lenovo and HP currently use a PCI ID whitelist in their firmwares to prevent WiFi and 3G cards they didn't rebrand and sell at a markup from working in laptops they make.
I will be very surprised if they do not omit the UEFI driver signing key on some laptops and servers to force you to use only supported, authorized and conveniently marked up hardware for disk/RAID controllers, hardware iSCSI initiators, PXE-capable NICs, remote management cards (VGA+USB host interface to Ethernet and VNC), etc. The temptation of lock-in and high margins is likely to be too strong, as we've already seen with various OEM's periodic attempts to lock server hardware support to their own storage controllers.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
OEM laptops - not yet, but probably soon
Date: 2013-01-03 11:53 pm (UTC)I will be very surprised if they do not omit the UEFI driver signing key on some laptops and servers to force you to use only supported, authorized and conveniently marked up hardware for disk/RAID controllers, hardware iSCSI initiators, PXE-capable NICs, remote management cards (VGA+USB host interface to Ethernet and VNC), etc. The temptation of lock-in and high margins is likely to be too strong, as we've already seen with various OEM's periodic attempts to lock server hardware support to their own storage controllers.