[coreboot] Feedback On Coreboot: the Solution to the Secure Boot Fiasco

[ron minnich]

My take on it is that people are optimistic about solving the problems
(good) but I'm pretty sure it's going to be a long and unpleasant
trip. I don't know why they don't take all the effort they're putting
into this and put it into more open systems instead.

ron

On Wed, Jan 2, 2013 at 11:28 AM, David Hubbard
<david.c.hubbard+coreboot at gmail.com> wrote:
> On Wed, Jan 2, 2013 at 11:04 AM, ron minnich <rminnich at gmail.com> wrote:
>>
>> On Wed, Jan 2, 2013 at 9:58 AM, Andrew Goodbody <ajg4tadpole at gmail.com>
>> wrote:
>>
>> > I am sure that it is the old story, most testing will be done against
>> > Windows. Anything more will be the exception. This is where the pressure
>> > needs to be put on the platform vendors as this is the part that they
>> > are
>> > responsible for.
>>
>> Sorry, vendors don't have a pattern of paying attention to end user
>> sales issues such as "won't boot Linux". They are selling into a
>> market in which Linux is about 1% at best of sales. That's been the
>> common experience anyway, even at very large companies: BIOS issues
>> just don't get fixed.
>>
>
> Andrew, Ron, what's your take on http://mjg59.dreamwidth.org/20916.html ?
>
> Specifically:
> "This is part of Windows 8's fast boot support - the keyboard may not be
> initialised until after the OS has started."
>
> So the logic goes:
> 1. Secure Boot enabled and Win8 installed by the OEM
>
> 2. To access the BIOS, press F2/F8/DEL/whatever
>
> 3. "Fast boot" (hey! coreboot delivered on that first!) skips keyboard init
>
> 4. User is thus *forced* to use Win8's "hold down shift and restart" feature
> -- adding another barrier before a user can boot her own OS.
>
> I think the biggest problem here is that the entire BIOS is made
> inaccessible, and only if Windows gives permission can you change that.
>
> Regards,
> David