Linux: Booting Via UEFI Can Brick Samsung Notebooks 232
wehe writes "Heise News reports today some Samsung notebooks can be turned into a brick if booted just one time via UEFI into Linux. Even the firmware does not boot anymore. Some reports in the Ubuntu bug tracker system report that such notebooks can not be recovered without replacing the main board. Other Linux distributions may be affected as well. Kernel developers are discussing a change in the Samsung-laptop driver."
It appears even Samsung is having trouble tracking down the problem (from the article): "According to Canonical's Steve Langasek, Samsung developers have been attempting to develop a firmware update to prevent the problem for several weeks. Langasek is advising users to start Ubuntu installation on Samsung notebooks from an up-to-date daily image, in which the Ubuntu development team has taken precautions to prevent the problem from arising. It is, however, not completely clear that these measures are sufficient."
MS says: (Score:3, Insightful)
UEFI is working as intended.
Re: (Score:2, Interesting)
Re:MS says: (Score:5, Insightful)
The BIOS interface was overdue for being updated/replaced
True. Unfortunately, UEFI was a step in the wrong direction. Yeah, the classic BIOS was older than dirt, limited, and saddled with a variety of quirks, oddities, and cruft from its years of genetic drift and backward compatibility.
However, because it sucked, there was a strong incentive not to try anything stupid with it, and to just boot the OS and GTFO. Instead of just cleaning up and rationalizing this basic firmware function, UEFI goes wildly in the opposite direction, to the point where the firmware is tantamount to a second OS; but still with all the fucked up weirdness that we know and love from BIOS features like ACPI...
Re:MS says: (Score:4, Informative)
True. Unfortunately, UEFI was a step in the wrong direction. Yeah, the classic BIOS was older than dirt, limited, and saddled with a variety of quirks, oddities, and cruft from its years of genetic drift and backward compatibility.
However, because it sucked, there was a strong incentive not to try anything stupid with it, and to just boot the OS and GTFO. Instead of just cleaning up and rationalizing this basic firmware function, UEFI goes wildly in the opposite direction, to the point where the firmware is tantamount to a second OS; but still with all the fucked up weirdness that we know and love from BIOS features like ACPI...
To clarify, you mean Microsoft's screwed up version of UEFI. On Mac, we've been using EFI without issue. No OS limitations, no blocking of anything. BIOS and others like Open Firmware always were their own mini OSs, heck, Open Firmware had it's own command line. Don't confuse the technology (EFI) with bastardized implementations (Samsung's EFI, Microsoft's requirements.) The same sorts of things could have been done with BIOS anyway,
Re:MS says: (Score:4, Insightful)
Mac UEFI is, if anything, even weirder than the usual flavor. Apple laptops running Apple EFI in order to boot OSX work; because Apple makes all of them and none of the parts is dumb enough to lean on the other parts in an unexpected way; but once you try something different, life gets exciting(the, er, interesting transition between 32 bit and 64 bit EFI 1.x was good fun as well).
This fellow [dreamwidth.org] used to do EFI-related work for Redhat and is interesting reading on the matter. UEFI is a bloated bear of a 'standard', that makes ACPI look like a brutally efficient paragon of elegance, and things tend to go downhill from there once a vendor gets their sloppy hands all over it...
Re: (Score:2)
Macs don't implement UEFI, they implement EFI. Their implementation is only "weird" until you realize that they implemented a spec *before* it became UEFI.
You continue to demonstrate that your opinions of UEFI come from ignorance.
Re: (Score:2)
Realistically, what more do you need from what the BIOS already does?
Processor available: check
RAM available (and optional quick check): check
Network boot / disk boot available / USB boot: check
minimal power management: check
password protection / boot device selection without having to change boot order in BIOS: check
Hand everything else off to the OS boot sector / boot sequence.
Personally I think having the winflash utilities is a very stupid idea too. It's just another way for something to go wrong when w
Re: (Score:2)
"...UEFI goes wildly in the opposite direction, to the point where the firmware is tantamount to a second OS; but still with all the fucked up weirdness that we know and love from BIOS features like ACPI..."
