Given the condition you are _not_ on ARM.
Read up the facts and don't be a sheep of the system!

SecureBoot is stealing the users' freedom and should be abandoned asap; the excuse it has been introduced for is a shame to all computer users and the loose conditions for x86_64 are only there to abandon initial criticism.

Following the Bieber analogy:

All the CD's being sold are Bieber CD's. Some pirate radios play other music but you have to know how to find them, tune on to the right channel and record the music yourself in order to play it on a CD. But wait! No one sells empty CD's. (For the purpose of the analogy, let's assume all CD's are rewritable). So the only way to get other music is to buy a Justin Bieber CD, and record other music on top of it.

There are some specialist stores that sell empty CD's, but they are actually more expensive than Bieber CD's. And they are few and far between. So most people just end up buying Bieber CD's and recording over them.

But not so fast! Suddenly Bieber's recording label decides that the next CD they release needs to have a mechanism that makes it really hard to record over the CD's. They devise some kind of DRM scheme, and leverage the CD-player manufacturers that their players must implement this DRM that prevents recording on top of Bieber CD's. They justify this as protecting the consumer's CD player from malicious music. Music aficionados know how to circumvent the DRM, but it is way too difficult to the layman.

At the same time, there are a couple of small bands - one is called Frank & The Flying Fedoras, and another is some kind of ethnic world music, sounds kind of African - who collaborate with Bieber's recording label to get their songs released in such a format that they can be recorded on the Bieber CD's. Now you can easily listen to Frank & The Flying Fedoras by inserting your Bieber CD, tuning in to the right station and pressing rec, but if you try to listen to any other music, you have to circumvent the DRM. Also, Frank & The Flying Fedoras can only be listened to with certain volume & EQ settings. If you want to change the settings, you again have to circumvent the DRM.

The end result is that Bieber keeps getting richer and more obnoxious, and everyone is sick of him, but most just sort of grudgingly accept that if they want to listen to music, they have to tolerate him. Meanwhile the underground music scene is divided. Some people are really pissed at Frank and the other bands for going along with this idiocy, while others defend Frank and say he's doing good work making music more accessible - it's just a fact of life that you have to work with Bieber, they say; no one likes it, but what can you do, let's be realists here, they say.

That's not how asymmetric cryptography works. The signing key never leaves Red Hat.

It's funny how you forgot to mention:

• People have usable alternatives to this Bieber CD (you say that no one else sells empty CDs, but there are open ARM boards)
• No one is pointing a gun at the people who buy the Bieber CD
• People can do whatever once inside Windows (your example mentions "certain volume & EQ settings")
• People should be blamed by their own stupidity
• The fair solution to the problem; how would you implement a secure-boot-alike technology

It's like blaming intel because the CPU you just bought doesn't fit your AMD motherboard. The user is expected to know the basics of what they're doing!
Apple locks their devices and no one complains. Suddenly MS does the same to theirs and it's the end of the world!

Don't like secure boot lock? Don't buy Windows ARM devices! What kind of lack of options are you talking about!? There's Android! There'll be Sailfish, and Firefox OS, Ubuntu devices. Just don't buy locked devices, Microsoft of otherwise. They need us much more than we need them. THEY should bend to our desires, not us to theirs!

Information is key, and social networks are all the rage nowadays! If you feel like spending time on this issue, please DO something instead of talking about it on phoronix where everyone is already aware and against forcing secure boot. Remember SOPA? Make a pretty video explaining (no bias) why ARM and SB is currently VERY BAD for everyone, and why people should care. Your time will be much better spent there!

I didn't forget to mention anything -

1. I don't really care about Microsoft's ARM devices (ie. Surface RT), they're really crappy anyway. At this point ARM devices == mostly phones & tablets, and people who buy those mostly consider them (and use them as) devices, not computers. ARM is not an issue as there are alternatives in the ARM world.

Secure boot on x86 is a much worse issue. When it comes to x86 it is exactly as I said - 90% of x86 CD's are Bieber CD's, some specialists sell empty x86 CD's but they are often more expensive than equal length Bieber CD's.

2. That's a stupid libertard argument. Things can be wrong even if physical coercion isn't involved

3. Firstly, The part in analogy about volume & EQ did not even refer to windows, perhaps you didn't understand it very well. Secondly, people CAN'T do whatever once inside windows - windows is a restricted system, it doesn't let you do what you want to do if it's against microsoft's wishes.

4. That's also a stupid and kind of heartless argument. Some people are not as skilled with computers - that doesn't mean they are stupid. And even if there are stupid people, it's still not ethical to abuse the stupidity or lack of knowledge of people.

5. I wouldn't. SB is pointless. Any system that depends on a top-down model of trust is flawed. The user should be the only source of trust on their computer. SB would work if it A) ONLY accepted user-created certificates and B) was ALWAYS opt-in, ie. it would be disabled by default, so that regular people - who don't really care about the extra security - wouldn't have to deal with it.

Doesn't matter. With enough time and processing power it can be done.

Humm... If you mean that the system you're trying to crack will still be usefull some millions of years in the future, then sure! You WILL crack it... one day...

Please read on cryptography before posting stuff about it. It's not as easy as it sounds, and not always breakable (in a non-bruteforce way). Brute forcing WILL break it, but not in a useful timeframe, unless you're VEEEEEEERY lucky (turns out that one of the initial iterations is the right one).

There has been systems encrypted with TrueCrypt that neither the FBI or CIA have been able to crack.

Really!? x86, the platform where OEMs are advised to give the users the choice to disable it and configure it is the worst issue!?

Yes. OEM's are coerced into implementing secure boot in order to sell win8 machines. Secure boot makes it difficult for average users to change their OS. It's possible to do it if you know what you're doing, but way too difficult for the average user. This makes it harder to try alternate operating systems.



It is a stupid argument. Just because you're not physically coerced to do something doesn't mean you're not forced. Just because you're not forced to do something doesn't mean it isn't wrong. Users are forced to buy hardware with "secure" boot because there is no realistic choice - if you're buying new x86 hardware, 99% of cases it either comes with "Secure" Boot, and hardware that doesn't have "secure" boot is more expensive.



You can't break microsoft's DRM. You can't modify your system to do what you want.



Corporations are not the same thing as nature. Corporations are ran by people who can make choices. Those people are responsible for their actions, and by extension, so are corporations - if corporations act criminally, they can be held accountable in a court of law. Nature cannot be blamed because it's not a sentient entity, you cannot hold nature responsible for anything - if a crocodile eats you, you (or your relatives) can't take nature to court for allowing a crocodile to eat you.

In other words, comparing corporations (or people) to nature is stupid.



And that's what people are doing now. Even the title of this thread says it clearly - people are filing a complaint with EU over "secure" boot.



So? Perpetuating a wrong does not make it right.

Any system should be designed in such a way that user's freedom is the default assumption, and any feature that takes away from user's freedom needs to be opt-in, not opt-out like in "secure" boot.



I don't have any hardware that uses "secure" boot and I don't intend getting any. What does your response have to do with what I said? I said a decent, functional SB implementation should ONLY accept user-created keys, and should always be opt-in. There is no such SB implementation on the market.



"Secure" boot, as it is currently implemented, does NOT benefit the average user. Average users are not knowledgeable enough to create and use their own keys with the current SB implementations, so they default to using MS's flawed top-down trust model. This is unacceptable. No one should place their trust in MS.