I just hope this won't blow up. There has been so much trouble with UEFI, even bricked mainboards.
Just yesterday I had the pleasure of "just updating" a laptop's SuSE (mainly Adobe's crapware flash, but they needed it for some TV sites), and also took several other things that had accumulated and then suddenly SecureBoot struck me (it was bought with SuSE preinstalled but iirc. it was meant to be sold w. W8) In the end it took me 4 hours to switch to legacy boot mode (grub would freeze then), hook up a SuSE 13.2 install media, backup the box via console / USB HDD and then reinstall SuSE in classic mode. The (~500G) HDD was also in UEFI's GPT partition mode so I would rewrite the partitions.
Also there was a separate boot partition (which is okay and what I normally do for grub + kernel) but this was a VFAT FS...

"Just" took me 4 hours at all. "Just" wanted to update the flash players on two computers. (The elderly people were confused by FF's messages about it being vulnerable (again). But then you can't leave them with a non working laptop so I had to fix things.)
I know SecureBoot and UEFI are not neccessarily exactly the same but they go hand in hand.

Really interesting were the SuSE installation hints about UEFI. About writing to firmware chips, brinking, failing FS cleanups in those file systems there, even writing partition UIDs to the flash chips? I once thought a computer was there to help me do my stuff and not dictate me what to boot and what not. And just because MS had security issues up to the moon responsibility was shoved off to the firmware side and now we all have to suffer.

And now I imagine what will happen if something during firmware update goes wrong. Or some bits flip for a checksum / security key.

This had taught me another time reasons why I hate UEFI.

Had the same problem with Kubuntu 15.04 a few days ago. After an update my XPS13 would just refuse to load grub. Searched for a solution online, but the only suggestions I have found were to disable Secure Boot which in the end was what I did.

"I only know how things were done in the 1980s, am resistant to change, and refuse to update my knowledge"

Sure, it is a big improvement that an update to your OS stops you from booting it at all. Because the firmware said so.
Sure, it bust be great that you can store some variables in some location. But if you store too much or maybe write at the wrong position of if the embedded firmware has a bug, then, voila, the box is bricked. Really, great improvements we see for the 2010s.

UEFI was meant to improve the old BIOS, overcome limitations. That was one goal, yes. But to me it seems
a) they did not succeed
b) certain people with their DRM stuff made it into it
c) it's totally bloated. Why do you need a whole OS under the OS? Why does it need a whole network stack? So much open surface for errors and security / privacy issues.

Coreboot seems the way to go. Modern, small, ported and freedom to the best possible degree.

Do you care about the answers to your baited questions, or are you just showing off?

edit: I've written a primer about UEFI, for hardware enthusiasts. http://forums.hexus.net/pc-hardware-...ml#post3498782

Gee, you made two comments here that were both rude and with no substance. I seem to recall you do this a lot...

Your UEFI "primer" does not address the very valid concerns Adarion has with UEFI. People on a Linux blog may prefer a open source replacement for BIOS? Shocker!

If people on this forum weren't, by and large, extremely loud, angry, and uninformed, that might not happen.

Of course, on most planets, a 1400 word primer written for people at Adarion's technical level would be considered "substance". But this is Phoronix.

He doesn't have "concerns", he has "complete lack of relevant domain knowledge".

Since you seem to consider it vital, let's sit and deconstruct all the reasons he doesn't know what he's talking about.

Covered in my primer, "Anything else I should know?".

Covered, "What's this "secure boot" I hear so much about?"

Covered, "Okay. But my drive isn't bigger than that. Can't I keep using BIOS, since I know it?"

Covered, "Then what?"

Covered, "Installed to?"

In no dimension do you get to blame choosing to reset a firmware to default settings on a completely unrelated act (updating a package in an OS)

Covered, "What's this "secure boot" I hear so much about?"

Covered, "Anything else I should know?"

Covered, "Installed to?"

Covered, "And stops me booting what I want"

Good job classic 16-bit BIOS updates never go wrong, right?

"I don't understand the thing, so I hate the thing because it is the thing's fault"



Whether Coreboot is better (in a few ways it is, in many ways it's worse) is irrelevant. Utterly, entirely irrelevant. Tens of millions of UEFI-based systems are being sold per year. Tilting at windmills isn't going to change that.

Your solution is for you to be even more loud and rude?

The way it is done is for you to respond directly and NOT link to comments on another site which were mostly irrelevant to the issue of using Coreboot over UEFI.



Whether WINDOWS is better (in a few ways it is, in many ways it's worse) is irrelevant. Utterly, entirely irrelevant. Tens of millions of WINDOWS-based systems are being sold per year. Tilting at windmills isn't going to change that.

Maybe we should all be using Windows instead full time and get off of this site. We get it... You like UEFI, move on.

Thanks for playing.

UEFI allows you to load your own security keys or disable SecureBoot altogether if there is no UEFI password set. Former can be used for having a (self-)signed Linux, latter for just disabling signature check. Latter will most likely make Windows not bootable if installed with SecureBoot on but you don't have one so might as well do it. It is a far better option than using legacy mode and doesn't involve reinstalling your Linux