Urge Hardware Companies to Stop Using UEFI (or Boycott Them), Don't Work on UEFI

Dr. Roy Schestowitz

2013-12-26 11:10:45 UTC
Modified: 2013-12-26 11:10:45 UTC

UEFI logo

Summary: Gummiboot developers continue to weaken the case for abolishing UEFI, which we now know is a serious security risk, not a feature

EARLIER this year I advised the managers of UEFI to withdraw 'secure' boot support -- an unnecessary addition which is basically an antifeature that can remotely brick hardware (rendering it unbootable, as has been attempted before based on an NSA programme).

There is some project called Gummiboot (inflatable dingy in German) which acts as a boot manager for UEFI. This package is developed by Red Hat, but "Red Hat's Fedora Project does not use gummiboot for booting UEFI systems," according to Wikipedia and other sources. This package, unlike GRUB, is not GPLv3-licensed. Gummiboot 42 was released some days ago and as Nathan Willis put it a year and a half ago "the biggest question that remains is whether it is wise to tacitly endorse secure boot by playing its games in first place."

The answer is no and as we approach 2014 (the article above is from June 2012) it is clear that Microsoft got away with this Intel-backed antifeature, which has not been widely abolished as we hoped. Vista 8 was a massive failure (exceptionally poor adoption), so it will be more constructive to urge OEMs to shun UEFI (saying it proved to be Linux- and GNU-hostile), not adopt it. This is not a goal that's unachievable and it is too late to work on in. Any effort, such as the above, simply weakens the antitrust complaint over Microsoft and UEFI. It has been very disappointing to see Red Hat joining NSA allies like Intel, IBM, and Microsoft, first tacitly promoting TPM and now treacherous/restricted boot. ⬆

Recent Techrights' Posts

Military-Grade Anti-Linux Microsoft Propaganda Using Microsoft LLMs in Fake 'News' Sites (Slopfarms): This is part of a pattern
Rust is Starting to Seem More Like Microsoft-hosted "Digital Maoism", Not a Legitimate Effort to Improve Security: Maybe this is very innocent, but they seem to have taken a solid, stable program from a high-profile Frenchman and looked for ways to marry it with GitHub, i.e. Microsoft/NSA
GNU (and the FSF) Still Changing the World: Today, in 2025, GNU powers almost everything
Links 09/05/2025: Analog Computer and First time at FOSDEM: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, May 08, 2025: IRC logs for Thursday, May 08, 2025
Links 08/05/2025: Mass Layoffs at Google Again, India/Pakistan Tensions Continue to Grow, New Pope (US) Selected: Links for the day
"Victory Day" - Part I: That is the Day Microsofters Who Assault Women Pay for Their Actions in Foreign Land (Using "Guns for Hire" Who Attack Their Own Country for American Dollars): Adding a friend from Microsoft to the docket didn't help
Gemini Links 08/05/2025: Practical Gemini Use Case, Shutdown of the Blanket Fort Webring: Links for the day
Links 08/05/2025: "Slop Presidency", US Government Defunds Public Broadcasting: Links for the day
Lasse Fister, Organiser of Libre Graphics Meeting, Points Out the Code of Conduct is Likely Violated by the Same People Who Promote Codes of Conduct (and Then Bully Him Into Cancelling a Keynote): I am starting to see Lasse Fister as another victim
LLM Slop Attacks Not Only Sites of Free Software Projects But Also Bug Reporting Systems (Time-wasting, in Effect "DDoS"): Microsoft, the leading purveyor and promoter of slop, is a cancer
The Richard Stallman (RMS) "European Tour" Carries on In Spite of the Nuremberg Incident: Some people spoke about how they saw yesterday's talk
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 07, 2025: IRC logs for Wednesday, May 07, 2025
The CoC Means the Founder of GNU/Linux Cannot Talk and a 72-Year-Old Man With Cancer is Somehow a "Safety" Risk?: Those who don't like RMS are not forced to attend his talks
Gemini Links 07/05/2025: A Shopping Spree and Digital Gardening: Links for the day
Links 07/05/2025: Pegasus Guilty and a Path Towards EU Without Russian Energy: Links for the day
People Used to Talk: If pets can live a measurably happy life without gadgets and "apps", why can't humans?
Outsourcing GNU/Linux to Microsoft GitHub Promoted by Microsoft LLM Slop and Army Officers: Something doesn't seem right
Weaponisation of For-Profit Dockets - Part III: No More Media Lawsuits From Brett Wilson LLP This Year, One Can Only Guess Why: People leak a lot of material to Techrights because they know, based on the track record, that the sources will be protected and whatever gets published will stay online, in full, no matter how stubborn an effort (even lawsuits and blackmail) will be sent its way
Gemini Links 07/05/2025: Adopting GrapheneOS, Further Enshittification of Flickr: Links for the day
Links 07/05/2025: CISA Gutted, Debt-Saddled (Likely Insolvent) 'Open' 'AI' (Proprietary Slop) Faking Its Financial State Again: Links for the day
Finland, Lithuania, and Latvia Fortify Their Digital Border With GNU/Linux: This month's data from statCounter is particularly interesting near the Baltic Sea
The European Patent Office (EPO) Has a Very Profound Corruption Issue, Far More Urgent an Issue Than Pronouns: a rather long document
Richard Stallman Gives Public Talk at Technical University of Liberec, Czech Republic: "For programs that you could run, and for network services that could do your own computing, under what circumstances is it reasonable to trust them?"
Today We Turn 18.5: The eighteenth "and a half" anniversary
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 06, 2025: IRC logs for Tuesday, May 06, 2025