Re: N68C-GS FX -- Where are the POST messages?
Not to worry ronbaby, you've just been reading to many forum posts. Or I should say, semi-accurate forum posts, which are all to common. Wardog's last post qualifies as an accurate one, IMO.
I'm glad you mentioned that, and now that I understand (to a degree) how the dreaded "secure boot" option that UEFI firmware brings, it's funny that Microsoft alone was seemingly blamed for creating it and using it. I sure don't know all the true details of Microsoft's intent when this hit the fan, and they may have backed off or were innocent from square one. I do know a few things that make that controversy clearer.
EFI or UEFI firmware has existed for at least 10 years, although not used on most PCs until about 2011. Some companies used it earlier, like Intel, HP, and IBM, but most people did not know it was there (including me) since it was used in an emulated BIOS mode, and still is. If you find an option in your BIOS... uhm, UEFI firmware UI (BIOS screens ) called CSM (Compatibility Support Module), which will be enabled, you are using the standard BIOS firmware to start and boot a PC. Don't disable it to check the difference, the PC won't boot, you must install Windows in a slightly different way to all UEFI booting. Most PC enthusiasts still don't use UEFI booting, due to a few constraints that currently exist, such as not being able to use most video cards. Sounds weird, I know, or semi-accurate, but it's true, no details for now.
On topic (?), Secure Boot. Yes it can "lock out" software of any kind in the pre-OS environment that does not have the magic key, so has the potential to be abused as you described. Secure boot is an option of the UEFI design or spec, Microsoft did not create it or owns it. It is not controlled in Windows, although an OS must support it in order for it to work. The keyword here is it is an option, or should be an option. It is a simple, one line option in a UEFI, enabled or disabled. Your board may not have it, but wardog's and my boards do. It is disabled by default, or should be IMO. There is also the "security key" that the user should have control of, but that option and the extent of it varies from board to board. Full control allows the user to enter their own key, for example.
That's where the trouble started apparently, and I really don't know the story so I'm not qualified to talk about it. But I have read about a few new laptops sold with Windows 8 that are setup with Secure Boot enabled, and no option in the UEFI/BIOS to disable it. That is where the "locked down" aspect is, trying to install another OS without knowing the key or having access to the key, or simply not being able to disable Secure Boot. Microsoft or whomever would need to somehow require/force every PC's BIOS to not allow Secure Boot to be disabled, among other things, to lock the PC owner into one OS brand. I can only imagine the mother of all lawsuits that the EU regulators would have thrown at MS if they did that, enough money to bail out Greece, etc.
Frankly, IMO many all in one PCs and laptops are already controlled and semi-locked down. If you change any hardware, your warranty and support are gone. I always thought it was that other PC company that controlled their platforms so tightly, with few complaints from their customers.
Not to worry ronbaby, you've just been reading to many forum posts. Or I should say, semi-accurate forum posts, which are all to common. Wardog's last post qualifies as an accurate one, IMO.
I'm glad you mentioned that, and now that I understand (to a degree) how the dreaded "secure boot" option that UEFI firmware brings, it's funny that Microsoft alone was seemingly blamed for creating it and using it. I sure don't know all the true details of Microsoft's intent when this hit the fan, and they may have backed off or were innocent from square one. I do know a few things that make that controversy clearer.
EFI or UEFI firmware has existed for at least 10 years, although not used on most PCs until about 2011. Some companies used it earlier, like Intel, HP, and IBM, but most people did not know it was there (including me) since it was used in an emulated BIOS mode, and still is. If you find an option in your BIOS... uhm, UEFI firmware UI (BIOS screens ) called CSM (Compatibility Support Module), which will be enabled, you are using the standard BIOS firmware to start and boot a PC. Don't disable it to check the difference, the PC won't boot, you must install Windows in a slightly different way to all UEFI booting. Most PC enthusiasts still don't use UEFI booting, due to a few constraints that currently exist, such as not being able to use most video cards. Sounds weird, I know, or semi-accurate, but it's true, no details for now.
On topic (?), Secure Boot. Yes it can "lock out" software of any kind in the pre-OS environment that does not have the magic key, so has the potential to be abused as you described. Secure boot is an option of the UEFI design or spec, Microsoft did not create it or owns it. It is not controlled in Windows, although an OS must support it in order for it to work. The keyword here is it is an option, or should be an option. It is a simple, one line option in a UEFI, enabled or disabled. Your board may not have it, but wardog's and my boards do. It is disabled by default, or should be IMO. There is also the "security key" that the user should have control of, but that option and the extent of it varies from board to board. Full control allows the user to enter their own key, for example.
That's where the trouble started apparently, and I really don't know the story so I'm not qualified to talk about it. But I have read about a few new laptops sold with Windows 8 that are setup with Secure Boot enabled, and no option in the UEFI/BIOS to disable it. That is where the "locked down" aspect is, trying to install another OS without knowing the key or having access to the key, or simply not being able to disable Secure Boot. Microsoft or whomever would need to somehow require/force every PC's BIOS to not allow Secure Boot to be disabled, among other things, to lock the PC owner into one OS brand. I can only imagine the mother of all lawsuits that the EU regulators would have thrown at MS if they did that, enough money to bail out Greece, etc.
Frankly, IMO many all in one PCs and laptops are already controlled and semi-locked down. If you change any hardware, your warranty and support are gone. I always thought it was that other PC company that controlled their platforms so tightly, with few complaints from their customers.
Comment