Bonum Certa Men Certa

System76 Gives 'Secure' Boot the Boot

Reprinted with permission from Ryan Farmer.

System76 Ditches UEFI Firmware Trash, Ships Coreboot Firmware on Linux Laptops.



I noticed today while looking around, that System76 has gotten rid of the UEFI trash on most of their products.



UEF is designed heavily around Windows and is full of bugs (here’s the list of them on my Lenovo ThinkBook 15 ITL Gen2) and promotes Microsoft’s lock-in, Security Theater Boot. I’ve had nothing but problems out of UEFI and even had to take legal action against Lenovo for abusing the customers and violating American laws with it.



Coreboot is the firmware that people deserve to have.



"Coreboot is the firmware that people deserve to have."It’s actually designed to “Just boot the computer and get the Hell out of there.”, which is what Linus Torvalds said he missed about “PC BIOS”.



It’s up to the user, really, what they want to run and so I congratulate System76 for taking strong and decisive action on behalf of their customers and recommend that people who need an x86 PC with Linux take their business to System76 as I will do next time I need a laptop.



Good behavior deserves to be rewarded!



UEFI is so bad that it should never have been released.



Lenovo should be ashamed of shipping this garbage on their computers.



Many times it doesn’t even work right on Windows.



They’re constantly patching it, and sometimes when you apply the patch it screws up Windows and your bootloader isn’t recognized, or “Bitlocker” won’t let you in unless you know your recovery key.



It’s even worse than the worst “Legacy BIOS” implementation I had ever encountered on dozens of PCs I owned over the years that it was shipped.



"You can pretty much expect ACPI issues and potentially dead hardware with UEFI, just from the operating system using its documented interfaces."The very worst problem I ever encountered on “Legacy BIOS” was an ACPI problem, but at least the computer worked and I raised Hell with the vendor and it got fixed.



You can pretty much expect ACPI issues and potentially dead hardware with UEFI, just from the operating system using its documented interfaces.



A system firmware that is well-designed should never risk being “bricked” because you loaded an OS.



UEFI implementations were poorly designed and went out without any testing.



Lots of the worst BIOS code (ACPI) was lifted straight out of Legacy BIOS, and then they went and created new disasters.



More than 10 years later, UEFI has only barely gotten better, in general.



In some ways, worse. (Depending on hardware vendor.)



Malware “in the boot path” is not an actual problem Linux users are having.



Even on the Windows side, Microsoft mostly threw “Secure Boot” in because people were using programs running before Windows started to trick the Product Activator. But those aren’t “malware”. They’re illegal, sure. (At least in the US.)



Also, why would you even run Windows for free? Eww.



But they are not threatening the user.



"Now that we have affordable alternatives to UEFI, even on the PC, don’t buy UEFI!"The only sane thing to do about UEFI “Secure Boot” is turn it off and just use the computer, but that’s in no way guaranteed to work forever. Microsoft could change the Windows license program and remove the part about the user being allowed to turn it off, and they probably will at some point.



After Ubuntu screwed me on the “Boothole” patch by incompetently updating the “dbx” ahead of other Linux vendors, rendering me unable to boot into Fedora, I reset Secure Boot on the Yoga and then turned it off.



I’ve never used “Secure Boot On” on the ThinkBook since removing Windows.



It doesn’t provide any actual security, it’s just one more thing in the way of running your PC the way you want.



And your OS vendor shouldn’t have to buy a “hall pass” from Microsoft, which is basically the way “Secure Boot” works on Linux now. The way Lenovo ships their laptops, the only way to control Secure Boot is turn it on or off. That’s pretty much it. If they let you have any control over it, it defies being documented (on purpose).



Even Theo de Raadt, the person behind OpenBSD rolls his eyes at “Secure Boot”.



It’s better to just buy a firmware that doesn’t do this to you as it certainly doesn’t solve any actual problem Linux users have.



Now that we have affordable alternatives to UEFI, even on the PC, don’t buy UEFI!



Not only is UEFI system firmware code objectively horrific now, unless we want to live in a future where Microsoft controls the PC, we should support computer makers that provide us with alternatives where Free Software will continue to be allowed. Otherwise, we will eventually run out of time and Microsoft will disallow operating system choice from the moment you press the power button.



EFI is this other Intel brain-damage (the first one being ACPI). It’s totally different from a normal BIOS, and was brought on by ia64, which never had a BIOS, of course.



[…]



Sadly, EFI people (a) think that their stinking mess is better than a BIOS and (b) are historically ia64-only, so they didn’t do that, but went the “we’ll just duplicate everything using our inferior EFI interfaces” way.