It is not "tantamount" to a second OS, not even remotely, and saying so just proves that you don't know what that means. UEFI provides an extension mechanism to enable a variety of things that are potentially needed for booting, that is all. "BIOS features like ACPI" are absolutely mandatory for the ar
Re: (Score:2)
Re: (Score:3)
I don't think secure boot has anything to do with this.
Re: (Score:2)
Re:MS says: (Score:4, Informative)
Samsung is one of the best companies out there for quality and support. They made a mistake and are working to fix it. Hopefully they will learn from this lesson and put in some proper Linux tests before shipping.
People make mistakes, but only the truly good learn from those mistakes.
Re: (Score:3)
They wont learn from this lesson, as this is not the first time they've learned this lesson.
A number of their leaked (shame on you) and official (shame on them) updates to android had an flash update that would hard-brick phones. Granted the phones had bad EMMC chips and the update code triggered this bug, but Samsung was told of the bug, told how to avoid it, and even given a community patch. A year later, they have not fixed it and official updates can still brick certain phones.
Par for the course.
Quality engineering (Score:5, Funny)
Kernel developers are discussing a change in the samsung-laptop driver.
To be fair, they didn't realize anybody would actually implement the HCF instruction.
Re: (Score:2)
Fire keeps us warm.
Bricked device (Score:5, Insightful)
I'd call that "fried" (Score:5, Informative)
Bricks can be fixed with JTAG; if you have to outright replace the hardware, that's fried, toasted, nuked. (How the HELL does software do something THAT bad, anyway? Even flashing a ROM for an entirely incorrect model on a smartphone is still technically reparable..)
Re:I'd call that "fried" (Score:4, Informative)
Apparently, you CAN recover if your device is bricked by this issue: https://bugs.launchpad.net/ubuntu-cdimage/+bug/1040557/comments/23 [launchpad.net]
Re:I'd call that "fried" (Score:4, Insightful)
Software can do it if it causes low-level data corruption in a component.
It's amazing how many things in modern systems have internal firmware these days. For example, any eMMC flash chip (found in many smartphones) has internal firmware that handles wear levelling algorithms and such.
Samsung's 2011 smarphones were rather notorious for containing eMMC chips that were not JEDEC compliant - if you issued a secure erase command to the chip, it had a very good chance of corrupting the wear leveller's internal state. This would render the eMMC chip mostly inoperable (this failure mode was nicknamed "Superbrick" for the fact that it couldn't be recovered via JTAG). If you corrupted the firmware itself somehow (which apparently happened more than 50% of the time if an attempt was made to update/reset it according to Samsung engineers...), it would render it fully inoperable and effectively dead.
Re: (Score:2)
You can also have something write to I/O ports which overvolt things.
Re: (Score:2)
Oh my god if I could mod this +10 informative.
Re:Bricked device (Score:5, Insightful)
A true brick is always the manufacturers fault. Software should never be able to do anything irreversible to hardware. If there's flashable firmware that could be corrupted, keep a ROM copy that can be used by setting a jumper. Anything less is pure negligence.
Re: (Score:2)
I agree with you only...
It is a laptop... On many of my laptops, setting jumpers is only possible by taking the whole dang thing apart, and laptops are much harder to disassemble (correctly) than are desktops. On my old Toshiba Satellite, I have to strip it to the frame to get to the CMOS battery (which, in theory, will never go bad).
I just hope Samsung can figure this out. I was starting to like their products.
Re: (Score:2)
That is a second design flaw. They should have had an access panel allowing you to easily access the CMOS battery and any jumpers needed fro recovery.
Re: (Score:2)
Smashing it with a hammer would be a theft deterrent as well, but I don't think it's justified.
Re: (Score:2)
Software should never be able to do anything irreversible to hardware.
not always true. an audio chip I work with, these days, needs to have a special sequence of turn-on done (power supply bring-up and reset, plus errata sent to the chip) and if you don't manage that, you DO fry the chip. software can really do this if the driver is not properly written. or, if someone got access to the chip's registers, they could turn one part off and the other part *would* burn. literally burn and fry.
Re: (Score:2)
Software should never be able to do anything irreversible to hardware.
not always true. an audio chip I work with, these days, needs to have a special sequence of turn-on done (power supply bring-up and reset, plus errata sent to the chip) and if you don't manage that, you DO fry the chip.
