dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
98

TuxRaiderPen2
Make America Great Again
join:2009-09-19

1 recommendation

TuxRaiderPen2 to JohnInSJ

Member

to JohnInSJ

Re: Open Hardware Eliminates Microsoft's 'Secure Boot'

said by JohnInSJ:
The box I am running linux on now is a barebones machine I assembled myself. I really don't see these types of rigs going secure boot. A $60 mb doesn't need secure boot.

As is 100% of my personal boxes, have been since 1983 or so...
said by JohnInSJ:
An OEM PC with a "designed for windows 8" sticker that ships with windows 8 will probably have secure boot.

If "open hardware" just means motherboards without secure boot, then I say "duh" - seems like an obvious solution to me.
The part your missing is, the OEM's under pressure from ms will make it difficult or near impossible or remove the option to disable secure boot.

THAT IS THE GOAL.

If there is no way to boot Linux, it will go away! Can't boot it if the keys are not in the BIOS to allow secure boot. Can't disable it if its not an option in the BIOS....

THIS IS THE GOAL!

Not going to compete, just LOCK OUT COMPETITION from hardware.

If you think ASRock or Asus, or xyz is going to produce two MB's or even one MB with two BIOS, not happening. Keeping two BIOS versions in sync, plus the additional cost, well that has to get passed on some place and it will be the price of the MB. Yet another ms tax on linux.

Anyway under the belief that ms is going to play fair with this, is just not embracing past history. When have they ever done so?

The only way this works is 100% of the BIOS makers have to agree that any future BIOS will have an option to disable the Linux Boot Block. You think thats going to happen with ms breathing down their necks! Really?

Follow the ball and game, its over here! Not the smoke and mirrors that some are peddling. This 100% about blocking and cutting off Linux, period. Security has NOTHING to do with it. And it will be increasingly difficult to bypass to eventually impossible. UNLESS this is choked off and removed NOW!
dave
Premium Member
join:2000-05-04
not in ohio

1 recommendation

dave

Premium Member

said by TuxRaiderPen2:

The part your missing is, the OEM's under pressure from ms will make it difficult or near impossible or remove the option to disable secure boot.

THAT IS THE GOAL.

Ah, so the fact that Microsoft says it is mandatory (on x86) for the user to be able to disable secure boot in order to win a "made for Windows" logo means that Microsoft is pressuring OEMs to make it impossible to disable secure boot.
quote:
"21. MANDATORY: Enable/Disable Secure Boot. On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup. A physically present user must be allowed to disable Secure Boot via firmware setup without possession of PKpriv. Programmatic disabling of Secure Boot either during Boot Services or after exiting EFI Boot Services MUST NOT be possible. Disabling Secure MUST NOT be possible on ARM systems."

You are a conspiracy nut, aren't you?

JohnInSJ
Premium Member
join:2003-09-22
Aptos, CA

JohnInSJ to TuxRaiderPen2

Premium Member

to TuxRaiderPen2
said by TuxRaiderPen2:

The part your missing is, the OEM's under pressure from ms will make it difficult or near impossible or remove the option to disable secure boot.

No, they are not.

But that's orthogonal to my point - my point was you want to use linux, don't buy a pc "made for windows" - you know, one with secure boot.

TuxRaiderPen2
Make America Great Again
join:2009-09-19

TuxRaiderPen2 to dave

Member

to dave
said by dave:
quote:
"21. MANDATORY: Enable/Disable Secure Boot. On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup. A physically present user must be allowed to disable Secure Boot via firmware setup without possession of PKpriv. Programmatic disabling of Secure Boot either during Boot Services or after exiting EFI Boot Services MUST NOT be possible. Disabling Secure MUST NOT be possible on ARM systems."
You are a conspiracy nut, aren't you?

No, I trust no one, especially, ms and crapple. ever, period.

I just can't believe the naivete some of you have in regards to this.

Wow!

Big whoop, its written that this is mandatory. Who is going to enforce this in its present state? intel, the shill and puppet for ms in this mess? Puhlease! EFF, FSF? I don't know.. but a 3rd party non affiliated group/agency with some real enforcement power.. No I have no clue who that is.

In your "perfect/fantasy land world" where companies may be ethical and moral that may work... were not dealing with a company who could even be in the same universe as that fantasy land. They almost make Enron look ethical. Almost.

Plain and simple. Linux Boot Block started out with good intentions, but in my personal opinion, its use as a whole is specious at best. Its been corrupted into a competition killer. The only real reason for this is to appear to "secure" an "OS" that is so insecure to start its pathetic.

If you think Dell (insert other HP/Compaq/Gateway/Alienware etc) is going to build hardware that is not going to get the "blessing of the devil" your madder than me. To get that blessing will require Linux Boot Block. It may start out with a means to disable it... slowly but surely this will erode till it can not be disabled.

The same applies to ASRock, Gigabyte and others making bare MB's they will eventually remove the option to disable the Linux Boot Block.

I am not thrilled with it, but the OEM/ODM are making either complete systems or parts to be compatible with the company trying to put Linux out of business. ASRock could care less whether they work on Linux.. thats only going to get worse.

ms was the sponsor of the UEFI summit, currently occurring. GEE! Big surprise...who benefits the most from this? hmmm.....

Any one not seeing this for what it is, has failed to take past history with this company into consideration. This is clearly anti competitive. Legal action should be pursued against ms and intel, possibly the UEFI foundation too. Yes. I like to see them both out of business or at least ms. I don't care for intel products, but of the two I have less hatred for them. I don't care what they are or are not doing for Linux. I just don't like them.

No big deal, just disable the Linux Boot Blocker.. OK.. thats fine.. while its present...

You think it will be present in the future? Well your just not taking the past actions of this kabal into consideration...

So what do you do when this is required? No way to disable it?

You get the various keys into the BIOS? And thats going to happen for Jane User how? ? ? You can bet that the only key that ships in the BIOS will be one. The hassle alone on getting a key into a BIOS will just drive off more users.

This is trouble with a capital T, right here in River City!
dave
Premium Member
join:2000-05-04
not in ohio

1 edit

1 recommendation

dave

Premium Member

Some of us can't believe the idiocy that you exhibit in claiming that Microsoft will tell an OEM that they have to do something while meaning that they want the OEM to not do that thing.

Accepting that at face value doesn't require a belief that a company is moral; it just requires seeing that not everything is the twisted mess of intrigue that your feverish imagination suspects it is. It is simply asinine to suppose that when MS says "you must do X for a Windows-compatible logo" they're going to secretly demand that you do the opposite of X.

Who's going to enforce it? Microsoft. The prize for the OEM is a designed-for-Windows logo: meaning the computer in question meets the Microsoft published requirements for a Windows PC. Who else ought to be in charge of handing out permission to use Microsoft marketing collateral?

But let's include a little thought-experiment: suppose Microsoft simply stopped checking for that conformance feature. What would that change? PC vendors would now have the freedom to lock secure boot in the enabled position, thus preventing Linux users from using the PC. Why would they do that? Oh right, because of the Microsoft goons you keep telling us about. And we can tell that Microsoft intends to do this because they wrote "must be able to disable secure boot" in the logo requirements?

So: to recap: today Microsoft insists that designed-for-Windows PCs have "UEFI secure-boot disable", so that tomorrow they can go and tell the same vendors to take it out again.

Right.