And one of the goals of UEFI is to prevent the some malicious code to infect the early booting process (or at least make it harder). Although the MBR (Master Boot Record) and other boot sector viruses reminds me the DOS era, but it's still not impossible to write one.
On the other hand, I don't think that in real life it can prevent the a smart virus. Warning: *conspiration theory* It will try to make the Palladium project to succeed. As you know DRM is technically impossible: the movie/audio players will always have the cryptographic keys and algorithms in them how to decode a video/audio stream. So one only has to reverse engineer them to pirate music. That's why Microsoft tries to create a protected environment within Windows (they originally wanted to release it with Vista), which someone cannot look at. The DRM crypto keys would be kept there, so the video/audio pirates wouldn't be able to reverse engineer. But the whole protected environment could be circumvented if the whole thing is not controlled from the beginning of the boot process. The TPM chip (trusted platform module) is now present in every modern motherboard, the last piece is the UEFI. Then the protected environment can become true. (Note: Protected environment won't prevent malwares from spreading or make you computer more secure. It makes your computer more secure _from_you_ for RIAA and MPAA. Same with "trusted platform module". It's not a chip you can trust, but a chip what MPAA and RIAA can trust which can keep you away from some parts of your own computer. Well, MS didn't have the courage to get this thing out, MPAA and RIAA has the pressure on them though I guess. Probably lots of people would give a finger and migrate to Linux or other OS). Csaba ________________________________________ From: [email protected] [[email protected]] On Behalf Of Tilghman Lesher [[email protected]] Sent: Sunday, June 17, 2012 12:22 PM To: [email protected] Subject: Re: [nlug] UEFI On Sun, Jun 17, 2012 at 9:51 AM, Chris McQuistion <[email protected]> wrote: > This trusted loader thing can be disabled in any UEFI BIOS, though (read > that article for more information.) Anyone comfortable going into their > BIOS won't have to "crack" anything. They can just turn it off. Those > people not comfortable with going into their BIOS can use Red Hat's loader. Correction: it can be disabled on any computer that uses an x86_64 processor. Considering how quickly devices are moving to ARM (where it cannot be disabled), I suspect this is a moot point. You *have* to go through their schema if you want Linux to work on the next generation of devices. -Tilghman -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
