That was my concern exactly. That I would be unable to put the OS of my choice on hardware that I bought. This is precisely why I don't own an iPad or iPhone - I want ownership of what I bought. What good is a full on desktop computer with the inability to disable secure boot other than for those that want to use Windows 8?
________________________________ To: misc@openbsd.org Sent: Sunday, October 2, 2011 5:26 AM Subject: Re: UEFI BIOS What some fear is that some Microsoft OEM partner do a lazy job with a minimal UEFI interface without the possibility to disable secure boot. In that case, if secure boot block unsigned os at boot, it would be impossible to install other os than Windows 8. I have too often see BIOS missing lot of standard option. Michel Le 2011-10-01 20:36, Barbier, Jason a icrit : > Yeah, honestly Microsoft has even said already, there will be no nagging the > > only feature you lose by not using secured booting is the swift boot. if you > flip > secured UEFI off it just makes windows 8 go into standard boot. fear > mongering > is not needed, and in the end if a secured boot loader is needed all some > one would > have to do is like Intel for example, get a signed cert from grub and hand > it to manufacturers > so then there is a secured open boot loader. The secured EFI is just the > same principal > as the built in boot sector virus protection. > > On Sat, Oct 1, 2011 at 4:43 PM, john slee<indig...@oldcorollas.org> wrote: > >> On 2 October 2011 08:03, LeviaComm Networks<n...@leviacomm.net> wrote: >>> First off, the UEFI boot will *not* prevent other OS's from booting, it >> will >>> only pop up a message saying that the boot process was not secure, just >> like >>> how you can run unsigned code and it will only pop up a box stating as >> much. >>> It would be impossible to prevent an 'insecure' OS from booting since >> that >>> would prevent you from booting a newer version of the Windows Installer. >>> Ideally UEFI would post a warning stating that the OS signature is not >> on >>> the list and allow you to add it. >> ... would it? I should think that they could simply sign the new installer >> with the existing keys. OTOH it's quite possible that someone will extract >> the private key(s) from the hardware, too. It already happened for Apple's >> Airport Express, no? >> >> On balance, I really don't think this is worth the angst and >> scaremongering. >> >> John
