UEFI 'Secure' Boot is Not About Security, Insyde Software's Business Model is Misguided and Dangerous

Dr. Roy Schestowitz

2013-06-06 14:10:04 UTC
Modified: 2013-06-06 14:10:04 UTC

Corporate insecurity for Insyde Software, corporate security for Microsoft

UEFI

Summary: Promotion of bad ideas by Insyde Software merits another discussion about what UEFI actually means to ordinary GNU/Linux users

The main problem with UEFI is its effect on freedom. It's not just about restricted boot but also patents and other issues covered in the criticism section in Wikipedia.

A new press release from Taiwan describes UEFI as a security mechanism, but this is utter fiction. Last month I spoke for over an hour with the president of the UEFI Forum, covering in length the aspect of security. He too was led to agreeing with me that security is hardly improved by UEFI, which can have its barriers bypassed and ignored. The press release says something like this:

Insyde Software, a leading provider of Unified Extensible Firmware Interface (UEFI) BIOS, today announced the availability of new UEFI security features including Secure Boot and secure firmware update for leading Linux distributions.

No, thanks. Linux does not need UEFI for security. Even Torvalds rejects the 'security' claim (he dislikes 'secure' boot in general [1, 2]). So the above is a marketing gimmick, that's all. Insyde Software will boost flawed claims of 'security', so we should all be prepared to rebut.

Dr. Garrett, an expert in this field and occasional apologist, demonstrated that UEFI with Linux can brick hardware [1, 2, 3]. So much for security, eh? He is supporting it, sadly enough, based on very weak grounds. He should have antagonised it instead. Earlier this week he posted an update on the bricking issue:

Meanwhile, Samsung got back to us and let us know that their systems didn't require more than 5KB of nvram space to be available, which meant we could get rid of the 50% value and replace it with 5KB. The hope was that any system that booted with only 5KB of space available in nvram would trigger a garbage collection run. Unfortunately, it turned out that that wasn't true - some systems will only trigger garbage collection if the OS actually makes an attempt to write a variable that won't otherwise fit.

So the search for a solution goes on under the false pretences that buggy, experimental UEFI sometimes adds something for GNU/Linux users to enjoy. The practical benefits of UEFI are very minor to ordinary desktop users. UEFI is good for two monopolies: the Intel/x86 monopoly and the Windows monopoly. ⬆

