
Red Hat engineer renews attack on Windows 8-certified secure boot - darkduck
http://www.theregister.co.uk/2011/09/26/uefi_linux_lock_out_row_latest/
======
sciurus
A great passage from Matthew's post:

Microsoft claim that the customer is in control of their PC. That's true, if
by "customer" they mean "hardware manufacturer". The end user is not
guaranteed the ability to install extra signing keys in order to securely boot
the operating system of their choice. The end user is not guaranteed the
ability to disable this functionality. The end user is not guaranteed that
their system will include the signing keys that would be required for them to
swap their graphics card for one from another vendor, or replace their network
card and still be able to netboot, or install a newer SATA controller and have
it recognise their hard drive in the firmware. The end user is no longer in
control of their PC.

~~~
darkduck
Look at product from company with eaten fruit on the logo. How much can you
change there?

~~~
onosendai
Apple sells both the hardware and the OS that runs on it, they own the whole
stack and thus can do pretty much what they want with it. Even so I don't
think there are any problems installing a Linux distro on any Mac, and Windows
is directly supported by Apple via bootcamp.

Microsoft only owns the OS part of the stack, and this move, combined with
some shady back room dealing or just relying on plain old OEM incompetence,
could potentially prevent you booting any other OS on hardware they don't own
or manufacture themselves.

~~~
nknight
> _I don't think there are any problems installing a Linux distro on any Mac_

None whatsoever. In at least Ubuntu's case, you need do little more on modern
Intel Macs than insert the CD and reboot. If you want to keep OS X around (and
have a few other goodies), install rEFIt first for better partition and boot
management.

In some ways, dual-booting Linux and OS X is less problematic than Linux and
Windows has ever been.

------
jroseattle
There are two things I've not heard from Red Hat on this issue:

1) The (in)validity of the approach in terms of addressing the problem/need
for secure OS boot. 2) An alternative approach for achieving the same result.

The practicality of the situation is this: in evaluating a trade-off between
running Win8 securely on a PC/device vs. being able to install another OS on
said device, the significant majority of users are going to forego the other-
OS-install capability.

------
ldite
Direct link to the relevant blog post; <http://mjg59.dreamwidth.org/5850.html>

------
lawtguy
If RedHat is right, does that mean you would not be able to install Windows 7
on a Windows 8 certified PC? I imagine that could be very annoying to
corporate IT departments that don't want to upgrade to Win8 (at least not
right away) but still need to buy new hardware.

------
RexRollman
Personally speaking, so long as I can turn off secure boot, I don't really
have a problem with it.

~~~
mbreese
That's the real question... if you can turn it off, there isn't much of a
problem. However, if you turn it off to install Linux, can you turn it back on
to dual-boot Windows 8? If you can't, how many people will just stick to
Windows?

~~~
billswift
I used to dual-boot, it wasn't hard, but having to reboot was still
inconvenient. Today the hardware is cheap enough that I just run two separate
systems side-by-side; it is more convenient and the two computers and two
flat-screen monitors together cost less than my first computer did without a
monitor.

