SCIENTIFIC-LINUX-USERS Archives

October 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: UEFI
From:
Tom H <[log in to unmask]>
Reply To:
Tom H <[log in to unmask]>
Date:
Thu, 20 Oct 2011 11:10:08 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (14 lines) 
On Thu, Oct 20, 2011 at 4:58 AM, Thomas Bendler
<[log in to unmask]> wrote:
>
> Secure boot is simply a design mistake. Instead of giving everyone the
> opportunity to upload own certificates to the certificate store (like
> browsers do), they implemented a hard coded list of certificates so that
> only a few systems benefit from secure boot (the general idea of secure boot
> is fine). This is the problem, the root of trust is moved to the vendors
> instead of the owner. Unfortunately a lot of commercial interests will most
> likely push it to the market as it is, so the only hope will be to be able
> to switch it off.

The only intelligent post in this totally OT thread...

ATOM RSS1 RSS2