bjoernvold.com

Just a killer IT site
https://www.bjoernvold.com/forum/

EU: Complaint about UEFI Secure Boot obstruction mechanism

https://www.bjoernvold.com/forum/viewtopic.php?f=15&t=2623

Page 1 of 1

EU: Complaint about UEFI Secure Boot obstruction mechanism

Posted: 29 Mar 2013, 10:15
by viking60
ImageLinux Devs have complained to the European Comission about the Windows 8 UEFI Secure Boot "obstruction mechanism".

The SUSE devs claim that Microsofts intentions are the "best" but being a Microsoft partner those statements are of insignificant value.

"There's no secret agenda, no evil plan here from Microsoft," Gerald Pfeifer, director of product management for Linux distro maker SUSE told TechNewsWorld.

The offending technology, called UEFI Secure Boot, acts as an "obstruction mechanism" to installing other operating systems on a computer because it requires a digital certificate from Microsoft to boot a system in a non-Windows OS, Reuters reported Tuesday

Any program that wants to operate in a market where Microsoft has a dominant position must have Microsoft's permission to do so because of UEFI, the Linux users group Hispalinux said

And that is actually the case since the OEM's are highly "motivated" to produce computers on Microsoft terms.
So when you are in a computer store and want to check if that computer has the obstuction mechanism turned on you could go here and find this command:

Code: Select all

 od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data

If it returns "1" then it is on, and that would be a good time to walk away from that computer without buying it +1
This computer will not boot Linux,Windows 7 or Windows XP: Only Windows 8.
Some firmware is broken so even if secure boot is on it will return "0" so it is hard to be sure....
You could potentially get problems like this (even if they have adjusted for that problem in the kernel).

Theoretically it will be possible to boot older Windows versions and Linux if you stand on your head and scratch your nose with your toes, but it will be hard.
Because some firmware does not accept double signing so there will be only room for one key - and that will always be the Microsoft key. So even if the Linux distro has bought a key from Microsoft it simply will not work.
If you do a triple somersault you will be able to replace it; but again...that is kind of hard.

And you might be able to turn off secure boot on your hardware - but the main issue for the EC must be the following:
Why should anyone have to turn off the MS secure booting to install another OS?
All times are UTC+01:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/