Re: [PLUG] Booting, UEFI, BIOS

Keith C. Perry on 10 Jul 2017 13:27:38 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Booting, UEFI, BIOS

From: "Keith C. Perry" <kperry@daotechnologies.com>
To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Booting, UEFI, BIOS
Date: Mon, 10 Jul 2017 16:26:57 -0400 (EDT)
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
Thread-index: kKgLHc4HiKHcROyEcVxNdeRgiFGJYg==
Thread-topic: Booting, UEFI, BIOS

I suppose anything is possible if the boot roms are in socketed chips on the motherboard (not always the case these days) and you have EEprom equipment but that gets way more low level than should be necessary.

Ultimately this should be solved by getting hardware vendors back to the business of making good, spec compliant, flexible hardware so consumers can run what they want.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ 
Keith C. Perry, MS E.E. 
Managing Member, DAO Technologies LLC 
(O) +1.215.525.4165 x2033 
(M) +1.215.432.5167 
www.daotechnologies.com

----- Original Message -----
From: "Greg Helledy" <gregsonh@gra-inc.com>
To: plug@lists.phillylinux.org
Sent: Monday, July 10, 2017 4:11:58 PM
Subject: Re: [PLUG] Booting, UEFI, BIOS

On 07/10/2017 03:00 PM, plug-request@lists.phillylinux.org wrote:
> Much of the "evil" reputation comes from secure boot rather than UEFI
> generally. In particular, fears of vendors not allowing you to specify
> your own keys or turn secure boot off.

The BIOS/boot utility itself can be updated/replaced, at least that was 
always the case in the past.  If one day in the future general-purpose 
x86 PCs started being sold with secure boot locked "on", it would still 
be possible to get around that by flashing the BIOS/boot utility with a 
hacked version, correct?

I'm not a programmer but it seems to me that, unless the boot utility 
itself is somehow encrypted or otherwise obfuscated, taking a working 
copy of the boot utility software provided by the motherboard 
manufacturer and finding the part that deals with secure boot and 
deleting it, shouldn't be terribly complex as far as hacking tasks go. 
Am I wrong?

-- 
Greg Helledy
GRA, Incorporated
P:  +1 215-884-7500
F:  +1 215-884-1385
www.gra.aero
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- Re: [PLUG] Booting, UEFI, BIOS
  - From: Greg Helledy <gregsonh@gra-inc.com>

Prev by Date: Re: [PLUG] Booting, UEFI, BIOS
Next by Date: [PLUG] [plug-announce] Tue, Jul 11, 2017: PLUG North - "icinga2bot for Python-based ChatOps" by Rachel Rawlings (6:30 pm at CoreDial in Blue Bell)
Previous by thread: Re: [PLUG] Booting, UEFI, BIOS
Next by thread: [PLUG] Key Signing at PLUG West July 17
Index(es):
- Date
- Thread