[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 25/06/13 08:56, Neil Winchurst wrote: > I have been looking at buying a new computer to replace one which died > recently. I have come up against the Unified Extensible Firmware > Interface. This is a replacement for the BIOS system we all know and > love! I have been researching this for some time now and have finished > up rather confused. Perhaps some of the list member could help please. > > 1 All new computers seem to have this UEFI setup. Does this mean that > new computers with the old BIOS system are no longer available? > > 2 It seems impossible to get a new computer with no OS installed. Even > those suppliers who will let you ask for one will still install Win 8 > to 'test the machine'.[1] Could this be a problem? > > 3 Since I use Linux only I would want to install it and remove any > Windows OS. Is it necessary to disable secure boot to get this to work? > > 4 Some people will want/need to dual boot Linux and Win 8. Is this > possible without disabling secure boot? > > 5 I have come across something called legacy system. Is this the > equivalent of the old BIOS? > > 6 Since I would want to use the machine to try out various Linux > distros as they appear, would the only sensible way be to disable > secure boot? > > 7 Is secure boot really worth the fuss? > > Thanks for any help > > Neil > > [1] It seems that, if you have requested no OS you will actually get a > 30 day trial version of Win 8 installed, which means that secure boot > will be enabled. No doubt you are expected to find it so wonderful > that you will happily pay the licence fee within the 30 days. > > Right, let's get to this: 1: Pretty much all computers are currently coming out of the factories with UEFI, yes. You can presumably still get even brand new ones with a BIOS if you look hard enough, or second hard of course, but as UEFI is a big improvement over BIOS, you probably don't want to. 2: Now, where's that link from the other day someone sent me - ah yes, Simon provided a link to zoostorm.com who seem to do pretty damn cheap deals, and offer no OS as well. 3: Matthew Garrett is the man to ask about secureboot-supported Linux systems: http://mjg59.dreamwidth.org/20522.html. That list is now out of date and presumably more distros support it now. But anyway, you can *always* just turn it off. 4: Yes, see above. Might be a bit of a pain in the arse though. I've disabled it on this UEFI workstation and tri-boot Mac OS/Win8/Linux on it with no difficulties. 5: Pretty much, yes. In legacy mode it will still look like UEFI, but will behave more like a legacy BIOS. 6: In your case, quite simply, yes. Just disable it and carry on as per usual. 7: In an ideal world, secureboot would be an excellent tool for the end user - combined with a TPM you could sign your own bootloader and have a cryptographically verified secure boot mechanism from bare metal to full OS, which would be absolutely awesome. Unfortunately, secureboot and TPM both tend to work against users by locking them out of the process and forcing you to trust Intel, Microsoft and whomever else is actually doing the key signing and distribution. In the current environment, the machine is practically working against you and will have keys on it you can't access, change or delete (witness the hoops Garrett has had to jump through to get the shim bootloader signed by MS, etc). Presumably the endgame for this arms race is for TPMs to hold crypto keys for DRM purposes, i.e., your movie playing or music software would be rights managed and effectively controlled by third parties with more access to your system than you'd have. I think it goes without saying that most of us Linux-using do it yourself types would rather just toss our computers in the trash and go back to maths on paper and listening to vinyl than put up with that sort of crap... So, TL;DR version: your new PC is going to have UEFI on it for sure. That's a good thing because BIOS is horrid outdated legacy crap and needs to die. On a proper PC, and not some crappy little arm powered WinRT thing, the specs require that you can turn off secureboot, so you will never have to worry about that stopping you booting whatever distro or OS you desire, from Windows to Plan9. So just go ahead and get your new PC without worrying one little bit, UEFI is a total and complete non-issue I promise you. And don't forget to give win8 a quick test spin before you nuke it: after installing a start button replacement and cygwin/x (and use ninite.com to automate installation of your standard stuff like firefox, etc), it's pretty functional. Don't get me wrong, it's no Linux, but it's not actually that bad - once I have a network connection, ssh, bash and remote X working I'm basically good to go. Regards -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq