EUFI YOU!

UEFI? UEFI?

Gesundheit!

The Free Software Foundation asks:
Will your computer’s “Secure Boot” turn out to be “Restricted Boot”?

To respect user freedom and truly protect user security, computer makers must either provide users a way of disabling boot restrictions, or provide a sure-fire way that allows the computer user to install a free software operating system of her choice.

Computerworld Magazine (UK) asks:
Is Microsoft Blocking Linux Booting on ARM Hardware?

The document was published some time after Microsoft’s post where it states “Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows”, and yet it seems to contradict it. So what’s going here? Was Microsoft’s blog statement only about non-ARM systems, as the new documentation suggests? And if so, why the discrimination? And finally, is ARM really happy to see Microsoft apparently locking out GNU/Linux from its systems in this way? Let’s hope Microsoft can clarify this situation as it did on the previous occasion.

Software Freedom Law Center blogs:
Microsoft confirms UEFI fears, locks down ARM devices

At the beginning of December, we warned the Copyright Office that operating system vendors would use UEFI secure boot anticompetitively, by colluding with hardware partners to exclude alternative operating systems. As Glyn Moody points out, Microsoft … to effectively ban most alternative operating systems on ARM-based devices that ship with Windows 8.

In case there’s any doubt about who’s trying to leverage the technology for their benefit, see who’s hosting the “summit” and where it’s being run.

There must be hooks in the UEFI to reflash itself to fix bugs or to enable features that weren’t stable when the hardware was forced to ship.

coreboot
Any sane hardware vendor flashes the boot environment into the chips after the board has been assembled, using e.g. JTAG. That process, of necessity, runs without the boot loader.

Something like coreboot can replace UEFI. Not for the unskilled, certainly in the case of a reflash by JTAG.

Musings from the Chiefio

If you are a tech nerd, you care about this.

If you just buy and use Micro$oft products and never think about it, you don’t care.

As of Windows 8, MicroSnot is requiring that your hardware only work with their stuff. The boot loader locks you out otherwise. A couple of Linux distributions have signed up with Microsoft signing and paid fees (so Microsoft will let RedHat Linux boot, for example) but if you don’t like the idea of your machine talking to Micorsoft every time it boots up to get permission to run, you are screwed.

As I’m fond of getting old hardware essentially for free and running very fast Linux on it, this will shut off the supply of old hardware reuse (Oh Boy, more old dead computers to the landfill or China Recycle instead of reuse… /sarcoff;)

Story here:

https://www.linux.com/learn/tutorials/588498-uefi-secure-boot-big-hassle-questionable-benefit

Microsoft requires UEFI “secure” boot for Windows…

View original post 1,174 more words

Advertisements
This entry was posted in Digital Universe, Information Security, Securing Liberty. Bookmark the permalink.