Results 1 to 12 of 12

Thread: Secure boot

  1. #1
    Lounger
    Join Date
    Mar 2013
    Posts
    28
    Thanks
    24
    Thanked 0 Times in 0 Posts

    Secure boot

    Would it be correct to say that secure boot is only relevant if there is a risk of a malicious (or perhaps technically careless) person getting access to the computer?

  2. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,434
    Thanks
    371
    Thanked 1,457 Times in 1,326 Posts
    Quote Originally Posted by JohnLo View Post
    Would it be correct to say that secure boot is only relevant if there is a risk of a malicious (or perhaps technically careless) person getting access to the computer?
    John,

    Do safe drivers not need insurance? Secure Boot is just another link in a chain of resources to keep your computer, and more importantly, your personal data safe. With the bad guys getting sneakier and sneakier all the time why go w/o a protection that is available for free?

    HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  3. The Following 2 Users Say Thank You to RetiredGeek For This Useful Post:

    DrWho (2015-11-26),JohnLo (2015-12-02)

  4. #3
    Bronze Lounger DrWho's Avatar
    Join Date
    Dec 2009
    Location
    Central Florida
    Posts
    1,501
    Thanks
    30
    Thanked 205 Times in 163 Posts
    Microsoft Secure Boot is a component of Microsoft's Windows 8 operating system that relies on the UEFI specificationís secure boot functionality to help prevent malicious software applications and "unauthorized" operating systems from loading during the system start-up process.

    While there is some concern that Microsoft Secure Boot will make it difficult to install Linux or other operating systems on a Windows 8 computer, the secure boot functionality in Windows 8 is primarily designed to protect users from rootkits and other low-level malware attacks by blocking unauthorized (non-signed) executables and drivers from being loaded during the boot process.
    That seems to take the operator out of the equation, since the operator has almost NO control over the boot process.

    I've searched my Windows 8.1 PC for Secure Boot, and I don't seem to have it. If I do, it's doing a great job of hiding.

    Happy Holidays!
    The Doctor
    Experience is truly the best teacher.

    Backup! Backup! Backup! GHOST Rocks!

  5. The Following User Says Thank You to DrWho For This Useful Post:

    JohnLo (2015-12-02)

  6. #4
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    It is not your OS but your BIOS (UEFI) that runs secure boot to make sure only OS' approved by the maker of the PC can install and run. Anything to keep that Linux riff raff with their free OS off PCs. [tfpic]

    https://technet.microsoft.com/en-us/.../hh824987.aspx

  7. #5
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    Anything to keep that Linux riff raff with their free OS off PCs. [tfpic]
    See
    https://www.linux.com/learn/tutorial...fi-secure-boot

    to install Linux on a Secure boot system

    Jerry

  8. #6
    Lounger
    Join Date
    Mar 2013
    Posts
    28
    Thanks
    24
    Thanked 0 Times in 0 Posts
    [QUOTE=RetiredGeek;1033243]John,

    Do safe drivers not need insurance? Secure Boot is just another link in a chain of resources to keep your computer, and more importantly, your personal data safe. With the bad guys getting sneakier and sneakier all the time why go w/o a protection that is available for free?

    So I take it that the answer is "Yes". The reason that I need to disable secure boot is that I do my banking using a Puppy Linux flash drive. Actually, I normally use an old machine, but that could fail, and then I will have to disable secure boot

  9. #7
    Lounger
    Join Date
    Mar 2013
    Posts
    28
    Thanks
    24
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by DrWho View Post
    That seems to take the operator out of the equation, since the operator has almost NO control over the boot process.

    I've searched my Windows 8.1 PC for Secure Boot, and I don't seem to have it. If I do, it's doing a great job of hiding.

    Happy Holidays!
    The Doctor
    I'm not an expert (as you may have gathered) but if your machine is old enough it will not have secure boot.

  10. #8
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Jersey
    Posts
    69
    Thanks
    9
    Thanked 13 Times in 11 Posts
    "machine is old enough it will not have secure boot. "

    And when it finally dies, then what?

  11. #9
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Jersey
    Posts
    69
    Thanks
    9
    Thanked 13 Times in 11 Posts
    " I do my banking using a Puppy Linux flash drive. "

    You have some nerve using an unapproved OS!

    Do you think you have the right to do anything you want to on that PC just because you bought it and paid for it, with your own money?

    (end of snarky comment)

  12. #10
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Jersey
    Posts
    69
    Thanks
    9
    Thanked 13 Times in 11 Posts
    The computer hardware and software industries have successfully sold the fraudulent - fraudulent - idea, even to the courts, that you do not own the products you buy and pay for, and that they do. You only have a license to use it.

