On Mon, Jul 9, 2012 at 5:03 AM, Nico Kadel-Garcia <nka...@gmail.com> wrote: > Many of us can comfortably disable UEFI, but it's going to be > problematic for our less skilled colleagues.
Well, are you sure "UEFI disable button" will turn off ALL of UEFI functions? >> Also, UEFI will possibly take down a dozens of Linux/BSD-oriented >> hardware suppliers businesses because their customers will deny to run >> security critical tasks on UEFI hardware. Good support for stagnating >> world economy. > > Go look at what Fedora is doing to handle this. OpenBSD boot loaders > are going to have to make some kind of accomodation with this in the > next 5 years, or throw in the towel for new hardware and go directly > to virtualization only. (That's admittedly how I use it these days, > mostly for testing components like OpenSSH before 6.0p1 was bundled.) With that virtualization, both hardware bugs and attacks against hypervisors are real world cases. So don't be naive. Trust me, I'll try hard to avoid virtualization and Fedora@UEFI on my firewalls, no matter what they did to circumvent UEFI issues. Heck, I simply have no extra 5 years to spend on that hide-and-seek games. My customers want services, not excuses for utterly unneeded maintenance downtimes (you kindly call this "accommodation"). Anyway, it seems you didn't get the idea above. My assumption is, customer, which is aware of UEFI sniffing on them, will deny to buy UEFI boxes. Market niche will collapse with no demand since some (presumable smaller) suppliers will be unable to diversify fast enough. Going this way will result in hardware/software monopolies destroying entire ecosystem. Raspberry Pi (and alike) is about going another way.