Methinks you misunderstand the meaning of "should." The whole point is that the hardware design should never, ever EVER DAMMIT be such that bad software command sequences cause physical damage. In your example, there's no excuse for not having zeners and switches (or the hard-coded firmware equivalent) which unequivocally block an undesirable voltage from getting through.
Re: (Score:2)
I *think* that with a Dell laptop I have; (purchased last year) - there is no way to back-rev the BIOS if you update it. You can't set it back to factory. So you could theoretically flash the bios and brick it. This is what the ppl on the laptop forum say. Of course, at Dell's website, they pretty much say don't power it on, or you're taking your life into your own hands. . . .
Re: (Score:3)
an audio chip I work with, these days, needs to have a special sequence of turn-on done (power supply bring-up and reset, plus errata sent to the chip) and if you don't manage that, you DO fry the chip.
That chip is badly designed. There is absolutely no reason it has to be that way, except shitty design. That is 100% the manufacturers fault.
Re: (Score:2)
You would think so, but the apple DVD drives only allow you to change DVD region 3 times, and this is deliberate.
A little bias in the article (Score:5, Informative)
Re: (Score:2)
Don't worry you can still blame Microsoft like this guy did:
https://bugs.launchpad.net/ubuntu-cdimage/+bug/1040557/comments/55 [launchpad.net]
Re: (Score:2)
I'd guess that the developers tested it boots Windows correctly and assumed that would be good enough.
"One time"? (Score:2)
Samsung notebooks can be turned into a brick if booted just one time
Why do people say "one time" when there's been a shorter word for it for hundreds of years? Damn Fugees...
Re:"One time"? (Score:5, Insightful)
Samsung notebooks can be turned into a brick if booted just one time
Why do people say "one time" when there's been a shorter word for it for hundreds of years? Damn Fugees...
Why do people say "hundreds of years" when there's been a shorter word for it for centuries?
Re: (Score:2)
Century doesn't have any extant meanings other than 'one hundred consecutive years' and 'the name of a font type.' Anything else long fell out of use.
Re: (Score:2)
Cricket scores.
Re: (Score:2)
Nah.
cenÂtuÂry (snch-r)
n. pl. cenÂtuÂries
1. Abbr. C. or c. or cent.
a. A period of 100 years.
b. Each of the successive periods of 100 years before or since the advent of the Christian era.
2.
a. A unit of the Roman army originally consisting of 100 men.
b. One of the 193 electoral divisions of the Roman people.
3. A group of 100 things.
Re: (Score:2)
1b -
"This is a fine example of a typical 18th century porcelain jug."
"It's the 21st century, where is my flying car and moonbase?"
Re: (Score:2)
Did you run that assertion by a dictionary before making it?
Re: (Score:2)
Don't blame the Fugees. That's a Justin Bieber song.
Re: (Score:3)
Anything that slows the the english language's inevitable progression into a type of text speak is a good thing.
Ah, brings back memories. (Score:5, Informative)
The previous guy commenting about "sabotaging free software" got marked as a troll... But this is pretty similar to a major eMMC firmware bug present in many of Samsung's phones manufactured in 2011.
The eMMC flash chip is NOT JEDEC compliant, and the wear leveller can go out into la-la-land if you issue a secure erase command to the chip.
Starting with ICS, Google started performing eMMC erase when wiping data in recovery for privacy reasons. This would kill Samsung flash chips.
In the Galaxy Nexus, Google forced Samsung to fix the damn chip with an internal firmware update.
However, in other devices, Samsung worked around it in two ways:
1) Disabling MMC_CAP_ERASE in I9100 kernels for a while
2) Replacing secure erase with nonsecure erase and not documenting this anywhere
Without the assistance of an engineer from Google (whom Samsung later tried to silence as far as I can tell) providing critical information, the opensource community would have been fucked.
Eventually, Samsung claimed they were "working hard" on the issue in early June 2012 - http://www.xda-developers.com/android/samsung-diligently-working-towards-hardbrick-fix/ [xda-developers.com]
A month later, in early July, they added MMC_CAP_ERASE to I9100 kernels without providing even the slightest warning - Within a day, a pile of bricks showed up:
http://forum.xda-developers.com/showthread.php?t=1756242 [xda-developers.com]
In late August/early September, they submitted a patch to the Linux kernel to work around the issue at a kernel level - It was merged to mainline on September 4.
