Fedora, secure boot, and an insecure future
Posted Jun 8, 2012 9:06 UTC (Fri) by neiljerram
In reply to: Fedora, secure boot, and an insecure future
Parent article: Fedora, secure boot, and an insecure future
UEFI's specification itself does not require that secureboot can be disabled. The only requirement that it needs to be possible to disable it is in Microsoft's requirements. I can't reasonably expect their enforcement to be too aggressive considering that they previously (and still, on ARM) required the opposite.
Regardless of what any requirements say, I think what matters is whether the disabling possibility is important in practice to Microsoft. If it is, it will be implemented and well tested by manufacturers, and so we can have some confidence that it will work for us. If it isn't, it won't be well tested even if it's theoretically required and implemented, and then probably won't work for us.
Fortunately there are other comments on this article that claim that disabling is practically important for Microsoft, so there's hope...
(Of course it will still be better to buy from a Linux-supporting manufacturer that doesn't impose the "secure boot" BIOS at all.)
to post comments)