Delivering a secure and fast boot experience with UEFI

Download this episode

Download Video

Description

Unified Extensible Firmware Interface (UEFI) mode and Secure Boot are critically important to creating a more secure platform. This session will discuss the benefits of UEFI, including key features of Windows 8 that depend on UEFI, such as BitLocker and Seamless Boot. This session also will cover technical details of UEFI and updates to ACPI requirements.

Tags:

OEM, IHV, Silicon

Day:

2

Code:

HW-457T

Room:

Kodiak

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • User profile image
      Craig S

      This was by far one of the most informative sessions I have seen during this build conference, including the Windows Server 8 sessions. Thanks for such a great presentation!

    • User profile image
      David Skoll

      AKA how to make sure new computers cannot boot Linux.

      I'm sure MSFT is drooling at this prospect. "If you can't beat them,... cheat!"

    • User profile image
      Anonymous

      How do I boot Linux, BSD, Solaris, Plan 9, Haiku, DOS or any other operating system?

    • User profile image
      Leonardo

      So now no one can boot a non-MS operating system? That's your idea of innovation? Or it's fear from competitors? Force everyone to use that crappy Windows 8 interface with severe mistakes in UI design?

      You are simply ridiculous. Like Win Phone 7 (does WP7 already passed Bada market share? Oh, no, not yet). Honestly, I hope that Google just continues to beat you in competition like today. At least, they use their own capacity to compete on the market, not cheap shots like this.

    • User profile image
      Goncalves

      I will NEVER buy a computer with locked boot.

    • User profile image
      aywnheqk

      I have to join Goncalves and boycott UEFI based hardware, it's just another way for a company to try to lock hardware manufacturers to sell just one and only operating system (personally I have to say that OS isn't worth the money, they should be paying people to use it, not the other way around).

    • User profile image
      Thomas

      I really enjoyed the session as well as the ask the experts round table. Arie was very informative ...

    • User profile image
      Tiao

      He say like "our trusted location servers will not fail".

      I´m just thinking when for some reason the Active Directory gets mad/crashes(and it´s not dificult due to the amount of Windows administrators that don´t think about HA/Security/Redundancy) and all the "Trusted Location" became a "swamp of screams"....

      What will be the next step. Lock the user brain to just one computer?

    • User profile image
      rich norris

      In a way , I am glad that microsoft dont like linux, as long as they are against it, they wont have much input into how it is constructed, which is a good thing as if they do "get involved" where do we go then to get away from gates?
      I know there are a lot of distributions but some of them run on the same base.
      For my part I will continue to dual boot untill something replaces Cubase or they port it to ubuntu (wishfull thinking ??), also linux is still very much like 98 insofar as if you want to run certain audio interfaces (tascam us144) you have to become command line comfortable.

    • User profile image
      David Skoll

      NOTE TO HARDWARE VENDORS:

      I am in charge of buying hardware at my (small) company. We buy several tens of thousands of dollars of PC hardware per year... not a lot in the big scheme of things, but a lot for a small company.

      We will UNDER NO CIRCUMSTANCES purchase any hardware that does not allow us to install Linux. So those hardware vendors who want to be Windows 8 compliant, think very carefully. If you don't provide a way to disable bootloader verification or allow end-users to insert their own verification keys, you will not get our business.

      I encourage anyone else in this position to post here.

    • User profile image
      Dennis

      IF this means that the device is not able to boot alternative OSes, don't kind on my money.

    • User profile image
      Carlos

      OMG... now the BIOS will need easy hard drive switch boot interface?

    • User profile image
      JasonT

      I am glad the support for other ugly OSes is removed. It always confuses and dirties the system's core. Win-Win for Windows!

    • User profile image
      Johannes

      You really shouldn't have shown the "foreign languge"-BOSD. Not only because it obviously has problems with unicode but also because the German in it is complete rubbish.

      Finally swithiching to UEFI however is great. And those boot times are amazing!

    • User profile image
      Ted

      :( WTF I've just spend hundreds of dollar for this full windows 7 proffesion version and now this. I want half my money back since i barely had it for a year. This is ridiculous, one os after another within a year or two. I'm not spending another 200 to 300 hundred dollar just for another load of garbage that'll just get replace by another withing 2 to 3 years down the line.

    • User profile image
      Nigel

      A PC locked to run Windows is a PC that my faculty will never purchase. Some (most) of our scientists need to run Linux. We prefer to standardise hardware platforms (rapid response swap in/out, image deployment etc.), so any machine that locks out Linux by design is a machine that won't get purchased for any purpose at all.

      Personally I'd go further and add all other hardware manufactured by an offending manufacturer to the blacklist.

      If you want lock-in, buy a Mac. Microsoft, if you do this, stop calling the platform a PC. It can't do a large class of things that a curent PC can, so it's a LoseBox or a PC-minus or something.

    • User profile image
      kalgin

      There will be an option to switch off UEFI on a hardware level and install Linux or any other OS you need. Windows 8 users will keep UEFI enabled and benefit from it, the rest will switch off UEFI and install their OS of choice.

    • User profile image
      Vinicius Paluch

      Greate security innovations will came with UEFI. Regular users will get more secure.

      I´m sorry Linux guys. Have to certificate your OSs. Surelly hardware vendors will maintain versions with old fashioned BIOS for old fashioned OSs.. try to evolve insetead of complain.

       

    • User profile image
      Davide Bolcioni

      If there is an option to install keys of the owner's choice, and remove default keys (Microsoft's key will become a prime target for mafias and rogue states), this is a minor but welcome security improvement. If not, it's a reason to spend your money somewhere else.

    • User profile image
      baker

      But can't you disable secure boot? which means that linux and such OSs can be used on UEFI systems?

      Thats what i heard from some other lecture in Build (or maybe i misunderstood!)

    • User profile image
      Ferran Jorba

      @Vinicius:

      regular users will get more secure as son as they leave Windows. Now that all my family has moved to Linux (Debian, in our case) we've forgotten about viruses, spyware, and all those threads. We only buy computers that may run Debian. No UEFI at home.

      Now, that's evolution, sir.

    • User profile image
      Anon

      Good. Garbage operating systems such as Linux should be locked out.

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.