In early October, they released an update for Sprint devices WITHOUT THE FIX. "testing takes time" is an invalid excuse, as the build date for Sprint FI27 was September 27, 2011 - Almost a MONTH after the patch had been mainlined. The patch is very easy to backport to their I9100 kernel source baseline, so there is no excuse for this.
As a result, I still get PMs on XDA once or twice a week due to people accidentally digging up userspace binaries that perform secure erase. This shouldn't be an issue, as it is the kernel's responsibility to protect hardware from getting damaged by userspace. Samsung's position was that it was an "open source problem" and hence refused to fix it in the end.
Now that the exynos-abuse vulnerability is known and an exploit has been published, it's not an open source problem any more - Anyone who has not yet received an update to patch the exynos-abuse hole is dependent on this planet, out of 7 billion people, not having a SINGLE asshat who decides they want to permanently destroy a few Samsung devices. Even if exynos-abuse is patched, as long as the kernel still allows secure erase commands through, any other privilege escalation exploits will endanger devices again. Despite this, Samsung released an update for Sprint devices (FL24) at the end of December 2012 that *did not contain any protection against this issue in the kernel*
So yeah, Samsung wishes free software would go away - they claim otherwise, and make promises that they care and are trying to fix things, but they never deliver on such promises. Actions speak louder than words, and Samsung's actions send a pretty clear message to open source software - "fuck off and die".
(I won't even go into Samsung's constant and incessant GPL violations here... But it's incredibly rare for any Samsung source drop to correspond to any existing firmware release for a given device. When asked about this inconsistency, Samsung will claim that the firmware that came preinstalled on the device you purchased on launch day at Best Buy is a "leak" and thus they do not need to provide source that matches it.)
Wow (Score:3)
That makes Apple a FOSS leader....
Re: (Score:3)
Buy it from Amazon or Walmart and you won't be losing anything. You tell them that the Samsung product is a pile of crap that ate itself. Your merchant will give you your money back without incident.
Non-problem solved.
Disconcerting... (Score:3)
It seems as though there is something badly wrong with the at least some part of the design if a bug of this flavor is possible(much less happening for reasons that even the vendor hasn't nailed down yet).
There are reasons to update/modify the firmware responsible for the first stages of the boot process; but not all that often(especially on a PC-class device, which has tons of both RAM and persistent mass storage available, this isn't some cost-reduced embedded device where the OS has to scribble configuration information in whatever bits of the teeny flash chip that also stores the bootloader).
Can anybody enlighten me as to why (outside of a BIOS update) a situation would arise where the kernel needs to scribble over the motherboard firmware, or where the firmware would be doing anything sufficiently drastic to itself based on input from the kernel that it wouldn't be recoverable?
UEFI weakness? (Score:2)
Regardless of how this was (accidentally or not) triggered, is this a weakness in UEFI such that once one gains kernel-level access to the hardware, bricking a device that was booted using UEFI is trivial?
With BIOS laptops there usually was an emergency recovery mode where the BIOS reflashed itself from an image via USB floppy disk. Was an opportunity missed to make a similar setup mandatory in EUFI (but from a USB stick of course)?
Certainly not just Ubuntu (Score:3)
Re: (Score:3)
Experienced First Hand on a Samsung Laptop (Score:5, Informative)
UFIA (Score:2)
UEFI: Microsoft's way of giving you a UFIA
Re: (Score:2)
Not again Samsung!!?? (Score:2)
Okay, first you have the eMMc bug in Galaxy note which would result in permanent brick on factory reset and wipe via custom recovery.
Then in Note 2 you started giving root to any app which told you to.
And now the notebooks are going bricky brick.
Whats with you and the love of bricks?
WAINS (Score:2)
Re:Typical Samsung... (Score:5, Insightful)
Re:Typical Samsung... (Score:4, Informative)
yeah, to the tune of 500k a year to the linux foundation alone.
Re: (Score:2)
Re: (Score:2, Interesting)
Trying their best to sabotage free software.
I think you are referring to Microsoft. UEFI Secure Boot is their baby.
Re: (Score:2)
I think you are referring to Microsoft. UEFI Secure Boot is their baby.
