[coreboot] Feedback On Coreboot: the Solution to the Secure Boot Fiasco

Andrew Goodbody ajg4tadpole at gmail.com
Mon Dec 31 20:08:04 CET 2012

On 30/12/12 17:26, Rex Djere wrote:
> I did a lot of research for the article, and I feel that I got a
> pretty good picture regarding what happened with AMD, coreboot, and
> UEFI/secure boot.  I am looking for 2 things please:
> -feedback on whether I got anything egregiously wrong.
> -help if you agree with my current assessments or after I make any
> requisite fixes. The help would come in the form of signing the
> petitions that I cite in the article. Thank you and Happy New Year.
> Sincerely,
> Rex Djere

1) If you think that all the effort in developing UEFI is in response to 
coreboot then you have a hugely over inflated opinion of the actual 
importance of coreboot in the market. Secure Boot early versions date 
back at least to 2008 and probably earlier. UEFI is much older than that.

2) I have no idea why you imply that AMD might be locked out by UEFI and 
Secure Boot. AMD make CPUs. You can implement UEFI/Secure Boot on a 
motherboard with an AMD processor. Again Secure Boot predates AMD 
involvement in coreboot. The idea that AMD supporting coreboot caused 
Microsoft to require Secure Boot in Win8 is frankly ludicrous.

3) You do not have to use a Microsoft signed bootloader if you have the 
technical competence to enrol a different key onto the platform. So you 
can use GNU/Linux with Secure Boot without depending on Microsoft. There 
are solutions being produced using Microsoft signed binaries but that is 
mainly about convenience and avoiding requiring the user to go through 
the pain of alternate key enrolment rather than an absolute requirement.


More information about the coreboot mailing list