'Secure' Boot is Not Secure, Time to Abandon It

Dr. Roy Schestowitz

2013-12-09 20:21:48 UTC
Modified: 2013-12-09 20:21:48 UTC

Summary: The 'security' boasted by restricted boot is shown to be a sham; other booting systems ought to be promoted at UEFI's expense

THE malicious thing which is UEFI (with or without restricted boot) has been covered here a lot. It needs to be shunned and those behind it should be investigated for collusion. It's not secure, as Torvalds predicted (with strong words at times).

As part of his ongoing investigation of UEFI, Dr. Garrett found serious flaws in restricted boot. As Phoronix put it the other day, "Matthew Garrett has written an insightful blog post about security issues pertaining to the Linux kernel's kexec functionality that could defeat any security benefits provided by Secure Boot. Using kexec could even allow you to boot a Windows kernel."

UEFI is a sham that hardly offers any benefits to ordinary users; all it does in practice is harm. We need to embrace something like Coreboot [1] instead. The "UEFI" label (which computer makers don't even make visible) should be read as "defective out of the box". ⬆

Related/contextual items from the news:

Coreboot Gets Support For Haswell Power Limiting

After landing hardware support improvements last week for Coreboot, the open-source BIOS firmware replacement now has another new feature: ACPI power limiting and it's been implemented for Intel Haswell CPUs.

Recent Techrights' Posts

Facebook's Debt Leaps to Over 51 Billion Dollars: A lot of this is a bubble, aside from the bubble the media irresponsibly dubs "AI"
3 Days Ago Over at Tux Machines...: GNU/Linux news
Most of This Month Will Deal With EPO Scandals: A timeline of sorts
Links 01/11/2025: Microsoft Distributes Malware Again, Radio Free Asia Shut Down by Dictator: Links for the day
Gemini Links 02/11/2025: "The Pragmatic Programmer", Perl New Features and Foostats: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, November 01, 2025: IRC logs for Saturday, November 01, 2025
Linux.com is Becoming Microsoft: They took a once-reputable site with a vast audience and turned it into a pile of trash
Microsoft Lunduke: People Pointing Out I'm a Bigot is a Badge of Honour: It's almost as if he openly admits being a troll and is proud of it
Oracle's Debt Continues Rising to All-Time Highs, The "Slop Bubble" is a Smokescreen for Larry Ellison: wishful-thinking bubble waiting to implode completely
News on the Web is Becoming Rare, Shallow, and Difficult to Find: To efficiently and rapidly find original and important news without underlying comprehension/understanding of the news (and its context) is a hard task
Slopwatch: Linux Journal, Serial Slopper, WebProNews, and More: getting back into the habit
The Cocaine Patent Office - Part III: European Patent Office Officials Cannot Claim False Identification: Corroborating with other sources is always desirable if possible. We shall do so later in this series.
Still Catching Up, Daily Links a Top Priority: Readers who have additional information about the EPO can send it along to us
Links 01/11/2025: "Americans Are Defaulting on Car Loans at an Alarming Rate" While Many Left to Starve (SNAP): Links for the day
Gemini Links 01/11/2025: FIFO and Gemini Age Survey: Links for the day
Why Does German Media Protect the EPO From Accountability for Cocaine?: Can we trust such media to properly inform the public?
Links 01/11/2025: Microsoft Azure Goes Offline Again: Links for the day
November is Here, Anniversary Party This Coming Friday: Expect this site to return to its normal publication pace either by tomorrow or Monday
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, October 31, 2025: IRC logs for Friday, October 31, 2025
Gemini Links 01/11/2025: Synergetic Disinformation and Software Maintenance: Links for the day
IRC Proceedings: Thursday, October 30, 2025: IRC logs for Thursday, October 30, 2025
IRC Proceedings: Wednesday, October 29, 2025: IRC logs for Wednesday, October 29, 2025