1 |
On Tue, Jun 19, 2012 at 06:11:46PM -0400, Richard Yao wrote: |
2 |
> I know that there is a great deal of discussion on the effect that |
3 |
> UEFI Secure Boot will have on us. As far as I know, Secure Boot is |
4 |
> implemented in the UEFI firmware and if we replace the firmware, |
5 |
> Secure Boot issues disappear. |
6 |
|
7 |
Stop right there. That's just not going to happen, sorry. You aren't |
8 |
going to be able to get a user to replace their BIOS, nor should you |
9 |
ever want to. You are not going to be able to keep up with the |
10 |
hundreds, if not thousands, of different motherboards being introduced |
11 |
every month, in order to just get rid of the secure boot option. |
12 |
|
13 |
You have a much better chance of just telling the user, "Disable the |
14 |
Secure Boot option in your BIOS". "No, that doesn't mean that Linux |
15 |
isn't secure." "Yes, I understand it looks that way." |
16 |
|
17 |
And the conversation degenerates from there. |
18 |
|
19 |
Sorry, not a valid solution. |
20 |
|
21 |
And I want secure boot on my machines, with a key I trust, don't you? |
22 |
If not, why not? I know lots of others that also want this, why deny |
23 |
them the ability to run Gentoo on their hardware? |
24 |
|
25 |
greg k-h |