[arch-general] Campaign against Secure Boot
Kevin Chadwick
ma1l1ists at yahoo.co.uk
Mon Jun 25 12:37:59 EDT 2012
> >
> > If I understand it right, in Setup Mode, you can either boot any
> > non-signed operating system, or you can import your own keys into the
> > firmware, so that you can sign your own bootloaders. For me, this is
> > enough to not care about Secure Boot.
> >
I didn't know key replacement was a requirement for MS certification.
That's better than I thought, however.
You can only have one key and so it's a barrier to competition via
preventing trying out other OS's on a whim!!. To multiboot you have to
pay and spend a lot of time. Having authorisation to disable it
completely but not import multiple keys simply doesn't make sense.
Once sorted, Next stop. Preventing my hard drives firmware from
nullifying my boot security ;-)
--
________________________________________________________
Why not do something good every day and install BOINC.
________________________________________________________
More information about the arch-general
mailing list