[arch-general] Campaign against Secure Boot

Ralf Mardorf ralf.mardorf at alice-dsl.net
Mon Jun 25 13:44:02 EDT 2012


On Mon, 2012-06-25 at 19:24 +0200, Thomas Bächler wrote:
> Am 25.06.2012 18:37, schrieb Kevin Chadwick:
> >>>
> >>> If I understand it right, in Setup Mode, you can either boot any
> >>> non-signed operating system, or you can import your own keys into the
> >>> firmware, so that you can sign your own bootloaders. For me, this is
> >>> enough to not care about Secure Boot.
> >>>   
> > 
> > I didn't know key replacement was a requirement for MS certification.
> > That's better than I thought, however.
> > 
> > You can only have one key and so it's a barrier to competition via
> > preventing trying out other OS's on a whim!!. To multiboot you have to
> > pay and spend a lot of time. Having authorisation to disable it
> > completely but not import multiple keys simply doesn't make sense.
> 
> I don't think so. I need to verify this, but if I remember right, you
> can simply sign Microsoft's key so Windows 8 is also trusted by your own
> key.

Pff, I need to build my own kernels, to optimize to my needs and I won't
care about a boot-boot-loader or any singing. Ok, I don't have any
Windows installed (excepted of XP on Arch on VBox) and I won't install
Windoof 8. Try an educated guess! In Europe M$ does violate laws, but M$
simply pays the punishment by pocket money/stamp coffer ... dunno how
the idiom is called in English, but I suspect you understand.

However, isn't is suspect that the name "Microsoft" always comes along
with UEFI?!

I don't have tendencies to believe in conspiracy theories! I simply
don't trust this situation any longer. Again, at first I didn't care,
now I'm completely against it.



More information about the arch-general mailing list