[colug-432] Secure Boot

[Tom Cranston]

http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot

http://en.wikipedia.org/wiki/Windows_refund

People who bought new computers with Windows have asked
for, and gotten, refunds of the "Windows Tax" ranging from
$50 to $150. If every Linux user asked for a refund it
would send a powerful message to OEMs that they should sell
more machines with (generic?) Linux installed.

Problem: The new UEFI BIOS with Secure Boot won't work with
Linux. (Only ARM based machines will be locked down
initially.) MicroSoft has told OEMs to lock down all
products with Secure Boot hardware or else they can't sell
Win 8 machines. Machines can NOT be able to disable Secure
Boot. This is coming very soon.

Big distros like Ubuntu could ask OEMs to insert an Ubuntu
digital signature into some machines. That would be a
headache for vendors.

Smaller distros won't be able to get their signatures into
new machines. But it doesn't matter. The Linux kernel
doesn't allow binary code. Important drivers like Catalyst
and Nvidia drivers couldn't be used by Ubuntu. Even if
Ubuntu has a signature, binaries can't be loaded unless
they are in the kernel.

http://www.phoronix.com/scan.php?page=news_item&px=MTA0NDQ

> "Signed Linux kernels must refuse to load any unsigned
> kernel modules. Virtualbox on Linux? Dead. Nvidia binary
> driver on Linux? Dead. All out of tree kernel modules?
> Utterly, utterly dead. Building an updated driver
> locally? Not going to happen." 

Sign the petition.
http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot

Tom