Except that it's not and that this bug doesn't appear to have anything to do with Secure Boot, just UEFI.
Re:Typical Samsung... (Score:4, Interesting)
Not an expert, but my impression is that UEFI is (yet another) bad idea poorly implemented from Intel and a committee of camels.
Exactly how booting an OS can permanently cripple purportedly secure firmware eludes me, but after the past two decades of watching strange ideas become accepted wisdom, I don't find it all that surprising. (OK, OK, I guess bricked is pretty secure. Not very damn useful, but very secure.)
Re: (Score:2)
Not an expert, but my impression is that UEFI is (yet another) bad idea poorly implemented from Intel and a committee of camels.
So you are saying that Microsoft is not the prime mover behind UEFI Secure Boot? I don't think so.
Re: (Score:2)
"So you are saying that Microsoft is not the prime mover behind UEFI Secure Boot? I don't think so."
I think (and I could be way wrong) that Secure Boot is something that Microsoft found already present in UEFI and has twisted to try to gain a competitive advantage. My increasingly faulty memory tells me the UEFI has a loooong history and in its present form is the misbegotten love child of several 1990s efforts to design a BIOS replacement for PCs. My impression (which also could be way wrong) is that it
Re: (Score:2)
Trying their best to sabotage free software.
I think you are referring to Microsoft. UEFI Secure Boot is their baby.
UEFI has nothing to do with Microsoft, even Secure Boot isn't a Microsoft thing and this story doesn't have anything to do with Secure Boot anyway...nice attempt to drag this topic into another M$ Windoze bash-fest though.
Re: (Score:2)
UEFI has nothing to do with Microsoft, even Secure Boot isn't a Microsoft thing and this story doesn't have anything to do with Secure Boot anyway...nice attempt to drag this topic into another M$ Windoze bash-fest though.
Simple argument: (1) Microsoft is the dominant player in the computer market. (2) Microsoft is dictating that all new Windows 8 computers have both EUFI and Secure Boot. (3) EUFI and Secure Boot both inherently favor large dominant OS players over minority players. Conclusion: Microsoft is the main force driving the adoption via its dominant market share, and it is doing so to limit competition in the market.
Re: (Score:2)
EUFI and Secure Boot both inherently favor large dominant OS players over minority players.
Wrong, EUFI isn't a thing, UEFI doesn't inherently favor anybody in any way and Secure Boot is a feature that you can use if your bootloader is signed or you want to sign it since you just in
Re: (Score:2)
Yes it does. First off, you have to jump through many hoops to get a UEFI key.
There is no such thing as a UEFI key.
Secondly, since apparently computer makers have to write their own code to the UEFI spec, they are also responsible for checking that it works with different operating systems.
This is a flaw in Samsung's implementation of UEFI, if they made a mistake in their BIOS code it would be the same.
And I do blame Microsoft because they are the ones who are using their dominant market share to ensure the majority of new computers carry this abomination.
The BIOS is long obsolete, Linux, BSD and OSX have all supported UEFI for a long time, Microsoft is the one that has been languishing in obsolescence and now they have finally caught up. The various directors of the UEFI forum (AMD, American Megatrends, Apple, Dell, HP, IBM, Insyde Software, Intel, Lenovo, Microsoft, and Phoenix Technologies) have been shipp
Re: (Score:2)
UEFI has nothing to do with Microsoft, even Secure Boot isn't a Microsoft thing and this story doesn't have anything to do with Secure Boot anyway...nice attempt to drag this topic into another M$ Windoze bash-fest though.
Yer, that's why the first key in any EFI system is not Microsoft's and other OS builders are not having to go to Microsoft to get their keys signed. Oh wait........
Re: (Score:2)
Yer, that's why the first key in any EFI system is not Microsoft's and other OS builders are not having to go to Microsoft to get their keys signed. Oh wait........
Oh wait what? You mean oh wait, you're wrong. Microsoft's key isn't in my EFI system or my Mac which is also an EFI system. Moreover Microsoft doesn't sign any keys so you're wrong again, they aren't a signing authority, Verisign signs keys and can sign your bootloader with Microsoft's key if you want, or you could use your own key and install it on your system or you could turn SecureBoot off.
