I doubt it. I've dealt with a few boards (intel oem servers) that
supported both bios or efi, but it's not exactly normal to find server
or other. I was surprised when I bought a sandy bridge asus board and
it booted a full pseudo mouse-driven environment via efi for bios
control - probably an embedded linux system probably much larger and
complex to store on a dumb bios prom. Was kinda nifty, but the board
would have to know how to hook either bios or efi means, and being
*secure* usually means your options are dictated, right or wrong.
Unless oem's revolt against microsoft and say no.
Microsoft is still the 3000lb gorilla in the room, but oem's simply
cannot ignore the sale of linux servers to lock out such a large sales
base. Linux is far too embedded now. What I see is microsoft wants to
reclaim the desktop market, controlling *consumer* hardware and leaving
linux for "servers". And themselves, of course.
All it means is it will be more difficult for linux desktop users as
oem's and vendors suck microsoft for discounts, and some will simply
remove the option/expense as they don't care about the linux market
(ahem, hp). Dell I think will remain agnostic and support both, but who
knows who else will from oem space. There will be blood.
Then there's vmware/citrix that makes a ton off linux and windoze both,
but ultimately use linux as the base. They'll have something to say on
the matter before it's done. Linux of course can adapt to make use of
it as well. In theory, secure boot is not a "bad" thing, especially
with a world full of lemming users out there, it just needs done in a
sane, open manor that can still be technically secured.
Console game systems have all long proven being crackable beyond any
best effort, that no hardware level security is infallible... It'll
just piss people off - ask sony about what happened when they took away
otheros option on the ps3 unexpectedly. There will be a middle ground
one way or another.
-mb
On 09/29/2011 04:14 PM, James Mcphee wrote:
> Used to deal with junk like this on the thinkpads, where you couldn't
> add anything but approved hardware. It was simple enough to simply
> overwrite their whitelist. Is there anything to prevent us from simply
> flashing the BIOS?
>
> On Thu, Sep 29, 2011 at 6:57 AM, Michael Butash <michael@butash.net
> <mailto:michael@butash.net>> wrote:
>
> Same deal as "secure" bootloaders on android phones that have been
> all the rage with vendors the past few years - it'll only boot a
> signed *approved* kernel. I don't see how oem's will cope with
> this, unless they "pre-load" a cert from any/all vendors, lock the
> cert store with their own means, and everyone else is then screwed.
> RH more or less enforces *their* kernels now, so they'll be happy,
> but I doubt any other linux vendor like Canonical will be.
> Obviously the consumers, especially those that like to roll their
> own kernels, will not.
>
> This was done in cell space largely at the request of the cellco's
> to *control* their hardware against esn manipulation and to sell
> them as platforms for the media cartels to hock music on (drm).
> Since drm has all but become a 4-letter word of late, they've
> started shipping with unlocked bootloaders, or have implemented ways
> to unlock them remotely at the cost of voiding warranties (win/win
> for them). It will be interesting to see how the oem's like dell,
> hp, and cisco that sell a lot of servers where windoze server is
> often NOT a default option anymore...
>
> -mb
>
>
>
> On 09/28/2011 10:03 AM, Tom Ostlund wrote:
>
> This has the smell of proprietary hardware all over it again....
>
> I would agree that they would turn it off or flash the thing
> either way
> many tech support jobs just got job security :-)
>
>
>
> On 09/28/2011 09:58 AM, Eric Shubert wrote:
>
> http://www.readwriteweb.com/__enterprise/2011/09/windows-8-__spells-trouble-for-l.php
> <http://www.readwriteweb.com/enterprise/2011/09/windows-8-spells-trouble-for-l.php>
>
>
>
> I would think that users could simply turn off secure
> booting in the EFI
> (bios) in order to run whatever they like (except perhaps
> Win8). No?
>
> ------------------------------__---------------------
> PLUG-discuss mailing list -
> PLUG-discuss@lists.plug.__phoenix.az.us
> <mailto:PLUG-discuss@lists.plug.phoenix.az.us>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.__us/mailman/listinfo/plug-__discuss <http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>
>
>
> ------------------------------__---------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.__phoenix.az.us
> <mailto:PLUG-discuss@lists.plug.phoenix.az.us>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.__us/mailman/listinfo/plug-__discuss
> <http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>
>
>
>
>
> --
> James McPhee
> jmcphe@gmail.com <mailto:jmcphe@gmail.com>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)