[coreboot] Feedback On Coreboot: the Solution to the Secure Boot Fiasco

ron minnich rminnich at gmail.com
Wed Jan 2 18:08:16 CET 2013


On Mon, Dec 31, 2012 at 11:23 AM, David Hubbard
<david.c.hubbard+coreboot at gmail.com> wrote:

> Andrew has good points. Technically there's nothing about Secure Boot that
> can be proven to exclude alternative OS's such as Linux.

While that is technically true, I am starting to see reports of
systems that, at the very least, are making it hard to boot anything
but Windows. Also. Microsoft has exercised its power to limit the
types of binaries that will be signed, e.g. anything built with GPL V3
will not be signed. Now, while they may have valid reasons, this does
demonstrate the extent of Microsoft's power over platforms with Secure
Boot. I find it worrisome.

Given what a mess the vendors have made of $PIR/_MP/ACPI over the
years, I don't see the UEFI Secure Boot situation being much better.
So, get ready for desktops/laptops that "should" boot non-Windows
OSes, but don't.

Garret's blog is well worth reading on this whole issue.

ron



More information about the coreboot mailing list