[Arm-netbook] Microsoft confirms UEFI fears, locks down ARM devices

Gordan Bobic gordan at bobich.net
Sun Jan 15 16:19:30 GMT 2012


On 01/15/2012 04:33 AM, lkcl luke wrote:
> On Sat, Jan 14, 2012 at 11:49 PM, Alain Williams<addw at phcomp.co.uk>  wrote:
>> On Sat, Jan 14, 2012 at 07:50:37PM +0000, Luke Leighton wrote:
>>> On Sat, Jan 14, 2012 at 6:22 PM, Alain Williams<addw at phcomp.co.uk>  wrote:
>>>
>>>> That is roughtly what it did all those years ago. I'm not sure if there was
>>>> the ability to refuse to boot if signatures were not verified, but that would
>>>> have been a trivial addition:
>>>
>>>
>>>
>>> well, this time, it's unbreakable.  the boot loader's internal to the CPU,
>>> in a small amount of internal NAND.  there's no access to that; there's
>>> no way to replace it: nothing.
>>
>> Oh -- I didn't see that bit.
>>
>> But if it is internal to the CPU then it will be quite hard to change if/when
>> someone creates a signed versions of grub (or something) that will then
>> happily load anything.... this only will need to be done once.
>
>   yes, but you can't _do_ that.
>
>   look up the situation with the toshiba ac100.  you can't even choose
> to boot up an alternative to the linux-android kernel because toshiba
> doesn't allow anything other than That Which They Have Dictated Heil
> Toshiba
>
>   however on the early toshiba ac100s somehow the key has been obtained
> (i don't know the details) so you can actually do something.

Can you provide any evidence for this? I've been using AC100s since the 
first reports of Linux working on them (a couple of months after they 
hit the shelves, and I have never heard of any such protection.

>   but for the newer ac100s, you're f*****d.

Absolutely not true.

> you have to do stupid
> things like stick with that stupid stupid version of the linux kernel
> that The Gods That Are Toshiba have Dictated from On High and you have
> to run replacement OSes as a chroot environment.  it might even be
> possible to use kexec but it's a bitch-awful way to have to run
> alternative OSes.

Err - no. I've got 7 of them here acquired at various times, mostly 
after they stopped making them (I'm posting you one tomorrow), and they 
will all happily boot up whatever kernel you want.

You may be thinking about some other machine, but I'm pretty sure what 
you are saying is not true of the AC100.

Gordan



More information about the arm-netbook mailing list