We have moved to a new Sailfish OS Forum. Please start new discussions there.
1 | initial version | posted 2015-10-13 16:51:55 +0200 |
Is the UEFI/bootloader of the jolla-tablet locked down? Can I replace the UEFI/bootloader? Is the Jolla-Tablet using the Intel Boot Guard? coreboot blog about Intel Boot Guard
To have a good and secure device it's necessary to update the bootloader. As well it's much more secure to have an open-source bootloader. The ChromeOS is doing the splits between an open-source firmware/UEFI, secure device and a hackable device. You have to open the device up to install your own UEFI/bootloader, but it's possible (write protect screw).
Intel develops IntelBootGuard, it verifies the UEFI/BIOS when the computer starts. The verification is based on cryptographic algorithm signature (RSA). The key is fused into the chipset itself. If the verification fails, the device will not boot. If this happens, the device is a brick.
So the final though is: Who owns the jolla tablet? Do I own it or Jolla owns it? old video over TPM but it fits for IntelBootGuard
PS. I would like to port coreboot to the jolla tablet.
2 | No.2 Revision |
Is the UEFI/bootloader of the jolla-tablet hardware locked down? Can I replace To have a good and secure device it's necessary to update the bootloader. As well it's much more secure to have an open-source bootloader. The ChromeOS is doing the splits between an open-source firmware/UEFI, secure device and a hackable device. You have to open the device up to install your own UEFI/bootloader, but it's possible (write protect screw). Intel develops IntelBootGuard, it verifies the UEFI/BIOS when the computer starts. The verification is based on cryptographic algorithm signature (RSA). The key is fused into the chipset itself. If the verification fails, the device will not boot. If this happens, the device is a brick. IntelBootGuards take the ownership away from the user. To have a good and secure device it's necessary to update the bootloader. As well it's much more secure to have an Intel develops IntelBootGuard, it verifies the UEFI/BIOS when the computer starts. The verification is based on cryptographic algorithm signature (RSA). The key is fused into the chipset itself. If the verification fails, the device will not boot. If this happens, the device is a brick. So the final though is: Who owns the jolla tablet? Do I own it or Jolla owns PS. I the UEFI/bootloader?
UEFI?
open-source bootloader. The ChromeOS is doing the splits between an open-source firmware/UEFI, secure device and a hackable device. You have to open the device up to install your own UEFI/bootloader, but it's possible (write protect screw). firmware like coreboot?it?
it? old video over TPM but it fits for IntelBootGuardwould like to will port coreboot to the jolla tablet.tablet if possible because of IntelBootGuard.
PPS. EDIT change the question topic to be more understandable and move the bullet points downwards.
3 | No.3 Revision |
To have a good and secure device it's necessary to update the bootloader. As well it's much more secure to have an open-source bootloader. The ChromeOS is doing the splits between an open-source firmware/UEFI, secure device and a hackable device. You have to open the device up to install your own UEFI/bootloader, but it's possible (write protect screw).
Intel develops IntelBootGuard, it verifies the UEFI/BIOS when the computer starts. The verification is based on cryptographic algorithm signature (RSA). The key is fused into the chipset itself. If the verification fails, the device will not boot. If this happens, the device is a brick. IntelBootGuards take the ownership away from the user.
So the final though is: Who owns the jolla tablet? Do I own it or Jolla owns it? old video over TPM but it fits for IntelBootGuard
PS. I will port coreboot to the jolla tablet if possible because of IntelBootGuard. PPS. EDIT change the question topic to be more understandable and move the bullet points downwards.
4 | No.4 Revision |
To have a good and secure device it's necessary to update the bootloader. As well it's much more secure to have an open-source bootloader. The ChromeOS is doing the splits between an open-source firmware/UEFI, secure device and a hackable device. You have to open the device up to install your own UEFI/bootloader, but it's possible (write protect screw).
Intel develops IntelBootGuard, it verifies the UEFI/BIOS when the computer starts. The verification is based on cryptographic algorithm signature (RSA). The key is fused into the chipset itself. If the verification fails, the device will not boot. If this happens, the device is a brick. IntelBootGuards take the ownership away from the user.
Is the Jolla-Tablet using the Intel Boot Guard? coreboot blog about Intel Boot Guard
Can I replace the UEFI with open-source firmware like coreboot?
So the final though is: Who owns the jolla tablet? Do I own it or Jolla owns it? old video over TPM but it fits for IntelBootGuard
PS. I will port coreboot to the jolla tablet if possible because of IntelBootGuard. PPS. EDIT change the question topic to be more understandable and move the bullet points downwards.