aefstoggaflmOpen Source Fan Premium Member join:2002-03-04 Bethlehem, PA Linksys E4200 ARRIS SB6141
2 recommendations |
Another Reason to Boycott UEFI: Back Doors or Crackersquote: THE abusive Intel spreads UEFI to help the abusive Microsoft by means of lockout (there have been many articles about that as of late). It serves to protect the Windows monopoly and protect Intels monopoly (with UEFI patents that we highlighted previously). Our posts about UEFI contain a lot of examples of that. UEFI secure boot is not really about security and in some ways it makes security even worse, as we showed on numerous occasions before. UEFI can enable espionage agencies (such as GCHQ, NSA and so on) to remotely brick PCs, rendering them unbootable (no matter the operating system). Remember Stuxnet.
http://techrights.org/2015/03/25/uefi-security/ |
|
2 recommendations |
StuartMW
Premium Member
2015-Apr-1 2:14 pm
Not sure that boycotting UEFI is practical. At some point all PC's will come with it (all my boxes have traditional BIOS'es). Sure one can build their own machine (assuming a motherboard without UEFI can be found) but few people do that.
As for the security of "secure boot" I personally have never looked into it. These days I just assume that the 3-letters have backdoors into almost everything electronic.
IMO very few people realize, or care, how technology is now being used against them. Until/unless that happens I don't see a lot changing in this regard. |
|
5 recommendations |
to aefstoggaflm
The linked article seems confused. In my book, UEFI is a significant improvement. Let's remember that the legacy booting system was invented for the IBM PC-XT, with a 10MB disk. It originally ran into problems when disk drives exceeded 32M in capacity. It has been modified and stretched many time since then. But there are limits to how far it can be stretched, and 3T hard drives are a problem for legacy methods. Yes, there are problems with BIOS security. But it isn't UEFI that is the problem. It is the specific implementations. As for secure-boot. I agree that it does not add much security. I recently blogged about this. |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB
1 recommendation |
to aefstoggaflm
Here we go again :"UEFI Secure Boot in Windows 8.1"....[ » answers.microsoft.com/en ··· 783f0759 ] !! BTW, secure for M$ to control or to FIX or to KILL { Pirates } ¿ ¿ |
|
dave Premium Member join:2000-05-04 not in ohio 1 edit
3 recommendations |
to aefstoggaflm
You understand that (1) UEFI is not the same thing as Secure Boot, (2) that UEFI has been shipping on x86 boards since ~2008, (3) that its predecessor, EFI, was in use in 2000 on Itanium, (4) Apple's been using EFI on x86 Macs since 2006.
I'd imagine the only boards not shipping with UEFI today are those using obslete designs.
So you're welcome to try and boycott UEFI, but you won't be buying many new motherboards. And even if you can find the motherboards, you'll be booting only from 'small' disks, since Ye Olde Biosse does not support GPT.
By the way, you might have UEFI and not even know it. It doesn't necessarily look any different on-screen. The only clue you might have is that somewhere in the menus there is a choice for booting the OS in compatibility mode (for OSes that do not support UEFI boot). But it's still a UEFI BIOS even if the UEFI BIOS can do a compatibility-mode boot. |
|
1 recommendation |
said by dave:..., since Ye Olde Biosse does not support GPT. Not strictly true. The BIOS doesn't actually care, though it might not be able to access all of a sufficiently large disk. I have successfully booted linux from a USB external drive with GPT partitioning. I used grub2, installed in the MBR (yes, the protective MBR of a GPT drive). The BIOS loads the MBR into memory and jumps to it. The grub code make BIOS calls to load the kernel. Once the kernel is running, there are no further BIOS calls needed. |
|
SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI
2 recommendations |
Snowy
Premium Member
2015-Apr-1 6:31 pm
Ye Olde Biosse Hackereth! |
|
CartelIntel inside Your sensitive data outside Premium Member join:2006-09-13 Chilliwack, BC
3 recommendations |
to aefstoggaflm
I can say the UEFI is a wasted feature on my mobo and it seems boards with UEFI have a fancy GUI bios that I hate. I'd rather the old style bios |
|
MashikiBalking The Enemy's Plans join:2002-02-04 Woodstock, ON
1 recommendation |
Find a maker that uses their own UI and be happy then? Both MSI and ASUS have a UI that's fairly minimal. Then again, the *old* BIOS UI's were also a fancy GUI. Get back to the old days of the 2/386's and you're going to find that in some cases you configured everything from a CLI. I'll say that I still use CLI's in stuff relating to work, and I'm sure most if not all of the people in "no I will not fix your computer and 'nix'" forums do too. But for pure configuration including ease of use and management? The new UEFI interfaces are leaps above what we were using and in a good way. To toss in, your comment reminds me of the guys who used to complain that jumpers and dip switches were going away. I'm also glad those are mostly gone too.
