So grub doesn’t work? I thought it did? I saw that the Surface Pro 3 is a Secure Booting UEFI device... It would make a nice NixOS laptop :-)
Also, the Ubuntu boot loader is apparently signed by Microsoft. Just random thoughts sorry. Wout. On May 26, 2014 2:44 PM, "Third3ye" <tredje...@gmail.com> wrote: > Personally I had to disable UEFI secure boot by using the "other OS" > option... something which can cause severe problems for then again gaining > access to the operating system, if the UEFI software completely dumps the > KEKs. I was lucky and somehow got back in without having to resort to using > a recovery USB stick. But I'm assuming this maybe a problem for other users > and seeing that more and more machines are released using UEFI and Secure > Boot I feel this needs to be addressed. > > Since, however, it's out of my league I can only request that it be taken > into consideration that shim should take over as the default UEFI solution. > If not there is another solution called rf boot... rl boot? I can't > remember. But here are a few articles that explain that it is not only > possible but also necessary. How we approach such a problem... well, like I > said: out of my league. > > Here is a rather large article about the issue of implementing UEFI Secure > Boot in Linux. > > *"The Growing Role of UEFI Secure Boot in Linux Distributions*" > > > http://www.linuxjournal.com/content/growing-role-uefi-secure-boot-linux-distributions<?view=att&th=146388fa8de8cb56&attid=0.0.1.1&disp=emb&zw&atsh=0> > > For those of you who maybe conscerned that UEFI secure boot is challanging > the presence of FOSS operating systems the Linux Foundation released a > document stating why these fears are not accurate. > > *"Making UEFI Secure Boot Work With Open Platforms*" > > > https://www.linuxfoundation.org/sites/main/files/lf_uefi_secure_boot_open_platforms.pdf<?view=att&th=146388fa8de8cb56&attid=0.0.1.2&disp=emb&zw&atsh=0> > > Conclusion of the article from The Linux Foundation: > > *"The UEFI secure boot facility is designed to be readily usable by both > proprietary and open operating systems to improve the security of the > bootstrap process. Some observers have expressed concerns that secure boot > could be used to exclude open systems from the market, but, as we have > shown above, there is no need for things to be that way. If vendors ship > their systems in the setup mode and provide a means to add new KEKs to the > firmware, those systems will fully support open operating systems while > maintaining compliance with the Windows 8 logo requirements. The > establishment of an independent certificate authority for the creation of > KEKs would make interoperation easier, but is not necessary for these > platforms to support open** systems**.* > > > Thank you for your concern, now back to the Wiki work... > > Cheers! > Signed Third3ye > > _______________________________________________ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev > >
_______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
