[arch-general] Campaign against Secure Boot
Leonid Isaev
lisaev at umail.iu.edu
Mon Jun 25 11:39:38 EDT 2012
On Mon, 25 Jun 2012 10:35:16 +0200
Thomas Bächler <thomas at archlinux.org> wrote:
> Am 23.06.2012 04:09, schrieb Manolo Martínez:
> > Is Arch going to sign [this
> > petition](http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/statement)?
> > I, for one humble user, would like it (us, whatever) to.
> >
> > Manolo
>
> While I won't answer your question, I have this to say:
>
> For a non-ARM PC to be certified for Windows 8, the EFI firmware MUST
> support Setup Mode. As this is a "MUST" requirement, everyone will
> fulfill it, as they really do want the Windows 8 logo (if anyone wants
> to look up the source for this, go ahead, I am too lazy right now).
>
> If I understand it right, in Setup Mode, you can either boot any
> non-signed operating system, or you can import your own keys into the
> firmware, so that you can sign your own bootloaders. For me, this is
> enough to not care about Secure Boot.
>
Right. Or you can buy a key from Microsoft like Fedora is planning to
http://lwn.net/Articles/500231/. It's good that people are thinking about
this problem, but so far solutions have been quite ugly from a technical
standpoint.
--
Leonid Isaev
GnuPG key: 0x164B5A6D
Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20120625/db1992c3/attachment.asc>
More information about the arch-general
mailing list