Overclock.net › Forums › Industry News › Software News › [ZDNet]Linux Foundation proposes to use UEFI to make PCs secure and free
New Posts  All Forums:Forum Nav:

[ZDNet]Linux Foundation proposes to use UEFI to make PCs secure and free - Page 2

post #11 of 25
Quote:
Originally Posted by Riou View Post
I use MS and Linux operating systems. There should be a way for users to create keys in UEFI so that Linux/BSD/etc. users will not be shut out from Secure Boot by OEMs and MS.
would kinda defeat the point don't you think? having a public key and allowing anyone to sign the sofware? what would stop the "hackers" from just signing the virus/malware/other bad thing that infects the boot up routine?

i was miffed too when i first heard this,but as long as the manufactures allow a way to disable it (which i'm sure they will), all is fine. just means if you turn it off and boot into win 8 it will just be that little bit less secure.

I believe the chrome netbooks use this feature as well, everything i've seen on them, there is a switch underneath where the harddrive compartment lid is at, you switch over, but they call it "dev mode".

This to me is just a combination of sensationalism with FUD thrown in for added flavor, is MS evil? not always, are all linux users, fanatics and trying to make windows less secure, i would say no, that windows does a good enough job of that on their own (j/k).

luckily for all of us, the FSF is a different organization, with different roots, and different beliefs than the other organizations of Open source/free software.
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #12 of 25
What about like VeriSign? Where you need to apply for a key?

I'd love it if we had the bootloader in the UEFI with this, you know, it detects you've installed say, Gentoo, Arch and Windows 8 and lets you have a menu from the UEFI rather than say, grub, that way MS can't keep messing it up for the rest of us.
My system
(23 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k @ 4.5Ghz ASRock Z77 Pro3 Powercolor Radeon HD7950 3GB @ 1150/1350 4x4GB G.Skill Ares 2000Mhz CL9 
Hard DriveHard DriveHard DriveHard Drive
Samsung 840 250GB Western Digital Black 1TB WD1002FAEX Seagate Barracuda 3TB ST3000DM001 Samsung Spinpoint EcoGreen 2TB 
Optical DriveCoolingCoolingCooling
Pioneer DVR-220LBKS Noctua NH-D14 Scythe Gentle Typhoon 1850rpm Corsair AF140 Quiet Edition 
CoolingOSMonitorMonitor
Arcitc Cooling Acclero Twin Turbo II Arch Linux x86-64, amdgpu BenQ G2220HD BenQ G2020HD 
KeyboardPowerCaseMouse
Ducky Shine III Year of the Snake, Cherry Blue Silverstone Strider Plus 600w CoolerMaster CM690 II Black and White SteelSeries Sensei Professional 
Mouse PadAudioOther
Artisan Hien Mid Japan Black Large ASUS Xonar DX NZXT Sentry Mesh 30w Fan Controller 
  hide details  
Reply
My system
(23 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k @ 4.5Ghz ASRock Z77 Pro3 Powercolor Radeon HD7950 3GB @ 1150/1350 4x4GB G.Skill Ares 2000Mhz CL9 
Hard DriveHard DriveHard DriveHard Drive
Samsung 840 250GB Western Digital Black 1TB WD1002FAEX Seagate Barracuda 3TB ST3000DM001 Samsung Spinpoint EcoGreen 2TB 
Optical DriveCoolingCoolingCooling
Pioneer DVR-220LBKS Noctua NH-D14 Scythe Gentle Typhoon 1850rpm Corsair AF140 Quiet Edition 
CoolingOSMonitorMonitor
Arcitc Cooling Acclero Twin Turbo II Arch Linux x86-64, amdgpu BenQ G2220HD BenQ G2020HD 
KeyboardPowerCaseMouse
Ducky Shine III Year of the Snake, Cherry Blue Silverstone Strider Plus 600w CoolerMaster CM690 II Black and White SteelSeries Sensei Professional 
Mouse PadAudioOther
Artisan Hien Mid Japan Black Large ASUS Xonar DX NZXT Sentry Mesh 30w Fan Controller 
  hide details  
Reply
post #13 of 25
I would 100% switch to Linux if I didn't need wine to emulate a windows environment.
The BAWS!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II 955 BE Asus M5A97 EVO Sapphire 6870 Gskill RipJaws DDR3 1600 2x4GB 
Hard DriveOptical DriveCoolingOS
Western Digital LG super multi lightscribe Corsair H50 with Coolermaster R4 in push/pull Win 7 Ultimate 64bit 
MonitorKeyboardPowerCase
23" Acer LED 60hz $8 local computer store brand Corsair 750TX CM 690 II 
MouseMouse Pad
CM Sentinel Advance Steel Series 
  hide details  
Reply
The BAWS!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II 955 BE Asus M5A97 EVO Sapphire 6870 Gskill RipJaws DDR3 1600 2x4GB 
Hard DriveOptical DriveCoolingOS
Western Digital LG super multi lightscribe Corsair H50 with Coolermaster R4 in push/pull Win 7 Ultimate 64bit 
MonitorKeyboardPowerCase
23" Acer LED 60hz $8 local computer store brand Corsair 750TX CM 690 II 
MouseMouse Pad
CM Sentinel Advance Steel Series 
  hide details  
Reply
post #14 of 25
Quote:
Originally Posted by JonnyFenix View Post
I would 100% switch to Linux if I didn't need wine to emulate a windows environment.
What are you trying to do that for? Windows is the best Windows environment there is, so why would you cause yourself the pain of trying to replicate it on something else?

