From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.71)
	id 1SodJf-0000ow-Pz
	for mharc-grub-devel@gnu.org; Tue, 10 Jul 2012 12:29:35 -0400
Received: from eggs.gnu.org ([208.118.235.92]:57100)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bruce.dubbs@gmail.com>) id 1SodJX-0000oO-T2
	for grub-devel@gnu.org; Tue, 10 Jul 2012 12:29:34 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <bruce.dubbs@gmail.com>) id 1SodJW-0008VP-6C
	for grub-devel@gnu.org; Tue, 10 Jul 2012 12:29:27 -0400
Received: from mail-gh0-f169.google.com ([209.85.160.169]:37147)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bruce.dubbs@gmail.com>) id 1SodJV-0008Ux-VR
	for grub-devel@gnu.org; Tue, 10 Jul 2012 12:29:26 -0400
Received: by ghrr18 with SMTP id r18so207367ghr.0
	for <grub-devel@gnu.org>; Tue, 10 Jul 2012 09:29:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=message-id:date:from:user-agent:mime-version:to:subject:references
	:in-reply-to:content-type:content-transfer-encoding;
	bh=4tNsI0hKalvb6E+iVTHWPhMj343+6yMzW+welpK6YRE=;
	b=KVdjgVaMORD1jVWvDOF3jry179+QS7zz2hIgWM7pANevV+UqTZCDFxG276z9on3WOP
	81/oMpMvLSRcL11pKUQKPSbm1ls7LiAT/2OrSvkO9Ym28sDWFJ5p/XFqX8jF0rNNHGp9
	PLda+CIMJhGuQf1tIjMRGCf6+S9CRUNb08+l+fLdC0ye/mTo3jx99XQuqR4V0AqeVqyE
	5uD6C3N8Y8760bOKqIu+nDo1bKEettQtSC/NtH6+3/h7xuzSC1y85BWl3UEqwKFsGkpS
	HT2oDiSZFNIbo49zW7Zhub3Y2UVQEtzu/eIgxa/658b/eM4iZX1K7Voav2W9JKxg34dg
	alWQ==
Received: by 10.101.151.23 with SMTP id d23mr15754531ano.26.1341937763718;
	Tue, 10 Jul 2012 09:29:23 -0700 (PDT)
Received: from [192.168.0.75] (cpe-70-123-218-92.satx.res.rr.com.
	[70.123.218.92])
	by mx.google.com with ESMTPS id i16sm33204519anm.12.2012.07.10.09.29.21
	(version=TLSv1/SSLv3 cipher=OTHER);
	Tue, 10 Jul 2012 09:29:22 -0700 (PDT)
Message-ID: <4FFC5861.5060104@gmail.com>
Date: Tue, 10 Jul 2012 11:29:21 -0500
From: Bruce Dubbs <bruce.dubbs@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux i686;
	rv:13.0) Gecko/20120628 Firefox/13.0.1 SeaMonkey/2.10.1
MIME-Version: 1.0
To: The development of GNU GRUB <grub-devel@gnu.org>
Subject: Re: Secure Boot. Why don't you take the wind out of their sails?
References: <1341873508.37363.YahooMailNeo@web171405.mail.ir2.yahoo.com>
	<CAO_2OxX2mP_Q9U+4TY8EmJSxeDwjg8f4=Xif5bna-SUdNzfO2Q@mail.gmail.com>
	<5CB4CA6B-9C7D-4683-9F9A-3DA7B32EAFD0@colorremedies.com>
	<CAO_2OxWC=VNVVDVj9SPGC7jOaF2UVU1WbkCkC4vEuq7nD-RxPQ@mail.gmail.com>
In-Reply-To: <CAO_2OxWC=VNVVDVj9SPGC7jOaF2UVU1WbkCkC4vEuq7nD-RxPQ@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 209.85.160.169
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: The development of GNU GRUB <grub-devel@gnu.org>
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jul 2012 16:29:34 -0000

richardvoigt@gmail.com wrote:

> Maybe I'm missing something, but when I read this, it doesn't say the
> hardware must have Secure Boot enabled by default.  Rather, it must be
> enabled by the OEM as part of the Windows preinstallation process, so
> that it's enabled when it reaches the end user.  System builders are
> still going to purchase UEFI Secure Boot-capable motherboards with
> Secure Boot disabled-by-default, and they will "just work" if you want
> to install Linux.

For people who are not experts, trying Linux or another operating system 
becomes much more intimidating.  They have to go into the BIOS and 
change something.  Then, to go back to Windows, they have to do it again.

Will this discourage users from trying something else?  You bet.

End-users who bought pre-installed Windows will
> have to change the configuration option in system setup, which for
> someone planning to install a new OS from scratch is not a major
> hurdle.  It will be a minor road bump for people using live-CD style
> media (including USB), but won't be a showstopper if the user actually
> has permission from the computer owner to boot the alternate media.
> What likely is that it will prevent unauthorized (by the owner)
> rebooting public computers using alternate media, but that's not
> exactly a valid scenario to begin with.

But is is for private computers.  My LUG frequently gives out DVDs with 
various Live system and say try it.  That will become much more 
problematic.

I still don't know how someone is supposed to be able to boot Windows 
within a VM with this new paradigm.

   -- Bruce