BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] UEFI

Subject: [Discuss] UEFI
From: gaf at blu.org (Jerry Feldman)
Date: Mon, 18 Jun 2012 10:05:26 -0400
In-reply-to: <000901cd4d50$f34af230$d9e0d690$@nedharvey.com>
References: <CAFq0N1wyA2YR+dwPxnqd1OsyChD5=bJ=kVwcWTW+k39R26y=dw@mail.gmail.com> <000901cd4d50$f34af230$d9e0d690$@nedharvey.com>

On 06/18/2012 08:50 AM, Edward Ned Harvey wrote:
>> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
>> bounces+blu=nedharvey.com at blu.org] On Behalf Of Jack Coats
>>
>> So how long till this boot loader will have an 'open crack' available?
>>
>> The 'harder' the security, the bigger the target.  If nothing else, I
>> am guessing someone will do a 'Fedora loader', load a minimal Fedora
>> that can boot something else from within using Fedora's 'legal' key.
> Maybe somebody else here knows what you're talking about, but I don't.
>
UEFI (Unified Extensible Firmware Interface) is essentially an upgrade
from Intel's EFI, that I have lived with while at HP and until I retired
my Itanium workstation. Essentially it is a replacement for the BIOS.
There is a feature called "Secure Boot" that is somewhat seen as a way
for Microsoft to lock out competition. With "secure Boot" enabled you
will only be able to boot a "signed" OS. There should really be no
issues of you booting Linux onto those computers. Additionally, from my
experience with EFI, you should be able to multi-boot directly from the
BIOS. That alone is an excellent feature because you don't have to rely
on the traditional MBR.
Back to "Secure Boot". Microsoft has locked it down on ARM devices so
that if you have an ARM device you are stuck with Windows 8. AFAIK, you
may be able to disable "Secure Boot" on x86/x86-64. Additionally Fedora
has an agreement with MSFT that Fedora should be ok. Not sure what the
future will bring. Basically, IMHO, UEFI is a good thing, as BIOS really
sucks. Another feature of UEFI is that it maintains its own times, so
that you could multi-boot Windows that uses local time, and Linux that
uses (or should use) UTC.

I think the pushback on "Secure Boot" will come from the major server
hardware vendors, but I'm not sure about the PC vendors. Some issues
might be that if MSFT allows it do be disabled or customized, some
vendors will not allow that feature.

In addition, another feature of UEFI is that the partition table layout
is different. Again, the partition table is a Microsoft abortion.

-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90 
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90

References:
- [Discuss] UEFI
  - From: jack at coats.org (Jack Coats)
- [Discuss] UEFI
  - From: blu at nedharvey.com (Edward Ned Harvey)

Prev by Date: [Discuss] UEFI
Next by Date: [Discuss] UEFI
Previous by thread: [Discuss] UEFI
Next by thread: [Discuss] UEFI
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org