I would 100% switch to tea if I didn't need flavouring to make it taste like coffee, but since that isn't going to happen, maybe I should just stick with coffee?
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #15 of 25
Quote:
Originally Posted by Birdy1337 View Post
Source

For people that were talking about not being able to use Linux because of UEFI, Hopefully soon you will be able to use Linux AND UEFI with no worries.
UEFI is jailing the pc. It's got nothing to do with security and won't enhance anyones security besides people who can control it.
It's an extensible interace that can set your home address and set up your internet without an OS. It has a key that has to be loaded to load an operating system. What other things have a key that have to be loaded to load an operating system. If you said jailed phones and ps/3 you would be right.
It also causes you trouble just like any digitial dongle protection.

Nobody wants to demystify all that for some reason. If they want to give you the keys no problem. If they want to give ability to really turn it off and I mean not just pretend to turn it off. No problem. People regularly have trouble with it when setting up macs as servers which is just efi. The start of the jailing sequence and the start of computers controllable by remote without a os load.
Goofy
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 4850e 2.4Ghz 22 watts 1.1v 1500HT 300FSB Gigabyte GA-M78SM-S2H What I'm Testing 2 2gb Geil PC6400 960MHZ 
Hard DriveOptical DriveOSMonitor
Hitachi 160gb SATA-II Pioneer DVR 111D Redhat Core 12 x86_64, Windows XP HANNspree 20" 1600x900 
KeyboardPowerCaseMouse
Logitec Premium Desktop Mini-Box M3-ATX 120 Watt DC-DC Spire Logitec 
Mouse Pad
Xtrac 
  hide details  
Reply
Goofy
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 4850e 2.4Ghz 22 watts 1.1v 1500HT 300FSB Gigabyte GA-M78SM-S2H What I'm Testing 2 2gb Geil PC6400 960MHZ 
Hard DriveOptical DriveOSMonitor
Hitachi 160gb SATA-II Pioneer DVR 111D Redhat Core 12 x86_64, Windows XP HANNspree 20" 1600x900 
KeyboardPowerCaseMouse
Logitec Premium Desktop Mini-Box M3-ATX 120 Watt DC-DC Spire Logitec 
Mouse Pad
Xtrac 
  hide details  
Reply
post #16 of 25
Quote:
Originally Posted by randomizer View Post
What are you trying to do that for? Windows is the best Windows environment there is, so why would you cause yourself the pain of trying to replicate it on something else?

I would 100% switch to tea if I didn't need flavouring to make it taste like coffee, but since that isn't going to happen, maybe I should just stick with coffee?
YOUR opinion - just saying. Statistically speaking, Linux beats Windows, on almost all fronts. Obviously hold gaming, since *most* people can't seem to figure out how to get games to work on Linux (its not hard, I promise, I did it just fine for years, and ran CURRENT titles with little to no problems, which is more than I can say for most users running Windows)

In MY opinion there is no true comparison between the two, its night and day differences between Linux and Windows in favor of the former.

Quote:
Originally Posted by Transhour View Post
would kinda defeat the point don't you think? having a public key and allowing anyone to sign the sofware? what would stop the "hackers" from just signing the virus/malware/other bad thing that infects the boot up routine?
The signing would have to be local, a unique machine ID would be generated which in conjunction with a time stamp and hash of the system kernel (or boot image, which is more likely) of the new operating system would generate a unique key which could then be added to the accepted key list for S-UEFI. Or, for operating systems whose boot image and/or kernel get changed very frequently and/or are not supported by an entity (i.e. Ubuntu/Canonical, SuSe/Novell, RHEL vs Arch, Gentoo, Slack) who could generate new keys acceptable for use on any platform and update them - a user generated key could be created using a time stamp, machine ID, and user password (versus boot image/kernel hash)

At least, this is the only way I can think of proposing a solution that wouldn't be easily exploited by hackers.

Since the change would have to be initiated by the administrator account of an operating system using an accepted key in the allow list, and the new key would also have to generated in the same fashion, it would be exceptionally difficult to exploit an already installed system.
Edited by Xaero252 - 10/29/11 at 9:19pm
    
