UEFI 'Secure' Boot is Not About Security, Insyde Software's Business Model is Misguided and Dangerous

Dr. Roy Schestowitz

2013-06-06 14:10:04 UTC
Modified: 2013-06-06 14:10:04 UTC

Corporate insecurity for Insyde Software, corporate security for Microsoft

UEFI

Summary: Promotion of bad ideas by Insyde Software merits another discussion about what UEFI actually means to ordinary GNU/Linux users

The main problem with UEFI is its effect on freedom. It's not just about restricted boot but also patents and other issues covered in the criticism section in Wikipedia.

A new press release from Taiwan describes UEFI as a security mechanism, but this is utter fiction. Last month I spoke for over an hour with the president of the UEFI Forum, covering in length the aspect of security. He too was led to agreeing with me that security is hardly improved by UEFI, which can have its barriers bypassed and ignored. The press release says something like this:

Insyde Software, a leading provider of Unified Extensible Firmware Interface (UEFI) BIOS, today announced the availability of new UEFI security features including Secure Boot and secure firmware update for leading Linux distributions.

No, thanks. Linux does not need UEFI for security. Even Torvalds rejects the 'security' claim (he dislikes 'secure' boot in general [1, 2]). So the above is a marketing gimmick, that's all. Insyde Software will boost flawed claims of 'security', so we should all be prepared to rebut.

Dr. Garrett, an expert in this field and occasional apologist, demonstrated that UEFI with Linux can brick hardware [1, 2, 3]. So much for security, eh? He is supporting it, sadly enough, based on very weak grounds. He should have antagonised it instead. Earlier this week he posted an update on the bricking issue:

Meanwhile, Samsung got back to us and let us know that their systems didn't require more than 5KB of nvram space to be available, which meant we could get rid of the 50% value and replace it with 5KB. The hope was that any system that booted with only 5KB of space available in nvram would trigger a garbage collection run. Unfortunately, it turned out that that wasn't true - some systems will only trigger garbage collection if the OS actually makes an attempt to write a variable that won't otherwise fit.

So the search for a solution goes on under the false pretences that buggy, experimental UEFI sometimes adds something for GNU/Linux users to enjoy. The practical benefits of UEFI are very minor to ordinary desktop users. UEFI is good for two monopolies: the Intel/x86 monopoly and the Windows monopoly. ⬆