Microsoft Uses LLM Slop to Defraud (or Rob) Shareholders: Microsoft is basically defrauding its shareholders by LLM slop
The "Davos Effect": Tarnishing the Reputation of Places Not by Overtourism But by Oligarch Infestation: The last Venice needs is an affiliation with Venetian oligarchs
Links 01/07/2025: "Independence Day in Taiwan", Bounties on Software Patents: Links for the day
What Happens When Your Law Firm is Preoccupied With Harassing and Trying to Extort a Humble Couple in Manchester, Even on Behalf of Violent Microsoft Staff From Another Continent: It's good to see that law firms which operate in bad faith are perishing
Lawyer X, Law Firm X and Elon Musk's X: scandals linked by Old Xaverian: Reprinted with permission from Daniel Pocock
Gemini Links 01/07/2025: Distraction-Free Writing and Hytale Mismanagement: Links for the day
Links 01/07/2025: "Beauty of Blogging" and "Etiquette of Collapse": Links for the day
The Web is a Dead End: We need to adopt alternatives
When Words Lose Their Intended Meaning: examples of words that, at least in the technical spheres, don't mean what they sound like
People Who Disagree With You on Technical Matters May or May Not Agree With You on Political Things (But Usually They Do): What bothers me a great deal is seeing left-leaning people accusing other left-leaning people of being "nazis"
"Too Much Choice" and "Too Many Programming Languages": What IBM and its apologists aim for was attempted in the 1930s and it failed
Microsoft Lost 400,000,000 Windows Users, According to Microsoft: more people adopt smaller computers and many people replace Windows with GNU/Linux, as they don't really need a new computer
Half a Year Gone, What's to Come Next: In the second half of 2025 we expect to be done with the Microsoft SLAPPs
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, June 30, 2025: IRC logs for Monday, June 30, 2025
People at the Very Top of Microsoft Know How Bad Things Really Are: There's no product that can replace the former profitability of Windows licensing and stuff that went on top of Windows
Gemini Links 01/07/2025: Mid Year and a Tour of Old Languages: Links for the day
EPO Presentation Bemoans Misuse of Slop in Decision-Making on Patents and in Classification (Which is Likely Illegal Too): We habitually mention failed use cases of LLMs on the Web
Mass Layoffs at Microsoft Confirmed, "XBox Hardware Is Dead": It's possible that over 20% of the staff will be laid off
Links 30/06/2025: Kyrgyzstan vs Media Freedom, Dalai Lama Succession: Links for the day
Gemini Links 30/06/2025: Backend Programs in Gemini and Dynamic Content Without The Scripting: Links for the day
Links 30/06/2025: Zuckerberg’s Tax-Evading Scheme Harms Kids, US Copyright Office Lacks Leadership: Links for the day
Microsoft Isn't Laying Off Tens of Thousands to 'Invest' in Slop ('Hey Hi'), It's Laying Off Tens of Thousands Because It's Running Out of Money (and Willing Lenders): the layoffs are a sign of the business failing, not "hey hi" (whatever that is) replacing staff
Intel Lays Off 20% of Its Workforce, Microsoft is Doing the Same This Year: Like a yoyo, whatever goes up will come back down
Microsoft XBox Layoffs: Almost 2,000 Layoffs Became "Over 2,000"? (Over 20% of the Staff): over 20% of staff will be let go, not counting staff that leaves voluntarily
GNU/Linux Rises to New Highs in Angola, Africa in General is Abandoning Windows: Western media barely covers Microsoft layoffs in Africa, but in recent years Microsoft culled the workforce and even shut down entire operations
Summer Plans in Techrights and Elsewhere: massive layoffs at Microsoft
Destination Geminispace (in the Age of LLM Slop and Slop Images That Infest the Web and Social Control Media): Geminispace isn't vast, but at least it is - on average - a lot "cleaner"
GNU/Linux Growing in Sierra Leone This Year: Based on what statCounter is seeing, this year there are more and more people there who adopt GNU/Linux
Serial Sloppers Gonna Slop: More sites out there ought to call out the cheaters
Quartz (qz.com) is Spam and a Slopfarm: It used to be OK. Then they fired the staff.
Links 30/06/2025: US Economic Woes, Extreme Heat: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, June 29, 2025: IRC logs for Sunday, June 29, 2025
Gemini Links 30/06/2025: "The AI Hype" and New AuraGem Ask: Links for the day
Our Desktops Are Not Your Experiments, X is Not an Experiment: Breaking what already worked
Microsoft's Big Lies Regarding This Week's Mass Layoffs Have Already Begun (and They're Already Being Spread by Slopfarms): Microsoft is the "market leader" in slop
Explaining the Full Story of SLAPPs From Microsoft Staff: For every action there is a reaction, for every attack there will be proportionate consequences
The Openwashing Shills Initiative (OSI) - Part III: IRS and Status of OSI: "They lied to the US IRS and there’s a paper trail"
IBM Red Hat's Dogmatic Fanaticism Under a Thin Veil of "Modernism": IBM now has the audacity to paint people who don't agree as "nazis"
Microsoft's Share in Guatemala Fell From 97% to 14%: Eventually Microsoft will get stuck in a loop of layoffs, layoffs, and more layoffs
They Made Technology Scary and Taught Us That It's Innocent, Friendly, Even "Social": Rejection of all this "apps" and "gadgets" and "Smart" (whatever that means!) status quo isn't a rejection of society
The Media is Under Attacks Partly Because There's Little Other (Remaining) Press to Speak in Its Defence: The biggest danger here is that when there's very little press or no "opposition media" left it becomes even easier to crush critics because there aren't many people left to speak about the matter
If Your Web Site is Run by Bots, Eventually Nobody Will 'Read' It Except Bots (People Don't Want to Read Slop): Eventually people learn from mistakes
Links 29/06/2025: Microsoft Releases False/Fake Benchmarks, "Google Wants You to Watch Ads or Take Surveys to Read Articles": Links for the day
Links 29/06/2025: Data Breaches and Online Censorship: Links for the day
Gemini Links 29/06/2025: "The Price Of Eggs" and Gemini 3D Tic Tac Toe: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, June 28, 2025: IRC logs for Saturday, June 28, 2025

UEFI 'Secure' Boot is Not About Security, Insyde Software's Business Model is Misguided and Dangerous

Recent Techrights' Posts