System76 Ditches UEFI Firmware Trash, Ships Coreboot Firmware on Linux Laptops.
I noticed today while looking around, that System76 has gotten rid of the UEFI trash on most of their products.
UEF is designed heavily around Windows and is full of bugs (here’s the list of them on my Lenovo ThinkBook 15 ITL Gen2) and promotes Microsoft’s lock-in, Security Theater Boot. I’ve had nothing but problems out of UEFI and even had to take legal action against Lenovo for abusing the customers and violating American laws with it.
Coreboot is the firmware that people deserve to have.
"Coreboot is the firmware that people deserve to have."It’s actually designed to “Just boot the computer and get the Hell out of there.”, which is what Linus Torvalds said he missed about “PC BIOS”.
It’s up to the user, really, what they want to run and so I congratulate System76 for taking strong and decisive action on behalf of their customers and recommend that people who need an x86 PC with Linux take their business to System76 as I will do next time I need a laptop.
Good behavior deserves to be rewarded!
UEFI is so bad that it should never have been released.
Lenovo should be ashamed of shipping this garbage on their computers.
Many times it doesn’t even work right on Windows.
They’re constantly patching it, and sometimes when you apply the patch it screws up Windows and your bootloader isn’t recognized, or “Bitlocker” won’t let you in unless you know your recovery key.
It’s even worse than the worst “Legacy BIOS” implementation I had ever encountered on dozens of PCs I owned over the years that it was shipped.
"You can pretty much expect ACPI issues and potentially dead hardware with UEFI, just from the operating system using its documented interfaces."The very worst problem I ever encountered on “Legacy BIOS” was an ACPI problem, but at least the computer worked and I raised Hell with the vendor and it got fixed.
You can pretty much expect ACPI issues and potentially dead hardware with UEFI, just from the operating system using its documented interfaces.
A system firmware that is well-designed should never risk being “bricked” because you loaded an OS.
UEFI implementations were poorly designed and went out without any testing.
Lots of the worst BIOS code (ACPI) was lifted straight out of Legacy BIOS, and then they went and created new disasters.
More than 10 years later, UEFI has only barely gotten better, in general.
In some ways, worse. (Depending on hardware vendor.)
Malware “in the boot path” is not an actual problem Linux users are having.
Even on the Windows side, Microsoft mostly threw “Secure Boot” in because people were using programs running before Windows started to trick the Product Activator. But those aren’t “malware”. They’re illegal, sure. (At least in the US.)
Also, why would you even run Windows for free? Eww.
But they are not threatening the user.
"Now that we have affordable alternatives to UEFI, even on the PC, don’t buy UEFI!"The only sane thing to do about UEFI “Secure Boot” is turn it off and just use the computer, but that’s in no way guaranteed to work forever. Microsoft could change the Windows license program and remove the part about the user being allowed to turn it off, and they probably will at some point.
After Ubuntu screwed me on the “Boothole” patch by incompetently updating the “dbx” ahead of other Linux vendors, rendering me unable to boot into Fedora, I reset Secure Boot on the Yoga and then turned it off.
I’ve never used “Secure Boot On” on the ThinkBook since removing Windows.
It doesn’t provide any actual security, it’s just one more thing in the way of running your PC the way you want.
And your OS vendor shouldn’t have to buy a “hall pass” from Microsoft, which is basically the way “Secure Boot” works on Linux now. The way Lenovo ships their laptops, the only way to control Secure Boot is turn it on or off. That’s pretty much it. If they let you have any control over it, it defies being documented (on purpose).
Even Theo de Raadt, the person behind OpenBSD rolls his eyes at “Secure Boot”.
It’s better to just buy a firmware that doesn’t do this to you as it certainly doesn’t solve any actual problem Linux users have.
Now that we have affordable alternatives to UEFI, even on the PC, don’t buy UEFI!
Not only is UEFI system firmware code objectively horrific now, unless we want to live in a future where Microsoft controls the PC, we should support computer makers that provide us with alternatives where Free Software will continue to be allowed. Otherwise, we will eventually run out of time and Microsoft will disallow operating system choice from the moment you press the power button. ⬆
EFI is this other Intel brain-damage (the first one being ACPI). It’s totally different from a normal BIOS, and was brought on by ia64, which never had a BIOS, of course.
[…]
Sadly, EFI people (a) think that their stinking mess is better than a BIOS and (b) are historically ia64-only, so they didn’t do that, but went the “we’ll just duplicate everything using our inferior EFI interfaces” way.
–Linus Torvalds (before UEFI made it to PCs in an even worse state than it was in on ia64 and Macs)