Microsoft: "You've got questions. We've got dancing paperclips."
All articles
Last comments
Rafael Lanna
try sudo apt-get install -f
Yochanan
It's Cornie Icons, not Corny.
Shekin
You can install 370 version also
Vitali80
Thank you so much for your help Shekin, you're great
Archive
«    December 2016    »
MonTueWedThuFriSatSun
 1234
567891011
12131415161718
19202122232425
262728293031 
» » UEFI Secure Boot - should be used or not?

UEFI Secure Boot - should be used or not?

UEFI should be used or not?

I want to understand why, was invented UEFI Secure Boot and how it affects the use of my beloved Linux Mint.



Sorry for the spelling and phonetic errors in the text.
Owner and main writer of MintGuide.org is not a native English speaker.


The Unified Extensible Firmware Interface (UEFI, pronounced as an initialism U-E-F-I or like "unify" without the n[a]) is a specification that defines a software interface between an operating system and platform firmware. UEFI is meant to replace the Basic Input/Output System (BIOS) firmware interface, originally present in all IBM PC-compatible personal computers. In practice, most UEFI firmware images provide legacy support for BIOS services. UEFI can support remote diagnostics and repair of computers, even without another operating system.

Almost all people have got new motherboards and now people are owners of motherboards UEFI. Accordingly, Secure Boot is supported. The question on security: do I need to use UEFI Secure Boot or not?

 

While the BIOS is essentially extremely hard and virtually unchanged in content code special firmware BIOS-chip, UEFI system is rather flexible, programmable interface. And this is the interface over all hardware components of the computer to their own devices, the microcode. Unlike BIOS boot code, which is always hard-coded in the corresponding chip on the motherboard, much more extensive in size codes UEFI are in a special directory /EFI/, the place of physical location which can be quite varied — from memory chips on the motherboard, or a partition on the hard disk of the computer and to external network storage.

As a result of this flexibility, the system UEFI becomes something much smaller, but quite independent of the operating system. That is, in fact, in the computer first loads the UEFI, under her management is essentially an arbitrary set of desired actions, and then starts loading the actual operating system.

 

Linux definitely supports UEFI, but it is rather superficial acquaintance than an effective partnership. Mac OS X has advanced somewhat further, and partly uses UEFI with boot Manager Bootcamp. In the line Microsoft support UEFI was introduced in Windows 8, this operating system became the first of the "main" OS, where intensively involved the benefits of UEFI, including restore, update, secure boot and quite possibly something else.

 

Meanwhile about any unfair competition speech would come out. Official Microsoft already quite reasonably parried the attacks of those Linux users that on their part it is solely about improving security in the work Windows. And they in no way trying to influence the way in which manufacturers of hardware to dispose of their cryptographic keys. Microsoft does not preclude the issuance of keys for other operating systems.

 

In the world of desktop systems, where now nearly no OEM does not sell computers with Linux preinstalled, it is not clear what incentives can be the manufacturers for distribution of their cryptographic keys these various Linux distributions. The only thing we can predict for sure — Microsoft solution to this problem will not be engaged exactly.

 

Now try to answer the question in the title.
My opinion: No, do not use UEFI Secure Boot. Obviously. When they created this UEFI, we were informed that it was solely for the sake of our security, they say, malware a thing of the past. Let's look at the results: if in Windows less viruses? No, they became more. Maybe Kaspersky Lab sits without work and are about to go bankrupt? No, with Kaspersky all right. Consequently, UEFI does not care about our safety.

What then? Here's what: Microsoft will make it harder to install Linux on a new PC with Windows 10. Actually, just for that UEFI was created.

You can now rephrase my question so: whether to use the feature, created solely to deceive the buyer and unfair competition? Probably better not. At least until then, until it will include force, with no option to disable. And this, apparently, is heading.

 

Good Luck!!!

 

Tags: system boot

Related articles

Add a comment

  • bowtiesmilelaughingblushsmileyrelaxedsmirk
    heart_eyeskissing_heartkissing_closed_eyesflushedrelievedsatisfiedgrin
    winkstuck_out_tongue_winking_eyestuck_out_tongue_closed_eyesgrinningkissingstuck_out_tonguesleeping
    worriedfrowninganguishedopen_mouthgrimacingconfusedhushed
    expressionlessunamusedsweat_smilesweatdisappointed_relievedwearypensive
    disappointedconfoundedfearfulcold_sweatperseverecrysob
    joyastonishedscreamtired_faceangryragetriumph
    sleepyyummasksunglassesdizzy_faceimpsmiling_imp
    neutral_faceno_mouthinnocent
Login via
Up