But now you're stretching. Secureboot will not do that for you. It looks for a signature and if it finds it, it boots. It doesnt look for hashes or modifications or viruses or anything else.. All that needs done is to make sure the signature exists. It may not have been done yet, But I'm absolutely positive it will. Everything MS does gets hacked.. You think this will be any different?
I'll bet that in 2 years from now there will be more boot viruses than ever before -simply- because secureboot provided the temptation.
That's why they are under no obligation to make sure Secure Boot plays nice with Linux. They're just looking out for Windows. Which is PRECISELY what they are doing with Secure Boot.
Just like you don't care about Microsoft and Windows, Microsoft does not need to care about Linux users having issues with Secure Boot. Except that they ARE by offering signing services. Garett managed to get his shim signed by Microsoft, and that shim is now freely distributed to everybody and it forms the basis for the bootloaders used by Ubuntu, Fedora and SuSe (no word on OpenSUSE yet).
But then again, most idiots in the Linux world can't even see beyond the year 2002. Thank god I jumped from Fedora 17 to Windows 8 as soon as it came out. Pure hardware bliss without the stinking political 'free shit' baggage.
You can use whatever OS you prefer to use. What ever floats your boat. Anything that tickles your tonsil. As long as I'm allowed the same freedom please.
Hell If I ever get to the spot that I can't get my favorite OS to boot because of secureboot, I'm sure I'll be involved with the crowd that is hacking it.
EDIT: I can't even begin to imagine all of the un-hackable protection schemes that have been hacked. My favorite has got to be AACS though. It took some time, but guess what happened...... Now I can --FINALLY-- play my bluray movies on my media center. It's just one example of many where the dumb ass shit that corporate america does gets pushed into there dumb ass faces. I'm sure MS is going to be eating their own shit when this gets shoved so far up their ass that they can taste it.
It's a basic law of physics. If there are 10 computers with secureboot running on it, then the opportunities for finding flaws are limited. If there are 85,000,000 computers running it, then the abundance of opportunity will prevail. At least some of those computers will exhibit qwerks that will be learned from and adapted.
SecureBoot is not a Microsoft creation. Never has, never will. It's part of the UEFI standard that was formally agreed upon and pushed out to all mainboards in the last 2 -3 years. Microsoft is only the first company to require Secure Boot for its operating system.
If you have a problem with that, take it up to the UEFI board, not Microsoft. As far as Microsoft is concerned, they have already fulfilled their obligations by making sure that all x86 machines will have an option to allow the enrolling of custom keys into the Secure Boot signature list (by providing the signing service nobody wants to offer) and stipulating that x86 machines must provide the ability to turn off Secure Boot.
The options are already there. If Linux users love to proclaim that they will pay for Free software, it's time for them to put their money where their mouth is and donate to their distro of choice so that the maintainers can raise the one-time $99 fee (which goes to VeriSign, NOT Microsoft) to get their bootloader signed and ensure that the distro will play nice with Secure Boot.
Lastly, Garett is not stopping any distribution from using his shim. So in all respects the solution is already out there and ready to be used, just like how Ubuntu, Red Hat, Fedora and SUSE have already started using Shim. Unfortunately, the desire for 'my own solution because I don't want to use someone else's work which is already freely available because my ego is too big', an over-inflated sense of entitlement, along with the fanboy hate for Microsoft blinds everyone to the immediate solution already made available.
One last thing: Linux is not about market share? Not in this corporate world. If you want to be taken seriously by OEMs and hardware vendors or even have the clout to overturn asinine decisions like Secure Boot, market share is a must-have. Get that desktop market share from 1.4% up to at least 10% and I can assure you Microsoft will have to think thrice when stipulating hardware conditions for OEMs for subsequent versions of Windows in the future.