On Mon, 16 Oct 2017 at 17:35:26 +0200
"J. Fahrner" <jf@???> wrote:
> Am 2017-10-07 17:23, schrieb Tobias Hunger:
>
>> With UEFI the firmware just loads a efi binary with everything:-) MUCH
>> simpler.
>
> I cannot see where UEFI boot is simple. I'm always wondering why booting
> an OS on PC is rocket science (try googling "grub boot problems").
> Ever had an Apple Computer? Clone a disk, put in in a USB/Firewire case,
> plug it in and boot from it! (Yes, that's also EFI, but the original,
> not Intels UEFI)
Plus, it's purported security is mostly a mith. It only checks if the
first-stage bootloader was signed by a known, authorized key, everything else
is as exposed to malware and rootkits as it's always been. It protects from
one of the smallest attack vectors that was used to compromize machines.
Plus, it can use only two keys to verify the bootloader, one from the
motherboard manufacturer and the second one from Microsoft. It is for this
reason more of a lock-out mechanism than a system-security feature.
--
Alessandro Selli
http://alessandro.route-add.net
VOIP SIP: dhatarattha@???