 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Richard Pieri wrote: > From the Windows 8 Hardware Certification Requirements > document: > >> 18. Mandatory. Enable/Disable Secure Boot. On non-ARM systems, it is >> required to implement the ability to disable Secure Boot via firmware >> setup. Ah, than you Chuck and Rich for the clarification. > The original draft from December last year was unclear. That must be why the articles I'm recalling suggested otherwise. With vague language, they presumed the worse. So that means, as far as x86 hardware is concerned, technical users will be unrestricted. The Ubuntu-style workaround is likely adequate for novice users, providing this workaround is accessible to non-commercial distributions, like Debian. Of course, it also seems like a glaring truck-sized hole in the security model. What stops boot record malware from using the same chain loader floating around on the net for Linux as a way to inject their code, then hand off to the Windows kernel? >> Disabling Secure Boot must not be possible on ARM systems. So given their stance on x86, any thoughts as to why Microsoft imposed this limitation on ARM? (Aside from the obvious one that they feel much more vulnerable in the mobile space, and there is no established user base to complain about the change.) -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
