Date: Thu, 7 Jun 2012 15:43:45 +0200 (CEST) From: "Anonymous Remailer (austria)" <mixmaster@remailer.privacy.at> To: freebsd-questions@freebsd.org Subject: Re: UEFI Secure Boot Specs - And some sanity Message-ID: <6782343018e8928084925565b6f2bc33@remailer.privacy.at> In-Reply-To: <CADy1Ce5FdZUH3goay7w38h%2BRsddQVNRy_txhiXdq%2BASpwzigzg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Isn't there a lot of needless handwaving going on when the spec is > > pretty clear that installing your own complete PKI tree will all > > boil down to what is effectively a jumper on the motherboard? No, considering 99.99% of of current Windows victims can't even install a fresh copy of Windows. > > Users could fully utilize the UEFI Secure Boot hardware by say: > > > > - Using openssl to generate their keys > > - Jumper the board, burn it into the BIOS in UEFI SB SetupMode > > - Have all the MBR, slice, partition, installkernel, etc tools > > install and manage the signed disk/loader/kernel/module bits > > - Have the BIOS check sigs on whatever first comes off the media Yeah that's trivial for 99.99% of users. I have no idea what everyone is on about. I just program my own PROM and make my own motherboards. Now back to reality, most people don't know how to use openssl. They don't want to break the seal on their PC and void the warranty. They don't want to play with jumpers. They don't know how to use Linux fdisk or BSD disklabel. They can't set up their BIOS. They may not be the typical BSD or Linux poweruser but they represent most users. And sadly even a significant percentage of BSD and even a more significant percentage of Linux users (thank you Ubuntu) aren't capable of doing these things. > > And if they really were that dumb, there's Gigabyte, Asus, Msi, > > Supermicro, Biostar, etc who will not be so dumb and will soak up > > all the remaining sales gravy. We're going to see if that happens but it won't. The WinTel Mafia controls more than what you think and these vendors know they get many magnitudes more money from selling Windows commodity shitboxes than they ever will from all the BSD and Linux users multiplied together.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6782343018e8928084925565b6f2bc33>