[arch-general] Campaign against Secure Boot

Kevin Chadwick ma1l1ists at yahoo.co.uk
Mon Jun 25 12:37:59 EDT 2012

> > 
> > If I understand it right, in Setup Mode, you can either boot any
> > non-signed operating system, or you can import your own keys into the
> > firmware, so that you can sign your own bootloaders. For me, this is
> > enough to not care about Secure Boot.
> >   

I didn't know key replacement was a requirement for MS certification.
That's better than I thought, however.

You can only have one key and so it's a barrier to competition via
preventing trying out other OS's on a whim!!. To multiboot you have to
pay and spend a lot of time. Having authorisation to disable it
completely but not import multiple keys simply doesn't make sense.

Once sorted, Next stop. Preventing my hard drives firmware from
nullifying my boot security ;-)


 Why not do something good every day and install BOINC.

More information about the arch-general mailing list