Published at LXer:

The question of whether Secure Boot technology in UEFI firmware could exclude Linux from PCs running Windows 8 has taken a fresh twist. Red Hat engineer Matthew Garrett, one of the first to flag up the Unified Extensible Firmware Interface issue, has blogged that Microsoft's rules for certified Windows 8 hardware do not make it easier to boot Linux despite what some have claimed. Redmond's requirements mention the existence of a boot option for PCs that can fire up a digitally signed Linux kernel. This custom boot-mode would allow the user to modify the contents of the machine's Secure Boot signature database and the platform key (PK) that verifies kernels during system start-up.

Read More...

You know, my question is: Is this Secure Boot option worth the trouble ? Or is it more of a hassle than an actual security improvement ?

I think it is the latter, but it is up to the user to decide. I have never had any security issues with current BIOSes, and all I really wanted from the new BIOS = UEFI is a nicer way to flash it ... a way that doesn't involve chances of bricking. Of course, manufacturers only care about implementing draconian plans, and not about what the user wants.

We're not the people who do. I regard Microsoft as a corporate felon -- the law says of them "Whoever [does what Microsoft did] shall be deemed guilty of a felony" -- but I think secure boot is a Good Thing. Just have to make sure off/custom are actually usable with common key management functionality, and substantially focus the blanket ARM lockdown requirement.