CPUMotherboardGraphicsRAM
Core i7 920 D0 4.2ghz HT (1.3625v) Asus R3E 2xGTX 460 (non SLi, no overclock) 6x2gb G.skill @ 6-8-6-24-1T 
Hard DriveOptical DriveOSMonitor
WD-VR 300GBx1, 2xWD 1tb,2x60gb Agility Some crappy combo burner... Arch x64 3xDell U2410f rev A02 
KeyboardPowerCaseMouse
X-Armor U9BL TT Toughpower 1200w (NTB more efficient) Mountain Mods Pinnacle 24 CYO Roccat Kone (R.I.P. A4Tech x7) 
Mouse Pad
Steelpad Experience I-1 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Core i7 920 D0 4.2ghz HT (1.3625v) Asus R3E 2xGTX 460 (non SLi, no overclock) 6x2gb G.skill @ 6-8-6-24-1T 
Hard DriveOptical DriveOSMonitor
WD-VR 300GBx1, 2xWD 1tb,2x60gb Agility Some crappy combo burner... Arch x64 3xDell U2410f rev A02 
KeyboardPowerCaseMouse
X-Armor U9BL TT Toughpower 1200w (NTB more efficient) Mountain Mods Pinnacle 24 CYO Roccat Kone (R.I.P. A4Tech x7) 
Mouse Pad
Steelpad Experience I-1 
  hide details  
Reply
post #17 of 25
Quote:
Originally Posted by Hephasteus View Post
UEFI is jailing the pc. It's got nothing to do with security and won't enhance anyones security besides people who can control it.
It's an extensible interace that can set your home address and set up your internet without an OS. It has a key that has to be loaded to load an operating system. What other things have a key that have to be loaded to load an operating system. If you said jailed phones and ps/3 you would be right.
It also causes you trouble just like any digitial dongle protection.

Nobody wants to demystify all that for some reason. If they want to give you the keys no problem. If they want to give ability to really turn it off and I mean not just pretend to turn it off. No problem. People regularly have trouble with it when setting up macs as servers which is just efi. The start of the jailing sequence and the start of computers controllable by remote without a os load.
UEFI does make it easier to remotely control PC's than older BIOS based PC's. Whether this tool is used more for improved functionality or overbearing control remains to be seen.
post #18 of 25
Quote:
Originally Posted by Xaero252 View Post
Statistically speaking, Linux beats Windows, on almost all fronts.
Except being able to behave like Windows, which is what the poster I quoted was wanting to do.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #19 of 25
Quote:
Originally Posted by randomizer View Post
Except being able to behave like Windows, which is what the poster I quoted was wanting to do.
There are exceptions, Eve Online and The Sims 3 run faster in Wine for me than in native Windows.
My system
(23 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k @ 4.5Ghz ASRock Z77 Pro3 Powercolor Radeon HD7950 3GB @ 1150/1350 4x4GB G.Skill Ares 2000Mhz CL9 
Hard DriveHard DriveHard DriveHard Drive
Samsung 840 250GB Western Digital Black 1TB WD1002FAEX Seagate Barracuda 3TB ST3000DM001 Samsung Spinpoint EcoGreen 2TB 
Optical DriveCoolingCoolingCooling
Pioneer DVR-220LBKS Noctua NH-D14 Scythe Gentle Typhoon 1850rpm Corsair AF140 Quiet Edition 
CoolingOSMonitorMonitor
Arcitc Cooling Acclero Twin Turbo II Arch Linux x86-64, amdgpu BenQ G2220HD BenQ G2020HD 
KeyboardPowerCaseMouse
Ducky Shine III Year of the Snake, Cherry Blue Silverstone Strider Plus 600w CoolerMaster CM690 II Black and White SteelSeries Sensei Professional 
Mouse PadAudioOther
Artisan Hien Mid Japan Black Large ASUS Xonar DX NZXT Sentry Mesh 30w Fan Controller 
  hide details  
Reply
My system
(23 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k @ 4.5Ghz ASRock Z77 Pro3 Powercolor Radeon HD7950 3GB @ 1150/1350 4x4GB G.Skill Ares 2000Mhz CL9 
Hard DriveHard DriveHard DriveHard Drive
Samsung 840 250GB Western Digital Black 1TB WD1002FAEX Seagate Barracuda 3TB ST3000DM001 Samsung Spinpoint EcoGreen 2TB 
Optical DriveCoolingCoolingCooling
Pioneer DVR-220LBKS Noctua NH-D14 Scythe Gentle Typhoon 1850rpm Corsair AF140 Quiet Edition 
CoolingOSMonitorMonitor
Arcitc Cooling Acclero Twin Turbo II Arch Linux x86-64, amdgpu BenQ G2220HD BenQ G2020HD 
KeyboardPowerCaseMouse
Ducky Shine III Year of the Snake, Cherry Blue Silverstone Strider Plus 600w CoolerMaster CM690 II Black and White SteelSeries Sensei Professional 
Mouse PadAudioOther
Artisan Hien Mid Japan Black Large ASUS Xonar DX NZXT Sentry Mesh 30w Fan Controller 
  hide details  
Reply
post #20 of 25
Quote:
Originally Posted by Brutuz View Post
There are exceptions, Eve Online and The Sims 3 run faster in Wine for me than in native Windows.
The poster didn't want to use Wine. They wanted Linux to emulate a Windows environment on its own. This is why I used the tea and coffee example. It doesn't make sense to want to make Linux behave like Windows when Windows already does this perfectly.

Anyway, this is a huge tangent fro the original topic. Bring on the conspiracy theories!
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [ZDNet]Linux Foundation proposes to use UEFI to make PCs secure and free