Re: (Score:2)
Verisign signs keys and can sign your bootloader with Microsoft's key if you want, or you could use your own key and install it on your system or you could turn SecureBoot off.
See, we paranoid folk have seen enough of Microsoft's tactics in the past to believe that it starts out fine and open... "sure use your own key".... but soon it's "your key? HAHA!" (cue mustache-twisting Ballmer in a black cape and stovepipe hat). Those of us who are suspicious can be a little pedantic, but we're just going on track record here, and Microsoft's is abysmal. It's not an indictment of EFI, or the consortium behind it. It's and indictment of the greed of Microsoft and its hatred of Linux.
Re: (Score:2)
Re: (Score:2)
My paranoid self says that we haven't eliminated the possibility that the right hand doesn't know what the left one is doing.
People in those projects know their section only. People have snuck in nefarious code before. Maybe it's exactly as the project leader wants it. It's not a good possibility, but it hasn't been eliminated yet either.
Re:Typical Samsung... (Score:5, Funny)
Or it could be that the project leader inserted such code because he was told to by his werewolf leaders to block the use of the laptop by occultist vampires, who due to their niche market, have to rely on rebranded Linux distros for their neffarious deeds. At the same time, they would be blocking use of the laptop by robot leagions by preventing them from installing an OS that doesn't give them nightmares. I don't know how the pirates (real pirates) fit into this.
The idea that Samsung is in control by werewolves, with Linux usability caught up in the perpetual war between werewolves, vampires, and robots, is not a good possibility, but it hasn't been entirely eliminated yet either.
Re: (Score:2)
Re:Typical Samsung... (Score:5, Insightful)
Please.
When I first installed linux it was the powerpc version, that is, a port, on a powerbook, in 2002.
One kernel recompilation and wireless worked, sound worked, gigabit ethernet worked, radeon 3d worked (lots of frames too). Only thing missing, the faxmodem.
Logic says the intel version should have been simpler, because of the 10x-100x mindshare it had. When I switched to intel, not exotic models, it wasn't. In the following years, i had INCREASING difficulties with laptops. The broadcom driver, 3d needing proprietary drivers (and proprietary IMHO means more lockups, instead of more quality). Then with desktops (firmware for the network card, a blasphemy because common protocols for any os to speak to a network card are there at any level of hardware abstraction).
Now, bricking a machine needs something more than a bug, it needs a feature. It makes perfect sense commercially. Hardware makers might bicker about windows to get better deals, but they sure know that if the world switched to linux their sales would go down, for lack of artificial obsolescence represented by the OS/drivers/app upgrade cycle.
The fight for the desktop has begun. Valve, restricted boot, UEFI, ACPI... Buy wisely.
Re: (Score:3)
On the other hand, people might upgrade their hardware more often if they could be assured their new hardware wouldn't come with Microsoft's latest abomination and a shit-ton of bloatware.
One thing we do know is that hardware manufacturers don't have the balls to try it. Properly, at least, rather than periodic token attempts.
Re:Typical Samsung... (Score:4, Insightful)
On the other hand, people might upgrade their hardware more often if they could be assured their new hardware wouldn't come with Microsoft's latest abomination and a shit-ton of bloatware.
I highly doubt this. Most consumers still call their computer case the "CPU" and buy new computers when they don't have to because they don't realize Windows and their computer are different things. Basically, the average person looks at their computer like they would an advanced VCR.
The sad fact is, most people go out and buy new computers precisely because it has the newest version of Microsoft's abomination and all that bloatware which are marketed as features on the box and by the Best Buy droids. Computer manufactures know this, love it, and bank on it. It's how companies like Intel can get away with requiring a new goddamned socket every year (or less) and not have people storming their castle with pitchforks and torches. My parents don't care. Dell don't care either, because they're selling whole systems and not parts. Likewise, every time Microsoft come out with a new version of Windows, computer makers start seeing dollarsigns.
Re: (Score:2)
Re: (Score:2)
Logic says PowerPC is easier to support because there is far less hardware to worry about...
There are only a small number of powerbook models, with known wireless, ethernet, video chipsets etc. There are millions of x86 machines with an even wider range of possible peripherals, including often oem versions where the hardware is the same but small firmware differences cause compatibility problems etc, and problems where certain combinations of hardware simply don't work together.
