Is this true with Linux, Fedora ? I though Secure Boot was overcome as a problem.
http://www.foxnews.com/tech/2015/03/23/microsoft-may-lock-out-other-oses-wit...
On Fri, Mar 27, 2015 at 05:30:41PM -0400, Mickey wrote:
Is this true with Linux, Fedora ? I though Secure Boot was overcome as a problem.
I've been watching this, and the concern are threefold.
First, Microsoft previously had required that manufacturers make SecureBoot and UEFI optional; indications from their statements so far is that now they're leaving that up to the manufacturer. Speculation is that some will take that as the opportunity to bake both into new firmware.
Secondly, Microsoft *has* stated that any machines that are to run Win10 *must* run SecureBoot.
The final issue is that to date, it's been required to allow users to manage the keys used for SecureBoot, adding their own as they deem fit. Currently, it's unclear if that requirement will stand.
I wouldn't get too stressed just yet--it's early days, and M$ is being (as usual) unclear on what its final decisions will be when they finally release Win10. Of course, I expect the worst, but I'm a professional pessimist.
There's a good reason for that--beyond decades of experience. If you're an optimist, you're always disappointed. If you're a pessimist, you're rarely disappointed, and sometimes pleasantly surprised.
Cheers, -- Dave Ihnat dihnat@dminet.com
On Fri, Mar 27, 2015 at 4:22 PM, Dave Ihnat dihnat@dminet.com wrote:
On Fri, Mar 27, 2015 at 05:30:41PM -0400, Mickey wrote:
Is this true with Linux, Fedora ? I though Secure Boot was overcome as a problem.
I've been watching this, and the concern are threefold.
First, Microsoft previously had required that manufacturers make SecureBoot and UEFI optional;
For pre-loaded systems, UEFI is mandatory, as is SecureBoot enabled by default, as is a user accessible toggle to disable it.
The final issue is that to date, it's been required to allow users to manage the keys used for SecureBoot, adding their own as they deem fit. Currently, it's unclear if that requirement will stand.
So far that appears to be unchanged.
A bit of a concern is this bug: https://bugzilla.redhat.com/show_bug.cgi?id=1170245
It's possible for a user to have a Windows 10 system, be unable to disable Secure Boot, unable to boot Windows (because of this bug) from the GRUB menu, and have a system that doesn't provide access to firmware setup or one-time boot menu via an F key at startup time. So they'll have to learn how to enable firmware setup access from Windows, and reboot, at which point now the user must learn how to change the boot order using efibootmgr via CLI since there isn't a GUI boot manager.
Kinda, ick. But shortly after Windows 10 is released, we'll see Fedora 23 which should have the bug fixed at the latest.
On 03/27/2015 03:30 PM, Mickey wrote:
Is this true with Linux, Fedora ? I though Secure Boot was overcome as a problem.
http://www.foxnews.com/tech/2015/03/23/microsoft-may-lock-out-other-oses-wit...
I'm not worried about this at all. It just says that Microsoft *might not require* the option to allow users to disable. I don't think any OEMs are going to love the marketing benefits of mandatory SecureBoot more than they like the business of their large customers that don't want it for $reasons, and they aren't going to be producing different hardware for retail and OEM because it just doesn't make business sense to do that. Also, we have shim.
On 27 March 2015 at 23:26, Pete Travis lists@petetravis.com wrote:
On 03/27/2015 03:30 PM, Mickey wrote:
Is this true with Linux, Fedora ? I though Secure Boot was overcome as a problem.
http://www.foxnews.com/tech/2015/03/23/microsoft-may-lock-out-other-oses-wit...
I'm not worried about this at all. It just says that Microsoft *might not require* the option to allow users to disable. I don't think any OEMs are going to love the marketing benefits of mandatory SecureBoot more than they like the business of their large customers that don't want it for $reasons, and they aren't going to be producing different hardware for retail and OEM because it just doesn't make business sense to do that. Also, we have shim.
Differential pricing, if a menu option can be disabled it can be monetized.
On 28 March 2015 at 11:33, Ian Malone ibmalone@gmail.com wrote:
Differential pricing, if a menu option can be disabled it can be monetized.
(Or at least the sales people will think so.)
-
Chris Murphy -
Dave Ihnat -
Ian Malone -
Mickey -
Pete Travis