>The biggest flaw in Secure Boot is the spec requires a single Platform Key. You can add more keys, but they must be signed by the Platform Key
I think this that is just wrong, can someone please verify? I thought the user could add their own master keys to boot their own OSes apart from being able to disable secure boot as mandated by Microsoft for Windows certification (as much as it can force OEMs without the anti-trust rulings stopping it from mandating requirements to OEMs).
There is so much FUD and misinformation spread by folks who you would think be otherwise smart and knowledgeable that it's hard to find to what to believe and what not to.
I think this that is just wrong, can someone please verify? I thought the user could add their own master keys to boot their own OSes apart from being able to disable secure boot as mandated by Microsoft for Windows certification (as much as it can force OEMs without the anti-trust rulings stopping it from mandating requirements to OEMs).
There is so much FUD and misinformation spread by folks who you would think be otherwise smart and knowledgeable that it's hard to find to what to believe and what not to.