Re: (Score:2)
According to your hypothesis it would be easy to make linux fully support modern macs. All the advantages of x86 and all the advantages of less hardware interactions to worry about.
Is this the case? (I have no intel macs around)
Re: (Score:2)
The rest of your comment reflects your logic abilities.
Re: (Score:2)
As just replied to the same argument then "it would be easy to make linux fully support modern macs. All the advantages of x86 and all the advantages of less hardware interactions to worry about."
Is this the case? (I have no intel macs around)
And, whatever the answer, still your objection doesn't make much sense, because the problems with linux is not "i cannot make this configuration work because this piece of hardware is not known/ not supported", but "as time goes by it is increasingly difficult to make
Re: (Score:2, Informative)
Re: (Score:2)
It's been around a number of years as well - you could buy PCs doing it for at least 7 years now.
Hell, most PCs built in the past 4-5 years ARE UEFI. They just are hardcoded to boot into the BIOS emulation and legacy boot.
Which begs the question - how does Apple boot Windows 8? Their UEFI do
Re:Fucking UEFI (Score:4, Informative)
Which begs the question
No it doesn't.
how does Apple boot Windows 8?
The computers are Macintoshes. Apple is the company.
Their UEFI doesn't support secure boot as OS X doesn't support it...
Windows 8 doesn't require UEFI Secure Boot. It couldn't, since one of Microsoft's requirements is that users be able to disable Secure Boot. Having UEFI Secure Boot is a requirement places on the OEMs that ship computers with Windows 8, and Apple doesn't ship Macs preinstalled with Windows.
Re: (Score:2)
Which begs the question - how does Apple boot Windows 8? Their UEFI doesn't support secure boot as OS X doesn't support it...
Why does it beg that question? Windows 8 doesn't require UEFI or SecureBoot, there's your answer.
Re: (Score:2)
"The legacy BIOS was a heap of junk, but throwing the kitchen sink in there and creating a new BIOS that's pretty much an operating system in its own right was not a good solution for anyone other than vendors looking for lockin."
UEFI is "pretty much" an operating system only to those that don't know what an operating system is. What "kitchen sink" got thrown "in there" and what about the legacy BIOS made it a "heap of junk"?
Lots of people demonstrating willful ignorance in this thread.
Re:Criminal (Score:5, Insightful)
Hmm, let's see who is behind UEFI, shall we? AMD, AMI, Apple, Dell, HP, IBM, Insyde, Intel, Lenovo, Microsoft, Phoenix. Yup, Linux haters all. Obviously this is all Microsoft's fault.
Re: (Score:2)
Hmm, let's see who is behind UEFI, shall we? AMD, AMI, Apple, Dell, HP, IBM, Insyde, Intel, Lenovo, Microsoft, Phoenix. Yup, Linux haters all. Obviously this is all Microsoft's fault.
OK, why do I have to go to Microsoft to get a signing key to run a particular Linux kernel?
Re: (Score:2)
I don'tknow why you would have to do that. I guess it is because you have absolutely no idea what you are talking about.
You don't need a 'signing key' from anybody to boot with UEFI. You do have to have a properly signed loader to boot a system with secure boot enabled, but that is not the same thing as booting with UEFI, and has nothing to do with the problem being discussed.
Even when using secure boot, you don't need Microsoft to do anything. You can sign your own stuff if you want. If you want to dis
Re: (Score:2)
Even when using secure boot, you don't need Microsoft to do anything. You can sign your own stuff if you want. If you want to distribute your signed code to others, then they must trust the key that you used to sign. So, you can either a) tell every user how to go about importing your key, b) work with hardware vendors to get them to include your key, or c) sign with a key the user already has. SOME (but not all) Linux vendors decided to make life easy on their customers by having Microsoft sign for them.
Trying to act as if UEFI Secure Boot is not a Microsoft driven initiative is being pedantic at best, for the simple reason that Microsoft requires it on all new Windows 8 computers. Since Microsoft is the dominant player, this declaration will cause most new computers to carry UEFI Secure Boot. It is becoming clear to me, especially after reading TFA, that UEFI Secure Boot inherently favors larger corporate players in the OS market over minority players, and thus implicitly favors Microsoft. Computer mak
Re: (Score:2)
...Microsoft requires it on all new Windows 8 computers...