I'm personally glad that the BIOS is dying, it's been in use nearly 30 years for the modern PC and has reached the end of it's life. Then again, I remember all the whining, complaining, bitching and moaning when they were killing off 8bit and 16bit compatibility and how it would 'doom us all' and there would be 'security issues galore' too. |
|
your moderator at work
hidden : Off topic
|
dave Premium Member join:2000-05-04 not in ohio
1 recommendation |
to Cartel
Re: Another Reason to Boycott UEFI: Back Doors or Crackerssaid by Cartel:I can say the UEFI is a wasted feature on my mobo and it seems boards with UEFI have a fancy GUI bios that I hate. Not my UEFI BIOSes. Character mode menus all the way. I'd rather the old style bios Looking at it from a purely UI perspective is, I think, short-sighted. The old BIOS is a crank-handle on a performance engine. We're trying to switch to electric starter motors |
|
dave
2 recommendations |
to nwrickert
True enough, I suppose, but then we're back on the old pre-48-bit-LBA problems of needing to carefully place the boot files, etc. |
|
AnavSarcastic Llama? Naw, Just Acerbic Premium Member join:2001-07-16 Dartmouth, NS
2 recommendations |
to aefstoggaflm
I'm keeping my UEFI, as I was told that the NSA specifically targets non-UEFI controlled PCs as they are classifed as potential hackers or at least terrorists posing as dissidents posing as preppy smart assed DSL posters in the Security Forum ;-P. |
|
|
MashikiBalking The Enemy's Plans join:2002-02-04 Woodstock, ON
1 recommendation |
to Anon
I take it that I've confused you to the point where you're still trying to figure out why no longer having to use CLIs or simplistic UI's for UEFI is a good thing. Here's the thing, stuff changes, and with that many of the stuff from ye olde days worked good, but they existed in that way because of either space or technical limitations. |
|
Anonymous_Anonymous Premium Member join:2004-06-21 127.0.0.1
1 recommendation |
to dave
said by dave:You understand that (1) UEFI is not the same thing as Secure Boot, (2) that UEFI has been shipping on x86 boards since ~2008, (3) that its predecessor, EFI, was in use in 2000 on Itanium, (4) Apple's been using EFI on x86 Macs since 2006.
I'd imagine the only boards not shipping with UEFI today are those using obslete designs.
So you're welcome to try and boycott UEFI, but you won't be buying many new motherboards. And even if you can find the motherboards, you'll be booting only from 'small' disks, since Ye Olde Biosse does not support GPT.
By the way, you might have UEFI and not even know it. It doesn't necessarily look any different on-screen. The only clue you might have is that somewhere in the menus there is a choice for booting the OS in compatibility mode (for OSes that do not support UEFI boot). But it's still a UEFI BIOS even if the UEFI BIOS can do a compatibility-mode boot. LBA supports 48bit =144 petabytes |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR
1 recommendation |
to aefstoggaflm
said by aefstoggaflm:UEFI can enable espionage agencies (such as GCHQ, NSA and so on) to remotely brick PCs, rendering them unbootable (no matter the operating system). Remember Stuxnet. The choice seems to be between state sponsored hackers and non-state sponsored hackers. Government doesn't like having competition. |
|
dave Premium Member join:2000-05-04 not in ohio
2 recommendations |
to Anonymous_
Indeed, but LBA is not the issue; MBR versus GPT is the issue.
MBR allocates 4 bytes to hold the LBA of a partition; which means 4G blocks; which means at most 16TB with 4K blocks, more likely 2TB with 512-byte blocks, real or emulated. |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC
1 recommendation |
to aefstoggaflm
Spotted this elsewhere. Hacking Team's "Bad BIOS": A Commercial rootkit for UEFI Firmware? » www.intelsecurity.com/ad ··· log.html |
|
MashikiBalking The Enemy's Plans join:2002-02-04 Woodstock, ON
1 recommendation |
Nope. Going by the information provided it's a rootkit packed inside the firmware which is then loaded an executed. This has happened in the past with old stuff too, not new. |
|