User: Password:
Subscribe / Log in / New account

No signed kernel, just a signed boot loader

No signed kernel, just a signed boot loader

Posted Jun 25, 2012 15:49 UTC (Mon) by raven667 (subscriber, #5198)
In reply to: No signed kernel, just a signed boot loader by hummassa
Parent article: Details on Ubuntu's UEFI secure boot plan

> This is preposterous, because it causes revocation against the will of the computer owner. So, I have to agree with jiu and eduperez and say that "secure boot was devised to distract the energy of people building linux to hinder their progress" and "Secure boot was created to lock users out of their own computers".

This is BS because the owner can create their own keys, disable secure boot, etc. so they can't be shut out of their machine against their will, that is not a real thing. Now if you start talking about boot locked machines that might be a different story but we definitely are not talking about that, even MS wants to make sure x86 hosts aren't boot locked (only their ARM tablets, like many Android devices).

In any event this is a feature that can be used for the good of the system by the system owner and that is what Linux will use it for.

(Log in to post comments)

No signed kernel, just a signed boot loader

Posted Jun 26, 2012 18:10 UTC (Tue) by rahvin (subscriber, #16953) [Link]

The only reason MS changed (yes changed) the spec to allow disabling secure boot was because of public outcry. As others have pointed out this was one of the bullet points in the halloween memo (leveraging hardware alliances to lock out linux). It would be foolish to dismiss this potential motivation as MS sees Android as a significant threat.

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds