[coreboot] Feedback On Coreboot: the Solution to the Secure Boot Fiasco
ajg4tadpole at gmail.com
Sat Jan 5 00:41:37 CET 2013
On 03/01/13 18:40, ron minnich wrote:
> OK, after further thought, here's my take.
> Two companies have defined a secure boot standard in such a way that
> they can closely control what boots on future systems using the one
> company's chips. This is a sea change from the original IBM PC design,
> which encouraged people to boot anything, and included the
> (copyrighted) BIOS listing on paper to further that end.
OK, then there was a simple source listing so you could see what the
code provided in terms of functionality and then implement that
Now you have the UEFI spec so you can implement the required
functionality. There is nothing specific to those companies here.
Yes Secure Boot makes it harder to change the OS shipped on any
particular machine and bugs or deficiencies may even make it impossible
in some cases. But given the goal of only running authorised code then
this is inevitable.
> The current state is that the software company is becoming the
> gatekeeper for what OS will run on systems built using the hardware
> company's chips. Their end goal is that the software company becomes
> the gatekeeper for what runs on almost *anything* -- not just x86.
> Don't believe me? Read about ARM systems and Windows 8.
I have yet to see Linux or Android on an iPad. WinRT (not Win8) on ARM
is little different, if at all. It will have no effect whatsoever on
other tablets. They do not control all ARM tablets and never will.
More information about the coreboot