Locks are placebo security
Summary: A quick overview of some articles about UEFI, as seen in the eyes of a free(dom) software authority
THE OTHER day we wrote about the FSF's advice regarding UEFI. Canonical’s workaround [1, 2, 3] was criticised by the FSF and the FSF also criticised Red Hat’s route [1, 2, 3, 4], as did we. Debian is with the FSF. The realisation that Microsoft wants to control the boot sequence oughtn’t be met with nonchalance. Here is some more coverage of the FSF’s action:
Secureboot has always been a concern of Linux distributions as it means people will not be able to run and install GNU/Linux operating systems on their computers those who have secure boot enabled. To overcome this issue, Fedora has decided to purchase keys signed by VerSign that will make the computer recognizable to its operating system and will enable users to run it. All Fedora releases will come with this key and henceforth there will not be a problem in installing Fedora on secureboot enabled machines.
The Free Software Foundation says it strongly rejects any approach to computer security that involves placing trust in Microsoft or any other proprietary software company.
Instead, the organisation, in a white paper on Microsoft’s secure boot proposal and the fallout thereof, said users should be able to both easily disable secure boot and to use their own security keys in order that they could be the ultimate decision-maker on which software should run on their computers.