Originally Posted by randomizer
What are you trying to do that for? Windows is the best Windows environment there is, so why would you cause yourself the pain of trying to replicate it on something else?
I would 100% switch to tea if I didn't need flavouring to make it taste like coffee, but since that isn't going to happen, maybe I should just stick with coffee?
opinion - just saying. Statistically speaking, Linux beats Windows, on almost all fronts. Obviously hold gaming, since *most* people can't seem to figure out how to get games to work on Linux (its not hard, I promise, I did it just fine for years, and ran CURRENT titles with little to no problems, which is more than I can say for most users running Windows)
opinion there is no true comparison between the two, its night and day differences between Linux and Windows in favor of the former.
Originally Posted by Transhour
would kinda defeat the point don't you think? having a public key and allowing anyone to sign the sofware? what would stop the "hackers" from just signing the virus/malware/other bad thing that infects the boot up routine?
The signing would have to be local, a unique machine ID would be generated which in conjunction with a time stamp and hash of the system kernel (or boot image, which is more likely) of the new operating system would generate a unique key which could then be added to the accepted key list for S-UEFI. Or, for operating systems whose boot image and/or kernel get changed very frequently and/or are not supported by an entity (i.e. Ubuntu/Canonical, SuSe/Novell, RHEL vs Arch, Gentoo, Slack) who could generate new keys acceptable for use on any platform and update them - a user generated key could be created using a time stamp, machine ID, and user password (versus boot image/kernel hash)
At least, this is the only way I can think of proposing a solution that wouldn't be easily exploited by hackers.
Since the change would have to be initiated by the administrator account of an operating system using an accepted key in the allow list, and the new key would also have to generated in the same fashion, it would be exceptionally difficult to exploit an already installed system.Edited by Xaero252 - 10/29/11 at 9:19pm