Linus Torvalds (before UEFI made it to PCs in an even worse state than it was in on ia64 and Macs)


Recent Techrights' Posts

Almost Half of the FSFE's Money (the Fake 'FSF', Misusing the Brand) Comes From Vodafone
That money always comes with strings, even if they're invisible to most of us
Justice for Wildlife
animals cannot speak to humans who hate animals
Why the EPO Never Managed to Silence Us (After Over a Decade of Trying)
Firms like Mishcon de Reya and Brett Wilson LLP contribute to a bad stigma, staining the entire occupation
 
Even Microsoft's Biggest Boosters (and Media Operatives) Are Turning Against Microsoft
Expect many more layoffs before the fake "results" next month
GNU Was Right 42+ Years Ago
Since then the abusive, user-hostile technology has spread like mushrooms
Old Isn't Always Inadequate
How many gadgets manufactured today (in 2025) will still work in 2075?
The Monkey Business of Rust People
Compatibility won't matter
Microsoft Lunduke Spreads Deliberate Lies to Incite Online Mobs
Has he lost his reading comprehension skills?
Our 19th Birthday (in Just Over 5 Weeks From Now)
We meanwhile have ongoing, solid plans to cover patent-related issues when the FSF turns 40
British GNU/Linux Distro FydeOS Tops DistroWatch
That seems like a decent site and decent effort to keep an eye on
We'll Soon Have 75,000 GemText Pages
avoid many perils of today's Web
Google Used Free Software to Build a Monopoly. Now Google Kicks Free Software to the Curb
The "G" in "Google" does not stand for GNU. It never did. It's just another greedy company.
Gemini Links 30/09/2025: Retro Hardware, Federated Fragmentation, and Nex Server Written in C
Links for the day
4 More Days Till "4 decades, 4 freedoms, 4 all users"
We are now just 4 days away from the rare anniversary
Two Months After Merging to Hide GitHub Losses Microsoft is Doing It Again (This Time Windows)
Merging those two together is not a sign of strength but a tightening of budget
Speculations About the Next Large Wave of IBM/Red Hat Layoffs
the mass layoffs are likely to happen on week 3 or 4 in October
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 29, 2025
IRC logs for Monday, September 29, 2025
Links 29/09/2025: Opposition to Surveillance Giant Google and Conflicts Worldwide (Moldova Sides With EU)
Links for the day
Links 29/09/2025: Datacenter Fires and "Too Much Internet Use Is Changing Teenage Brains"
Links for the day
Almost a Couple of Years After Microsoft Hijacked the Name 'Sudo' (to Describe Unrelated Windows Stuff) Microsoft Canonical Breaks Sudo in Ubuntu
These are vandals in "goodwill" or "security" clothing
Does the Good Law Project (GLP) Know the Director of Brett Wilson LLP Deems It OK to Endorse Violent Actions Against Trans People?
We were miffed to see this morning's report
Names Are Not Unique IDs and the UK Government's "Digital ID System" Would be a Nightmare
Digital surveillance, "apps", and worse (all the time)
What is Roy and Rianne's Righteously Royalty-free RSS Reader?
A news reader that uses OPML files and parses RSS feeds
The Free Software Foundation (FSF) Turns 40 in 5 Days
We should be talking about software freedom, not "Open Source"
It Feels Like Brett Wilson LLP Has Just Tacitly Admitted That It Defamed Me
It arguably admitted many other things by refusing to deny or address them (altogether)
Stefano Maffulli's Front Page Mentions "AI" 11 Times
They're more focused on slop (plagiarism) than sharing or Software Freedom
CMS Rot
With "modern" (bloated) content management systems (CMSs) there is a long chain of dependencies
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 28, 2025
IRC logs for Sunday, September 28, 2025
Slopwatch: Fake Articles About Linux 6.17 and Microsoft Meddling in Linux Development
today's Slopwatch is short because the picks are from Sunday
Gemini Links 29/09/2025: The Labor Wars and Retro
Links for the day
Links 28/09/2025: Windows TCO, Security Breaches, and Deutsche Bahn Woes
Links for the day
Datacentres Aren't Reliable for Backups
bad practices cause immeasurable levels of permanent data losses each and every day
Links 28/09/2025: Science, Censorship, and Security Incidents/Advisories
Links for the day
Gemini Links 28/09/2025: Golem and Cybertrucks
Links for the day
Links 28/09/2025: Moldova Elections, LLM Slop Failing Again to Accomplish Anything
Links for the day
Links 28/09/2025: Slop Does More Harm, Newly Released Epstein Estate Documents
Links for the day
Links 28/09/2025: Fentanylware (TikTok) 'Going Private' (the Dictator's Media Allies) and UK Mirror Lays Off More Journalists
Links for the day
A Year Ago, Only a Few Weeks After We Countersued the 'Hulk Hogan of UEFI', Our Webhost Came Under Attack
At the end of September 2024 our webhost received several threats
If Only Someone Warned Us About This...
Ubuntu is committing suicide with Rusty code
The Register - Kissing the hand that feeds it
hired to manage the publication several people connected to Microsoft, including the new Editor in Chief
The Myths of "Linux" and of "Intelligence"
As noted this morning
People Remembered GNU's Birthday (Which Helps Remind People It All Started in 1983, Not 1991)
Have the FSF and GNU earned the respect they deserve?
Slopwatch: Ponzi Schemes Promoted by Media Companies, Linux Journal Turning Its 30-Year Reputation to Dust, and Serial Slopper Brian Fagioli Plagiarising, As Usual
This bubble will end up very badly
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 27, 2025
IRC logs for Saturday, September 27, 2025