Re: Secure Boot. Why don't you take the wind out of their sails?

[Bruce Dubbs]

address@hidden wrote:

> Maybe I'm missing something, but when I read this, it doesn't say the
> hardware must have Secure Boot enabled by default.  Rather, it must be
> enabled by the OEM as part of the Windows preinstallation process, so
> that it's enabled when it reaches the end user.  System builders are
> still going to purchase UEFI Secure Boot-capable motherboards with
> Secure Boot disabled-by-default, and they will "just work" if you want
> to install Linux.

For people who are not experts, trying Linux or another operating system 
becomes much more intimidating.  They have to go into the BIOS and 
change something.  Then, to go back to Windows, they have to do it again.

Will this discourage users from trying something else?  You bet.

End-users who bought pre-installed Windows will
> have to change the configuration option in system setup, which for
> someone planning to install a new OS from scratch is not a major
> hurdle.  It will be a minor road bump for people using live-CD style
> media (including USB), but won't be a showstopper if the user actually
> has permission from the computer owner to boot the alternate media.
> What likely is that it will prevent unauthorized (by the owner)
> rebooting public computers using alternate media, but that's not
> exactly a valid scenario to begin with.

But is is for private computers.  My LUG frequently gives out DVDs with 
various Live system and say try it.  That will become much more 
problematic.

I still don't know how someone is supposed to be able to boot Windows 
within a VM with this new paradigm.

  -- Bruce