Summary: Gummiboot developers continue to weaken the case for abolishing UEFI, which we now know is a serious security risk, not a feature

EARLIER this year I advised the managers of UEFI to withdraw 'secure' boot support -- an unnecessary addition which is basically an antifeature that can remotely brick hardware (rendering it unbootable, as has been attempted before based on an NSA programme).

There is some project called Gummiboot (inflatable dingy in German) which acts as a boot manager for UEFI. This package is developed by Red Hat, but "Red Hat's Fedora Project does not use gummiboot for booting UEFI systems," according to Wikipedia and other sources. This package, unlike GRUB, is not GPLv3-licensed. Gummiboot 42 was released some days ago and as Nathan Willis put it a year and a half ago "the biggest question that remains is whether it is wise to tacitly endorse secure boot by playing its games in first place."

The answer is no and as we approach 2014 (the article above is from June 2012) it is clear that Microsoft got away with this Intel-backed antifeature, which has not been widely abolished as we hoped. Vista 8 was a massive failure (exceptionally poor adoption), so it will be more constructive to urge OEMs to shun UEFI (saying it proved to be Linux- and GNU-hostile), not adopt it. This is not a goal that's unachievable and it is too late to work on in. Any effort, such as the above, simply weakens the antitrust complaint over Microsoft and UEFI. It has been very disappointing to see Red Hat joining NSA allies like Intel, IBM, and Microsoft, first tacitly promoting TPM and now treacherous/restricted boot. ⬆