On Thursday, February 1, 2018 at 6:18:14 PM UTC+1, vel...@tutamail.com wrote:
> Is legacy BIOs still preferred and likely compatible with 4.0 when final?
You're seeing it backwards, flipping it around and you might see where the
Instead ask, is UEFI reliable/secure now? In short, no, and probably not for a
long time unless some big changes arrive in the mainstream market, which is
unlikely to happen any time soon.
As I understand it, the LegacyBIOS is so slowly updated, or not updated at all,
that Xen/Kernel updates can keep up to speed with it and fix issues not fixed
in the LegacyBIOS. But UEFI is another story altogether, not to forget a highly
fragmented distribution of different releases, which is impaired in many ways
(briefly mentioned further below). This is why UEFI under current schemes, will
never catch up to high quality the way it works now, and it will never become
anything "reliable" that you might want.
In other words, it requires a shift in politics, business ethics, laws, or even
the appearance of a strong competitor which provides open and high quality
motherboard firmware which becomes distributed mainstream. And none of that is
happening, hence we're locked in with poor UEFI updates.
Every motherboard provider update their own motherboards, and they are all
tailored for each model of motherboard released. In a sense, this is similar to
how updates are distributed on Android, or upstream/downstream Linux updates,
it can be a major issue, especially if not enough attention is put to it. The
problem with motherboard companies though, is that they rarely do much effort
to maintain their firmware, especially on the cheap motherboards, but not
exclusively so. Some cheap boards can be decent too, but it's like a needle in
a haystack without someone buying it and reviewing the motherboard for you
first, or just trying your luck...
Some motherboards will never even get properly updated, they'll just ignore the
customers who bought it. And this issue won't go away, because there are little
better competition to be found when all of them are doing the same careless
Just look at the printer or router industry, they all are ignoring costs
required to keep it up to date, reliable and secure. Thereby increasing their
profits by reducing costs, trying to hide the fact from customers that they are
doing so. If enoguh customers were aware and was annoyed by it, then a new
better business taking customers needs into consideration may easier appear,
but that hasn't happened yet. Not to forget, there are big muscles on the
market, it isn't so easy for a new company to emerge without some serious
These existing companies do not want to make something needlessly more
expensive to increase the quality, just to satisfy a customer, who has little
or no better alternative on the market anyway. You're locked in, you can't pick
much better, at least not at that price or if you go look for reviews. And even
then, expensive doesn't mean it'll be good either.
Combine this corruption of businessses with the security implication Marek
explanation up above, and you'll quickly see why this is going nowhere anytime
soon. UEFI is no quality, and is very slowly updated and maintained.
Quite a few motherbord companies even discourage you to update the motherboard
unless something is explicitely broken and an update may fix it. In other
words, they're saying: "if it works, don't update". This is just absurd... and
it isn't ard to make a double BIOS/UEFI motherboard to secure it against failed
updates either. They are just trying to maximize profits, ignoring customer
needs, and they're especially happy the less people know about this business
model they're using, because then it's easier to maintain buggy
hardware/software at little cost, and keep the profits coming in.
But there is a big problem with that in terms of quality and customer needs,
since this way you don't get the few security or other updates you may want.
You could get other motherboard firmware's though, like
Some people here are pretty good with alternative motherboard firmware's, maybe
you're lucky that some will post here to get some more detailed answers on how
to go about it if you want to go down that road. If no one posts here, then try
search old posts here in the qubes mail threads, or make a new thread asking if
they do not answer your questions.
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to firstname.lastname@example.org.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.