Posts Tagged ‘secure booting’


Sunday, September 25th, 2011

Wow, this week sure shot by in a blur. This, the second week at work (I can’t call it the third, I was only present one day in the “first” week), has been filled with more learning, getting down and dirty with the hardware (i.e. replacing some boards) and generally playing around inside the node.

The highlight of the week must have been when I was fiddling around learning commands on the node, and managed to find what Pontus described as a “not entirely insignificant bug”. Pontus then spent a couple of hours tracing the hell out it, with me observing from the side. All in all a pretty productive day :D


This week has also seen a rather troubling report (part 1, part 2) about Microsoft maybe being able to abuse UEFI secure booting in order to disallow booting something from a competitor, say a GNU+Linux system. While they have responded in a post of their own, which includes innocent-looking sentences like this:

OEMs have the ability to customize their firmware to meet the needs of their customers by customizing the level of certificate and policy management on their platform.

This however, does not fill me with any warm and cuddly feelings. This just attempts to give Microsoft an alibi, so that they can say “hey, we aren’t doing anything, blame the OEMs.”

At the same time Microsoft could, since they have a great big part of the desktop market, tell OEMs something along the lines of: “If you bundle other UEFI keys than ours, we might not want you as an OEM partner.”

Of course I can only speculate, but from previous observations I wouldn’t put it past Microsoft to do something like this. From a business perspective it makes perfect sense, and if that means that Patrik in Göteborg can’t boot his computer, well, you have to break a couple of eggs if you want to make an omelette right? Shit happens, right?

But hey Microsoft, please prove me wrong, the ball is yours.

Update: My poor motherboard seems to have gone to that very tiny electron in the sky :(

I guess it is time to start looking at buying new components…