1. 6
  1. 2

    Would be quite interesting to get some non-CSM enabled computers to play with. A lot less crap from legacy to deal with.

    Personally, I find UEFI to be a very fresh breeze compared to BIOS, especially considering security. Setup my Linux laptop with Secure Boot and BIOS Password to have a verifiable boot chain all the way up to userspace. And as I’ve experience the last week, writing applications for UEFI is rather easy, it has a lot of convenience functions.

    Tho I will certainl miss having to install GRUB2 to boot from BIOS…

    I do recommend to checkout the Phoenix UEFI Wiki

    1. 1

      Personally, I find UEFI to be a very fresh breeze compared to BIOS, especially considering security.

      Sure, let’s run firmware we can’t control and give it new and exciting capabilities compared to ol’ BIOS. What can possibly go wrong?

      https://www.phoronix.com/scan.php?page=news_item&px=MTIyOTg

      https://www.itworld.com/article/2707547/endpoint-protection/researchers-demo-exploits-that-bypass-windows-8-secure-boot.html

      https://arstechnica.co.uk/information-technology/2016/08/microsoft-secure-boot-firmware-snafu-leaks-golden-key/

      1. 3

        That’s not a very convincing argument, and those supporting links are confusing.

        The first complains that one version of Lenovo’s UEFI would try to block non-Redhat and non-Windows operating systems, while the next two demonstrate that UEFI OS blocking can be bypassed. What exactly are you trying to point out? If you’re just saying that UEFI can have be inconvenient and have bugs, then it’s really no different than BIOS.

        Users don’t generally control their BIOS either, and in 30 years that’s never been a problem for me.

        1. 3

          Microsoft’s UEFI Requirements explicitly list that a user should be able to install their own keys, UEFI vendors should not prevent them from doing so. If they aren’t they can’t sell OEM computers or slap “Windows Certified” on them, simply as that.

          Compared to BIOS, it’s the same, BIOS was never open either and it contains the unnecessary legacy payload of a couple decades by now. We never had a problem with a BIOS so I don’t think we will with a UEFI.

          I totally do recommend opening the OSDev.org wiki and try to develop a kernel for both to see the difference. On BIOS you have to painfully crawl through 4 legacy modes until you get 64bit Kernel Mode. On UEFI you boot into 64bit Kernel Mode.