TPM TC UEFI and Richards rants, part 2, Linus answers 
12.6.12, 11:22 - Linux
Remember what i said half a year ago?
If UEFI is implemented the right way, there is no need to fear anything, and no need to trouble over microsofts call to make computers more save. even i do admit to use TMP n some cases. ... 019-095156

now I am reading an interesting debate about just this with Linus Torvalds, and he is exactly saying this:
I’m certainly not a huge UEFI fan, but at the same time I see why you might want to have signed bootup etc.[...] Yes, yes, the sky is falling, and I should be running around like a headless chicken in despair over signing keys. But as long as you can disable the key checking in order for kernel developers to be able to do their job, signed binaries really can be a (small) part of good security. I could see myself installing a key of my own in a machine that supports it.

Even the he Linux foundation suggests how Secure Boot should be used with Linux:
Some observers have expressed concerns that secure boot could be used to exclude open systems from the market, but, as we have shown above, there is no need for things to be that way. [...] ... -platforms

It's so nice to know I'm not the only one that thinks this way :-D



Kommentar hinzufügen