I thought it was just required to be "certified"... Though they do require Secure Boot not be able to be disabled on ARM. Supposedly this Windows 8 certification is optional - whatever that might mean. I hope to never buy such a UEFI/Secure boot machine, kind of like how I do not want a Samsung Chromebook. Wiki Cite: [wikipedia.org]
In 2011, Microsoft was accused by critics and free software/open source advocates (including the Free Software Foundation) of trying to use the secure boot functionality of UEFI to hinder or outright prevent the installation of alternative operating systems such as Linux, by requiring that new computers certified to run its Windows 8 operating system ship with secure boot enabled using a Microsoft private key.
Re: (Score:2)
I never said Secure Boot was not a Microsoft initiative. What I (and others) have said is that THIS PROBLEM has nothing to do with secure boot, and your ranting about Microsoft does not change that fact. THIS PROBLEM seems to be a problem with either Samsung's UEFI implementation or Linux. Neither one of those has a damn thing to do with Microsoft. And UEFI itself is an INTEL initiative, and existed long before Secure Boot.
UEFI (and Secure Boot) are nothing but specifications. Blaming the specificatio
Re: (Score:2)
UEFI (and Secure Boot) are nothing but specifications. Blaming the specification (or even odder, it's author) for someone's failure in implementing the spec is ridiculous. To you blame Tim Berners-Lee every time a web server gets hacked?
I blame Microsoft because they are using their dominant market position to ensure that the majority of computers sold will not easily run Linux by ensuring that all Windows 8 computers are sold with UEFI Secure Boot. The standard that they are pushing is inherently hostile to minority operating systems. TFA makes it clear to me that computer makers will actually have to do work to make sure their computers work with other operating systems such as Linux. Samsung apparently didn't do that work, and thus w
Re: (Score:2)
OK, why do I have to go to Microsoft to get a signing key to run a particular Linux kernel?
You don't, if you think you do then you obviously have absolutely no idea what you're doing.
Re: (Score:3)
And this has nothing at all to do with secure boot, so what is your point?
Re: (Score:2)
My point was, quite simply, that Microsoft is the hard-charger behind the move towards secure boot. And they, more than anyone else in that list, hate Linux.
Re: (Score:3)
UEFI is a replacement for BIOS. As their web page [uefi.org] puts it: The UEFI specification defines a new model for the interface between personal-computer operating systems and platform firmware. The interface consists of data tables that contain platform-related information, plus boot and runtime service calls that are available to the operating system and its loader. Together, these provide a standard environment for booting an operating system and running pre-boot applications.
Secure boot is an optional feature
Re: (Score:2)
Apple doesn't distribute their OS to any other OEMs, and neither HP nor IBM's OSes matter in the context that Microsoft has heavily pushed secure boot in.
Re: (Score:2)
Apple doesn't distribute their OS to any other OEMs
So? They produce PCs and are an OS vendor with a significant - and extremely profitable - stake in the market.
and neither HP nor IBM's OSes matter in the context that Microsoft has heavily pushed secure boot in.
Workstations don't matter? You actually believe Linux is so crappy that HP would just drop RHEL and SUSE if Microsoft asked them to? You have some conspiracy theory that Microsoft controls all of these companies and that they could force them to produce only Windows 8 SecureBoot mandatory products? If there is a decline in the PC market it's the consumer market that is going down, in favor of Linux
Re: (Score:2)
Microsoft is not only guilty of attempted hardware monopoly, but also willfully contributing to the e-waste problem; given that it's a notebook, most folks won't even try to replace the board (and it should just be a replaceable chip, but NOT ALLOWED), but will just throw the whole thing away. Criminal waste due to criminal greed. The EU needs to get their butts in gear and stop this garbage cold.
Modded Troll??? This is true. Microsoft is back to its old monopolistic tricks. They are losing, partly due to their being convicted of monopolistic actions. Now that they see their monopoly slipping they are trying their best to sabotage competitors. They need to have their ass kicked before they leave a giant crater in the tech industry otherwise known as UEFI Secure Boot and Windows 8 Metro. I'm doing my part...I'm typing this from a System76 Ubuntu laptop.