actually there a few workarounds here is one of them
http://git.kernel.org/?p=linux/kernel/git/jejb/efitools.git;a=tree
Its a signed pre-bootloader lol.

By the way a more sever version this was originally proposed by
Microsoft as an in bios version as part of their first trusted
computing push nearly a decade ago which the majority of users (even
Windows users) threatened to boycotted any manufacturer who
implemented it. Now with the advent of UEFI they slipped it in again,
after every one had forgotten about the first attempt. The original
version included the concept that all software running on the machine
had to have a currently valid unique license key signed by Microsoft
installed in your bios or your bios would prevent your computer from
operating because you are a pirate if your software wasn't registered
via Microsoft regardless of who wrote it.




On Wed, Feb 27, 2013 at 10:53 AM, Dale Dellutri <[log in to unmask]> wrote:
> On Wed, Feb 27, 2013 at 6:27 AM, zxq9 <[log in to unmask]> wrote:
>> On 02/27/2013 04:20 AM, Paul Robert Marino wrote:
>>>
>>> I have an X120e as well and simply changing the hard drive doesn't fix
>>> the eufi issue.
>>> the first answer to this string is correct with two cavorts RedHat got
>>> two signed certs one fro RHEL and the other for Fedora. apparently the
>>> process was a nightmare but they will work with secure boot. for that
>>> reason I run fedora as my primary os on my laptop and if i have to do
>>> any Scientific Linux testing I run it in a VM
>>> (and yes an AMD fusion chip can runs a single VM surprisingly well)..
>>
>>
>> We supply our customers with Linux and dual-boot systems, and recently have
>> run headlong into the UEFI madness.
>
>> ... (SNIPPED) ...
>
>> There is a silver lining. The board makers themselves are out to sell boards
>> and laptops and tablets and can be reasoned with. My company is an extremely
>> small player in the hardware field but we've had positive response from
>> vendors when inquiring about having our own keys included on boards
>> alongside Microsoft's when doing bulk orders. We haven't had to go that
>> route yet so I'm unsure how much of a pain that would actually be to manage
>> (doesn't appear much more difficult than managing repository keys though,
>> for example), but this leaves the door open for even tiny computing
>> companies and larger IT departments to arrange for their own "secure" boot
>> keys to be pre-installed by the board manufacturers and not violate
>> Microsoft's requirements, even on ARM. That said, since we don't do showroom
>> marketing anyway neither we nor our suppliers have a need to put little
>> "Windows8 Ready" stickers on anything they ship to us anyway.
>
>> ... (SNIPPED) ...
>
> Doesn't this lower the eventual resale value of the laptop?  Doesn't it restrict
> the laptop to run only what either MS wants or what you installed?
>
> I buy refurbished laptops and install Fedora, but I might want to try *BSD or
> Ubuntu or something else in the future.  Doesn't the "silver lining" restrict
> that with these UEFI laptops?
>
> --
> Dale Dellutri