SFLC: Microsoft confirms UEFI fears, locks down ARM devices
Posted Jan 13, 2012 15:21 UTC (Fri) by imgx64
Parent article: SFLC: Microsoft confirms UEFI fears, locks down ARM devices
I don't understand why is Microsoft doing this. Pretty much all ARM device manufacturers already lock their devices anyway. Why did Microsoft feel like taking all the criticism itself instead of letting the manufacturers do what they've always done and let them look like the bad guys?
Is Microsoft that worried about Linux/Android?
On the other hand, the silver lining is in this paragraph:
MANDATORY: On non-ARM systems, the platform MUST implement the ability for a
physically present user to select between two Secure Boot modes in firmware setup:
"Custom" and "Standard". Custom Mode allows for more flexibility as specified in the
a) It shall be possible for a physically present user to use the Custom Mode firmware setup option to
modify the contents of the Secure Boot signature databases and the PK.
b) If the user ends up deleting the PK then, upon exiting the Custom Mode firmware setup, the
system will be operating in Setup Mode with Secure Boot turned off.
c) The firmware setup shall indicate if Secure Boot is turned on, and if it is operated in Standard or
Custom Mode. The firmware setup must provide an option to return from Custom to Standard Mode
which restores the factory defaults.
You read that right, being able to change the keys is mandatory for Windows x86 computers. That's a big relief.
to post comments)