

Windows 8 Secure Boot May turn tables on Microsoft Says Developer - rmandalia
http://paritynews.com/software/item/228-windows-8-secure-boot-may-turn-tables-on-microsoft-claims-developer

======
ZoFreX
So the boot process which is required, by design, to allow you to modify the
list of keys... allows you to modify the list of keys? Not really sure how
that's "turning the tables on Microsoft".

~~~
Toshio
I suspect so many users will reject the new OS out-of-hand and demand their
tech-savvy friends install whatever, whether it be Linux or a previous version
of windows, that we are going to see a particular set of tools instantly
become very popular, and a lot of tech-savvy people complaining loud enough to
the OEMs. Eventually OEMs will be confronted with a hard choice, and they may
or may not choose to do what end-users demand.

------
gizmo686
> The problem here is that once Microsoft’s keys are gone, the drivers for
> graphics (plug-n-play) and such other devices will not be usable as they are
> signed by Microsoft. This means enrollment of just the drivers is not
> possible without actually trusting everything else signed by Microsoft.

Wouldn't it be possible to remove the MS signature, and resign the binary blob
with your own?

------
Toshio
Come October, I hope OEMs come to their senses and not foist this mess upon
us.

~~~
AndrewDucker
For 99% of users it's not a mess.

For the average user, it just means that certain attacks will no longer
succeed, as the Windows boot loader/Kernel will be verified before loading,
and cannot be cracked.

For the techie user wanting a different OS, they will either turn off secure-
boot or replace the keys, a one-time operation.

