"Why not just use Coreboot?"

[mjg59]

Why not just avoid the entire Secure Boot problem by using Coreboot? Because the reason we have the Secure Boot problem is because Microsoft's Windows 8 certification requirements mean vendors have to ship a UEFI implementation with Secure Boot. You could satisfy that by using Coreboot with a Tiano payload, but it'll still have Secure Boot enabled so you still have the same set of problems. But maybe you could just reflash your system with Coreboot? No, because another part of the requirements states that all firmware updates have to be cryptographically signed now. The only way to reflash will be to attach a flash programmer directly to your motherboard.

So why not just use Coreboot? Because it doesn't help solve this problem in any way.

Comments

Re: Why hasn't Red Hat gone to the DOJ?

[(Anonymous)]

> Why isn't anyone screaming bloody murder right now?

Oh man they *DID* scream bloody murder by everyone involved trusted what Microsoft said about not preventing anyone to have more than one key or disabling secure boot.

Of course the latter does not solve the problem, the former does mean "not preventing" is going to be "going out of one's way to make sure nobody is widely including another key".

Re: Why hasn't Red Hat gone to the DOJ?

[doldonius]

Believed MS? Just how old exactly were they back then, 4?

Re: Why hasn't Red Hat gone to the DOJ?

[(Anonymous)]

I have seen a lot of people getting upset about it, but I haven't really seen any official comments from corporations. I believe (and I could be wrong) that this issue will be a of huge importance in the future. However, once the damage is done, it will be a bit late to complain.