Real Security Elusive, Microsoft Layoffs to Coincide With Certificate Apocalypse: July 1
2026 is a Year of Strikes at the European Patent Office (EPO): As it stands at the moment, to many people the EPO represents crime, not law
Only 1.5% Oppose the European Patent Office's (EPO) Strikes and Other Industrial Actions Until 2027: Among those polled/surveyed (in a ballot)
Microsoft Insiders - Not Limited to XBox - Expect a 'Bloodbath' (Their Own Word): This isn't limited to XBox
Reports of "PIP" as Means of Mass Layoffs at IBM This Year: some insights into the PIPs
SLAPP Censorship - Part 112 Out of 200: Strangles Women, Then Refuses to Even Attend Any of His Own Hearings About It: It is meanwhile very apparent that Brett Wilson LLP is becoming a "mench sphere"
Gemini Links 20/06/2026: "There Was Never Supposed to Be a Camera" and "What Is A Programming Language"?: Links for the day
Geminispace Reaches Its 8th Year, Today It Has Turned 7: Gemini Protocol 'went live' 7 years ago, just before the COVID-19 pandemic
Links 20/06/2026: "Full Page Paralysis" and "Hopes For Xbox’s Future Might Be Over Before It Even Begins": Links for the day
European Patent Office's (EPO) Strikes "at a Scale not Seen Since Battistelli", European Patent Grants Down by Over 25% in Past 3 Months: The actions are effective
Links 20/06/2026: Microsoft's "Year of Shame" and "Feed the Writers": Links for the day
Web Browsers Are Technically Bloatware (No Matter What Runs in Them): Don't make it a society that shames people into using a Web browser where none should be needed
Fedora Has Changed a Lot Since I Last Used It (IBM Dominates Almost Everything, IBM Agenda Displaces Community Goals): "It is effectively 100% run by Red Hat/IBM employed people... even when they are community-elected representatives."
Andy (Cyber Show) on His Teacher Who "Squeezed Every Last Drop Out of Life, With Gratitude, Humility, Generosity and Mettle": Some call them "eccentric" and are dismissive about what they have to offer
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, June 19, 2026: IRC logs for Friday, June 19, 2026
Gopher/Gemini Links 20/06/2026: Slop With Tcl/Tk and Nokia 770 Perishes: Links for the day
SLAPP Censorship - Part 111 Out of 200: Garrett and Graveley (the Latter Arrested for Strangling Women) Keep Ousting Their Collaboration in Litigation, Lawfare in a Foreign Continent: it's not law, it's just warfare disguised as "law"
European Patent Office (EPO) Series: Lobbying in Lisbon...: reappointment campaign lobbying has not been restricted to the "home front" in Portugal
Slop Making Its Way Into Terms Where It Does Not Belong: Hopefully by year's end Google News can successfully cull (and deprive of traffic) almost all slopfarms
Links 19/06/2026: Microsoft Patent Troll Intellectual Ventures in Europe, "World Cup of Internet Resilience": Links for the day
Links 19/06/2026: Salesforce Data Thefts and GAFAM's Conspiracy Theories That Data Center Opposition is a Foreign Plot: Links for the day
Links 19/06/2026: The Retweeting Class and Data Centres as National Security Risk: Links for the day
Don't Attack the Wives (or Spouses) of Pundits/Activists/Journalists: We will be writing several series about this in the future
Society Will Only Improve Owing to People Who Push Boundaries: Push boundaries with ideas and facts, not with forbidden language
Internet Relay Chat (Shorthand IRC) is Still Growing: Contrariwise, social control media is waning
The Register MS Published a New Page With "AI" 21 Times in It. It Was Paid SPAM.: The former editor of the The Register MS admitted to me (directly) that he knew all this "AI" stuff was stupid hype
Murdoch's Wall Street Journal (WSJ) Associates Dependence on a Ponzi Scheme With "the Future": Those ludicrous ads (disguised as rankings) from WSJ deserve scorn and ridicule
The XBox Story is Still Fast-Developing, the Layoffs Are Confirmed to be Happening Already (Mid-June), Just Not "Officially": Workers have Microsoft have long braced for what is happening this summer and will accelerate further in two weeks' time
Fake News From Rupert Murdoch's WSJ Could Not Keep IBM From Sinking: "2026 Best Companies for the Future"?
To GNU, AV2 Adoption May be a Year If Not Years Away: The leap between versions means that there is fertile ground for incompatibilities
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, June 18, 2026: IRC logs for Thursday, June 18, 2026
Gemini Links 19/06/2026: "Born and Raised by the Internet", Fifteen Years in Gopher: Links for the day
Links 18/06/2026: Clown Computing Has Harmful Sound, Facebook "Must Face the Music (Infringement Litigation)": Links for the day
Digital Sovereignty Discussed in the United Kingdom (UK): Digital Sovereignty would be nice, but let's remember what contributes to it
IBM Adds Only More IBM Staff to the Fedora Council, They Like LLM Slop for Posting 'Articles': It's like Canonical with Ubuntu, only worse
IBM Common Stock Down to About $250, It Was at $330 Just 17 Days Ago: Happy birthday IBM!
Microsoft's CEO Openly Admits XBox is Not Sustainable and Microsoft is Beginning to Admit Slop Isn't Working and Is Not Not Sustainable Either: Expect Microsoft cancellations next month (or later this month) to impact far more than XBox and some studios
EPO and Disabilities: Payments Allegedly Disabled: But people who do cocaine can claim paid "sick leave" (over 100,000 euros for no work at all) if the President sleeps with them
SLAPP Censorship - Part 110 Out of 200: Anti-SLAPP Reform Formally Advanced in the United Kingdom (UK) the Same Week the Serial Strangler From Microsoft (US) Does Forum-Shopping in the UK: The only language they understand is money. They don't understand privacy.
Links 18/06/2026: UK Social Media Ban for Minors, Finland Lifts a Nuclear Weapons Ban: Links for the day
'Article' With "AI" 27 Times in the Page, It's "Partner Content" (Paid Spam) as Usual at The Register MS: We deem this a timely reminder that a lot of the hype around slop is paid-for lies
Microsoft Layoffs Have Reportedly Already Started at ZeniMax: The overall scale is unknown
Cyber Show: "Our independence remains intact and we're set to continue relentlessly probing the world of digital technology with hard questions": As one should
European Patent Office (EPO) Series: Leveraging the Lusitanian Connection: Mendonça no longer functions as an independent agent but rather as a fig-leaf for a mafia-like entity that prizes obedience over integrity and self-preservation over truth
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 17, 2026: IRC logs for Wednesday, June 17, 2026

UEFI 'Secure' Boot is Not About Security, Insyde Software's Business Model is Misguided and Dangerous

Recent Techrights' Posts