Announcement

Collapse
No announcement yet.

SecureBoot Is Now Easier For Smaller Distributions

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by uid313 View Post
    UEFI can run in the background and can run background services behind the OS while the OS is also running.
    UEFI have much more control over the system and has a built-in TCP stack.

    BIOS is much more simple and can not run stuff in the background.

    UEFI is much more dangerous and likely to be vulnerable, exploitable and backdoored.
    I really hope you don't have recent Intel motherboards in any of your computers- otherwise, you very likely have Intel's Management Engine as part of your BIOS/UEFI. It's a very interesting technology if you are the one controlling it- it's basically another OS inside your computer that's trusted to do everything- with it's own networking stack as well. It's also hugely undocumented, and the main reason Flashrom can't be used safely on vast numbers of recent computers with Intel motherboards.

    Comment


    • #12
      Originally posted by dashcloud View Post
      I really hope you don't have recent Intel motherboards in any of your computers- otherwise, you very likely have Intel's Management Engine as part of your BIOS/UEFI. It's a very interesting technology if you are the one controlling it- it's basically another OS inside your computer that's trusted to do everything- with it's own networking stack as well. It's also hugely undocumented, and the main reason Flashrom can't be used safely on vast numbers of recent computers with Intel motherboards.
      Wow, Intel Management Engine and AMT is pretty creepy stuff.
      It is intended for companies and schools and such, but its pretty creepy.

      Comment


      • #13
        Originally posted by varikonniemi View Post
        The very minimum requirement should be that this key adding procedure would be doable from the UEFI specs and the computers came at most preinstalled with a microsoft key.
        They already do, when properly implemented. The hysteria has drowned out the reality, though.

        Comment

        Working...
        X