• WhyJiffie@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    11
    ·
    2 days ago

    america cannot really backdoor a specification. uefi is not software, but a specification, upon which firmwares can be built. that’s another story that we happen to be calling the firmware on our computers “the uefi”, but really there are quite a few different proprietary uefi implementations out there already.

    so, if that ws the reason, they could have just created their own UEFI firmware, and not something different

    • Tangent5280@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 day ago

      Hey you sound like someone who knows what they are talking about - is UBIOS also a specification like UEFI is a specification? Hypothetically could others also build firmware that adheres to this UBIOS specs?

      • WhyJiffie@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        24 hours ago

        this post was the first time I heard about UBIOS, so I’m not sure, but if the article is right then yes it is a specification. and if the documents are publicly accessible, then others could hypothetically make their own firmware that is (on paper) compatible.

        but there’s more to it. the reason libreboot and coreboot support so few boards is that unless you can get technical documentation from the board manufacturer about how do the components on the motherboard work, its very hard to create a working firmware. reverse engineering this kind of thing is very hard and very time consuming. even the UEFI specification only tells what should the firmware present to the user and the operating system, it leaves lots of things undefined about how should it interact with the hardware, but that’s ok because that’s not the point of it.
        then the board manufacturer is able to implement firmware verification that cryptographically prevents third party firmware from being used. on android, the boot process is a long chain of bootloaders, where the first one is stored in physically read-only storage and does not continue booting if the secondary bootloader has been replaced with an unauthorized implementation. when you unlock your phones bootloader to install a better android, you basically configure the secondary bootloader to accept booting a third party system. but if the manufacturer didn’t want to let you do it, they could just take this function away. also, the UBIOS specification could be incomplete, missing specification for some functionality that is necessary for an operating system to work with it. that can be a mistake or intentional.