:: Re: [Dng] Secure boot?
Top Page
Delete this message
Reply to this message
Author: Gregory Boyce
Date:  
To: Hendrik Boom
CC: dng
Subject: Re: [Dng] Secure boot?
On Wed, Jun 3, 2015 at 7:37 AM, Hendrik Boom <hendrik@???> wrote:
> On Wed, Jun 03, 2015 at 08:37:22PM +1200, Daniel Reurich wrote:
>> Hi,
>>
>> I'd like a straw poll on whether we should include non-free firmware
>> in our installers by default.
>
> While we're at it, what do we do about the so-called secure boot, which
> seems like a threat on most of the modern machines we have to install on.
>
> I'm currently shaking in my boots, so to speak, whenever I think that
> someday I might have to replace my laptop.


I'm not sure what would need to be done there at the distro level.
There's two options:

1) Support booting on secure boot systems. This likely means using a
signed shim bootloader.

2) Don't support booting on secure boot systems. This means users are
out of luck if they have secure boot hardware unless they're able to
disable that feature.

Not supporting secure boot seems worse to me, although it's probably
in the same category as not allowing non-free firmware. It limits
user choice in the name of Freedom.

--
Greg