GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I just saw here (slide 2 of 4) that Windows 2012 will require a UEFI bios and especially "Secure Boot" to be enabled.
I don't want to write right now the exact details - all I want to mention is that when I read that my first thoughts were "aaahhh, not again that s**t".
I just saw here (slide 2 of 4) that Windows 2012 will require a UEFI bios and especially "Secure Boot" to be enabled.
No, it doesn't. It no longer requires Secure Boot to be optional. OEMs will have the option of allowing Secure Boot to be turned off, whereas before they were required to allow it to be turned off.
Distribution: M$ Windows / Debian / Ubuntu / DSL / many others
Posts: 2,339
Rep:
Quote:
It will be mandatory to ship with Secure Boot enabled. It will be optional to allow the user to turn it off.
Obviously it has nothing to do with security and everything to do with anti-competitive vendor lock-in. I knew this would happen
even those many didn't believe me.
Obviously it has nothing to do with security and everything to do with anti-competitive vendor lock-in. I knew this would happen even those many didn't believe me.
Quote:
Originally Posted by frankbell
"Secure Boot" translates to "Secure Market Share."
Quite the refutation of the "companies don't care about the Linux desktop because it has 'only' 2 market share" argument, isn't it.
Secure Boot is designed to prevent pre-boot malware.
It has nothing to do with "locking out" other operating systems -- Ubuntu, Fedora & OpenSUSE will all install a Secure Boot compliant system.
It is even possible to create your own keys, enrol them into the firmware (BIOS) and sign the kernel image & boot loader/manager to acheive a Secure Boot set up that is completely independent of the Microsoft licence. http://kroah.com/log/blog/2013/09/02...d-linux-kernel
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by Head_on_a_Stick
It is even possible to create your own keys, enrol them into the firmware (BIOS) and sign the kernel image & boot loader/manager to acheive a Secure Boot set up that is completely independent of the Microsoft licence. http://kroah.com/log/blog/2013/09/02...d-linux-kernel
Not when Windows 10 machines are released. Well, to be more precise, it is not guaranteed that it will be possible to create one's own keys on a Windows 10 machine as M$ are removing that requirement for vendors to be able to mark their equipment Windows compatible.
I am sure some vendors will continue to play fair but some may be paid by M$ to lock down secure boot and some may find it cheaper to do so.
So, this isn't "the sky is falling" but it is a slightly worrying move.
Well, according to Wikipedia, the Equation Group malware "infects the hard drive firmware, which in turn adds instructions to the disk's master boot record that causes the software to install each time the computer is booted up." So I guess this means secure boot should -- in theory -- prevent the malware from running. In any case, I wouldn't risk my neck for it
Last edited by Hungry ghost; 03-21-2015 at 02:19 PM.
If I bought a system that didn't allow me to disable secure boot, I'll complain to the customer/tech support people and tell them I don't like using windows and I only use linux. If they refuse, I'll just get my refund.
I believe if you plan to use inux only a system from system76 or zareason is best.
Last edited by linux4everybody; 03-21-2015 at 02:22 PM.
Distribution: M$ Windows / Debian / Ubuntu / DSL / many others
Posts: 2,339
Rep:
Quote:
Originally Posted by linux4everybody
If I bought a system that didn't allow me to disable secure boot, I'll complain to the customer/tech support people and tell them I don't like using windows and I only use linux. If they refuse, I'll just get my refund.
I believe if you plan to use inux only a system from system76 or zareason is best.
The problem is that it removes the possibility for non highly computer-savvy people to try alt OSes. Not even a live cd.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.