[ale] Micro$oft blocking Linux booting in hardware

Michael H. Warfield mhw at WittsEnd.com
Fri Oct 21 17:39:27 EDT 2011


On Fri, 2011-10-21 at 13:07 -0400, Tim Watts wrote: 
> I think the concern is that microsoft is planning to REQUIRE UEFI in

I think what you meant to say is secure signed boot in UEFI.  Linux will
boot in UEFI just fine, either signed by a key it recognizes or if it
doesn't require secure boot.  Linux doesn't require a decrepit legacy
BIOS to boot.  If the vendors allow you to disable "secure boot" or
allow you to install your own authorized keys, that won't be nearly as
bad.  Still requires taking some action (signing the binary with keys
you've installed or changing a BIOS setting) but you don't have to go to
draconian lengths to reflash a new OLD BIOS.

> order to boot Windows 8 and that manufacturers MAY NOT allow other
> "unauthorized" OSes to boot under UEFI (either because it's easier not
> to or possibly as an M$ requirement). There are no definitive claims
> about this in the campaign. It seems to be an effort to create a ground
> swell to make manufacturers aware before it's too late that such an
> approach would be unacceptable.

Yeah...  Awareness that this would be a bad thing is paramount so they
don't get too far down that road and say "it's too late to change it
now".

> If Windows 8 forces you to monkey with BIOS setting in order to boot
> over to Linux, that would suck.

No...  Turning off "secure boot" would be tinkering with BIOS settings
but the level of suckage is acceptable.  There are all kinds of reasons
for "tinkering with BIOS settings", like changing boot order, and that's
why they are settings.

> It would only serve to isolate Linux
> further from users with less than super-geek capabilities.

Changing a setting (AOT reflashing a BIOS) is NOT a "super-geek
capability".  I wouldn't want my 80 year old mother tinkering with the
BIOS on her computer but any of my brothers would have no problem with
it and they're far from what I would call "super-geeks".

Regards,
Mike

> On Fri, 2011-10-21 at 12:18 -0400, Rich Faulkner wrote:
> > I have yet to read about this so may be chiming in too early but...
> > 
> > If the issue is UEFI related all you have to do is disable that in the
> > BIOS or lower it in priority of the boot sequence so that it doesn't
> > invoke.  Flash a legacy BIOS (if available as well) but keep in mind
> > that EFI/UEFI are standards that allow you to make your own pre-boot
> > environment.  Worth further reading online and originally developed by
> > Intel as "The Framework" if memory serves....RinL
> > 
> > 
> > On Fri, 2011-10-21 at 09:34 -0400, Derek Atkins wrote: 
> > > Mike Harrison <cluon at geeklabs.com> writes:
> > > 
> > > > On Thu, 20 Oct 2011, Bob Toxen wrote:
> > > >> http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/statement
> > > >
> > > > Done.
> > > >
> > > > Remember the real vote is with your wallet. Support the hardware 
> > > > manufacturers that support your choice in OS. Which, while it goes
> > > > without saying, they usually have little knowledge that you are using 
> > > > their hardware with Linux. As a group, we tend to just "make it work",
> > > > It helps a lot to let the manufacturer and/or retailer know you
> > > > bought it because it works with Linux.
> > > 
> > > my understanding is that there would be a BIOS switch to turn this off.
> > > 
> > > -derek
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> 

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20111021/1fb511ae/attachment.bin 


More information about the Ale mailing list