[coreboot] Feedback On Coreboot: the Solution to the Secure Boot Fiasco

Andrew Goodbody ajg4tadpole at gmail.com
Sat Jan 5 00:41:37 CET 2013

On 03/01/13 18:40, ron minnich wrote:
> OK, after further thought, here's my take.
> Two companies have defined a secure boot standard in such a way that
> they can closely control what boots on future systems using the one
> company's chips. This is a sea change from the original IBM PC design,
> which encouraged people to boot anything, and included the
> (copyrighted) BIOS listing on paper to further that end.

OK, then there was a simple source listing so you could see what the 
code provided in terms of functionality and then implement that 
Now you have the UEFI spec so you can implement the required 
functionality. There is nothing specific to those companies here.
Yes Secure Boot makes it harder to change the OS shipped on any 
particular machine and bugs or deficiencies may even make it impossible 
in some cases. But given the goal of only running authorised code then 
this is inevitable.

> The current state is that the software company is becoming the
> gatekeeper for what OS will run on systems built using the hardware
> company's chips. Their end goal is that the software company becomes
> the gatekeeper for what runs on almost *anything* -- not just x86.
> Don't believe me? Read about ARM systems and Windows 8.

I have yet to see Linux or Android on an iPad. WinRT (not Win8) on ARM 
is little different, if at all. It will have no effect whatsoever on 
other tablets. They do not control all ARM tablets and never will.


More information about the coreboot mailing list