    UEFI takes the scam to a higher level by restricting the use of your shiny new computer to the OS approved by the maker of the PC. Not only is the physical PC linked to the maker, the OS is tied to the PC maker also.

    Change a few parts, and you have to buy a new copy of the OS from the PC maker. Do they still sell the one you want? Try buying WinXP from your PC maker.

    Is the maker still in the PC business? Sony no longer makes PCs, for example. Anyone remember Packard Bell? You can still find PCs with that brand name if you look. (I wouldn't.)

    Of course, they say it is for our own good. Unadulterated nonsense! I will decide what is for my own good, thank you.
    (People get really worked up when the government says that, but allow businesses to get away with it without a peep. Why is that?)

    It is to grow their profits even more. No more than that, no less than that.

    It's good to be cautious and to practice safe computing but acting like scared sheep that will believe and do anything is pathetic.

    How many products do you buy that restrict their uses to what their makers say you can do with them? I can't think of any.

    If I buy a car, I can replace the engine (the OS). The risk is mine. I'm not prevented by any "feature" or "license" from trying it.
    I can even sell it - for money, along with any changes I made to the engine, the seats, or the paint job.
    It is mine.
    I bought it.

    Do you know you cannot sell a “bought and paid for” software product without violating a license agreement - even if you purge it from your PC?
    It is yours.
    You bought it.

    I feel the same way about UEFI and all the other fraudulent - fraudulent - "licensing" schemes of the computer industry.

    Microsoft, Dell, HP, Intel, AMD, Adobe, and the rest can go take a flying fling through a rolling doughnut for all I care.

    It is long past time for computer users to say, "Enough is enough".

    The PC media have been silent, therefore complicit, in this fraud. Regardless of their reasons, they are wrong.

    Political action is necessary. With the web and email, it is also easy.

    Thanks for reading this.
    Last edited by UncleStu; 2015-12-03 at 12:22.

  13. #11
    4 Star Lounger
    Join Date
    Jan 2010
    Posts
    496
    Thanks
    2
    Thanked 49 Times in 46 Posts
    Quote: "Microsoft, Dell, HP, Intel, AMD, Adobe, and the rest can go take a flying fling through a rolling doughnut for all I care.
    "


    You're such a gentleman. You inserted the word "fling" in place of the original word!

  14. #12
    Star Lounger
    Join Date
    May 2010
    Location
    Cornwall UK
    Posts
    79
    Thanks
    5
    Thanked 24 Times in 19 Posts
    I couldn’t agree more with UncleStu’s views. It's my equipment, I purchased it outright (not leased it) and I'll do what I please with it - illegal activities not withstanding! Microsoft has clearly used their clout to 'influence' the makers of mobo/bios products to make the installation of Linux and other stuff more difficult.

    In recent years the Linux community had worked really hard to make dual booting Linux with Windows a simple and foolproof process. Enter stage left, UEFI, Win8 and Secure Boot. Virtually overnight dual booting became a complex business with the real prospect of either rendering the Windows installation unbootable or, inadvertently, totally formatting your HD if you didn’t know what you were doing.

    Whilst it is now possible to work around Secure Boot with the latest Linux installers, until quite recently it had become quite difficult (not to say disastrous in some cases) for anyone but a geek. And what will happen if the ‘Legacy Bios’ option disappears from future UEFI versions?

    Microsoft clearly realized that with the dumbing down of what most people now use a computer for: Internet access, email, FaceAche, photos, video and music, Linux could do all of those things standing on one ear – for free - and Microsoft would be cut off from it’s desperate aspirations to create a new revenue stream via the ‘app store’ profit model.

    Frankly, the whole business of preventing maleware on DVD and USB drives from booting is blatant disinformation. Far from making the system more secure, since the introduction of Win8 I've never seen so many difficult to resolve infections. The intention off Secure Boot is not to ensure your safety, it's to secure their business from disappearing up its own fundamental.

    Microsoft has been knocked down from its monopolistic high horse several times in the past and I think it’s about time government takes a look at what is basically the most brazen stunt they’ve ever tried to pull.

    To anyone intending to defend Microsoft via the 'wonderful' Windows 10, I’ve had Win 10pro running since very early preview on a dedicated, stand alone, state of the art desktop. I’m now on my third total re-install and although it runs OK most of the time it’s still more buggy than most Linux distros were five years ago.

    I’ve been a committed Windows user since DOS days but Microsoft is now beginning to severely try my patience.

    Shields up, Mr Sulu!
    Remember rule #1: If it ain't broke, don't fix it!

    Industrial electrical engineer, running a system building/repair business in Cornwall UK, for the last 15 years.

    Built my first computer in 1978 - in the days when you had to hand-solder in all the components
    and 16k RAM was considered extravagant!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •