. I know that we Linux/BSD/other OS users only make up a small percentage of the desktop market, but there are enough of us around to where such a thing will not be possible.

Also, since most web servers run something other than Windows, I really can't see any server motherboard manufacturers implementing the secure boot crap. In my opinion, the SecureBoot/RestrictedBoot crap really isn't necessary to begin with. It's just another way for MS to make money without actually making a product.
 
Old 07-24-2012, 04:46 PM   #20
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,268

Rep: Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086
Also, NyteOwl, there is a bit of practical reality here. If "99.9% of all servers now must boot Microsoft products," then a very significant percentage of those servers have just become ... unmarketable!

Linux, BSD, and several other "non-Microsoft" operating systems are, and always will remain, "legitimate and necessary operating systems" that there is, and always will be, a fundamental requirement to be able to run. And, to run with "secure boot" capability. (In other words, "if I have a legitimate business need for secure boot ... and I do ... then I have that need, regardless of which particular operating system I am talking about.

Walk into any server-farm on the planet, and it is extremely likely that you are looking at machines, side-by-side with one another, who are running many different operating systems (and versions thereof). The need to be able to guarantee that a bored (or clandestine) computer operator cannot hijack a system by rebooting it from an unauthorized DVD-ROM at 2:30 in the morning is a very legitimate business concern which actually has nothing at all to do with "Microsoft" or "Windows."

There are laws coming down, in all sorts of businesses including but not limited to health-care, that say that you must be able to guarantee this. And time is running out to prove compliance.

Last edited by sundialsvcs; 07-24-2012 at 04:47 PM.
 
Old 07-27-2012, 07:45 AM   #21
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 11,057
Blog Entries: 1

Original Poster
Rep: Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373
Post Fedora Linux Moves Forward with UEFI Secure Boot Plans

Hi,

Fedora Linux Moves Forward with UEFI Secure Boot Plans announcement article with some helpful information.
 
Old 07-27-2012, 07:58 AM   #22
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 6,919
Blog Entries: 51

Rep: Reputation: Disabled
OpenBSD's de Raadt slams Red Hat, Canonical over 'secure' boot
 
Old 07-27-2012, 09:37 AM   #23
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 11,057
Blog Entries: 1

Original Poster
Rep: Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373Reputation: 1373
Member Response

Hi,

brianL, too much misinformation by the commentators to the article. Both articles are helpful and do reveal the on-coming issues for some hardware vendors that stick/set the secure boot. Most still provide the means for a BIOS compatibility but when will that no longer be available?

People do not understand that 'UEFI' & 'Secure Boot' are different animals. 'UEFI' is a protocol that does provide the provision for 'Secure Boot' protocol for hardware.

UEFI Today: Bootstrapping the Continuum is a good paper with useful information. Be sure to download and read: UEFI and the OEM and IHV Community
 
Old 07-27-2012, 10:06 AM   #24
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 6,919
Blog Entries: 51

Rep: Reputation: Disabled
I'm still not convinced. I still regard Secure Boot as a potential threat, interfering with peoples' rights to install whatever operating-systems/distros/software on whatever hardware they want.
 
Old 07-27-2012, 10:10 AM   #25
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,438
Blog Entries: 2

Rep: Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001
Quote:
Originally Posted by brianL View Post
I'm still not convinced. I still regard Secure Boot as a potential threat, interfering with peoples' rights to install whatever operating-systems/distros/software on whatever hardware they want.
If you don't like it, disable it. Simple as that.
 
Old 07-27-2012, 10:15 AM   #26
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 6,919
Blog Entries: 51

Rep: Reputation: Disabled
Yeah, but are you sure you will be able to do that on all hardware? Or will you possibly be limited in choice?

Last edited by brianL; 07-27-2012 at 10:18 AM.
 
Old 07-27-2012, 10:18 AM   #27
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,438
Blog Entries: 2

Rep: Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001
Quote:
Originally Posted by brianL View Post
Yeah, but are you sure you will be able to do that?
Yes. All you have to do is to buy a motherboard/PC with the Windows 8 logo, then you must be able to do that. Otherwise they wouldn't have the logo.
 
Old 07-27-2012, 10:50 AM   #28
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 6,919
Blog Entries: 51

Rep: Reputation: Disabled
Windows 8 logo? Why not some new logo, independent of any individual company? You might be willing to trust Microsoft, but I wouldn't. It could all end up as restrictive as their EULAs.
 
Old 07-27-2012, 10:55 AM   #29
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,438
Blog Entries: 2

Rep: Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001Reputation: 4001
Quote:
Originally Posted by brianL View Post
Windows 8 logo? Why not some new logo, independent of any individual company?
Because nobody would care for such a logo. Microsoft is the biggest fish in the pool, so the hardware manufacturers will use their logo.

The requirements for the Windows 8 logo for x86 hardware clearly state that it must be possible to deactivate Secure Boot and to add your own keys if you don't want to disable it.
It may sound ironical and somewhat odd for a Linux user, but buying Windows 8 hardware is in this case the only way to go to make sure that Secure Boot actually will not prevent you from installing the OS of your choice.
 
Old 07-27-2012, 11:05 AM   #30
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 6,919
Blog Entries: 51

Rep: Reputation: Disabled
Quote:
Originally Posted by TobiSGD View Post
Microsoft is the biggest fish in the pool
Yeah. Great White shark. Do you really want to swim with them?
Quote:
Originally Posted by TobiSGD View Post
It may sound ironical and somewhat odd
Not to mention downright suspicious, and against GNU/Linux principles.
 
  


Reply

Tags
bios, secure boot, uefi


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Will your computer's "Secure Boot" turn out to be "Restricted Boot"? LXer Syndicated Linux News 0 10-17-2011 09:00 PM
What are the easy to follow step-by-step instructions for loading "WICD" in Slackware Twilight_Bandit Linux - Software 2 06-22-2009 05:16 AM
boot hangs at the "/boot: clean" step dh4 Linux - General 1 03-10-2007 10:14 AM
LXer: Why EnGarde Secure Linux is "Secure By Design" LXer Syndicated Linux News 0 10-10-2006 12:21 AM
LXer: O'reilly Releases "Learning PHP & MySQL": A Step-by-Step Guide to ... LXer Syndicated Linux News 0 06-21-2006 06:33 AM


All times are GMT -5. The time now is 10:34 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration