On 30/12/12 17:26, Rex Djere wrote:
I did a lot of research for the article, and I feel that I got a pretty good picture regarding what happened with AMD, coreboot, and UEFI/secure boot. I am looking for 2 things please: -feedback on whether I got anything egregiously wrong. -help if you agree with my current assessments or after I make any requisite fixes. The help would come in the form of signing the petitions that I cite in the article. Thank you and Happy New Year. Sincerely, Rex Djere
1) If you think that all the effort in developing UEFI is in response to coreboot then you have a hugely over inflated opinion of the actual importance of coreboot in the market. Secure Boot early versions date back at least to 2008 and probably earlier. UEFI is much older than that.
2) I have no idea why you imply that AMD might be locked out by UEFI and Secure Boot. AMD make CPUs. You can implement UEFI/Secure Boot on a motherboard with an AMD processor. Again Secure Boot predates AMD involvement in coreboot. The idea that AMD supporting coreboot caused Microsoft to require Secure Boot in Win8 is frankly ludicrous.
3) You do not have to use a Microsoft signed bootloader if you have the technical competence to enrol a different key onto the platform. So you can use GNU/Linux with Secure Boot without depending on Microsoft. There are solutions being produced using Microsoft signed binaries but that is mainly about convenience and avoiding requiring the user to go through the pain of alternate key enrolment rather than an absolute requirement.
Andrew
Hi Rex,
On Mon, Dec 31, 2012 at 12:08 PM, Andrew Goodbody ajg4tadpole@gmail.comwrote:
On 30/12/12 17:26, Rex Djere wrote:
I did a lot of research for the article, and I feel that I got a pretty good picture regarding what happened with AMD, coreboot, and UEFI/secure boot. I am looking for 2 things please: -feedback on whether I got anything egregiously wrong. -help if you agree with my current assessments or after I make any requisite fixes. The help would come in the form of signing the petitions that I cite in the article. Thank you and Happy New Year. Sincerely, Rex Djere
- If you think that all the effort in developing UEFI is in response to
coreboot then you have a hugely over inflated opinion of the actual importance of coreboot in the market. Secure Boot early versions date back at least to 2008 and probably earlier. UEFI is much older than that.
- I have no idea why you imply that AMD might be locked out by UEFI and
Secure Boot. AMD make CPUs. You can implement UEFI/Secure Boot on a motherboard with an AMD processor. Again Secure Boot predates AMD involvement in coreboot. The idea that AMD supporting coreboot caused Microsoft to require Secure Boot in Win8 is frankly ludicrous.
- You do not have to use a Microsoft signed bootloader if you have the
technical competence to enrol a different key onto the platform. So you can use GNU/Linux with Secure Boot without depending on Microsoft. There are solutions being produced using Microsoft signed binaries but that is mainly about convenience and avoiding requiring the user to go through the pain of alternate key enrolment rather than an absolute requirement.
Andrew
Andrew has good points. Technically there's nothing about Secure Boot that can be proven to exclude alternative OS's such as Linux.
The old adage, "where there's smoke, there's fire," may apply here: without proof, I think it's wise to carefully evaluate a change such as this. The FSF has been right before, and Microsoft has been convicted of abusing a monopoly before.
Thank you for being concerned and involved. Secure Boot has been promoted by Microsoft for many years now.
Regards, David