On Mon, Dec 31, 2012 at 11:23 AM, David Hubbard david.c.hubbard+coreboot@gmail.com wrote:

Andrew has good points. Technically there's nothing about Secure Boot that can be proven to exclude alternative OS's such as Linux.

While that is technically true, I am starting to see reports of systems that, at the very least, are making it hard to boot anything but Windows. Also. Microsoft has exercised its power to limit the types of binaries that will be signed, e.g. anything built with GPL V3 will not be signed. Now, while they may have valid reasons, this does demonstrate the extent of Microsoft's power over platforms with Secure Boot. I find it worrisome.

Given what a mess the vendors have made of $PIR/_MP/ACPI over the years, I don't see the UEFI Secure Boot situation being much better. So, get ready for desktops/laptops that "should" boot non-Windows OSes, but don't.

Garret's blog is well worth reading on this whole issue.

ron