Name: Why UEFI?
Uploaded: 2018-12-19T07:39:44.000Z
Duration: 8 min 27 s
Description: Thousands of YouTube videos with English-Chinese subtitles! Now you can learn to understand native speakers, expand your vocabulary, and improve your pronunciation...

One of the really common frustrations I hear from people are their attempt to reboot their

computer from something other than its internal hard disk – CD or DVD or more recently,

The issue is with newer machines that come with what's called the UEFI BIOS replacement.

Technically, it's just UEFI but I think everybody more or less refers to it as the

BIOS is the software that is actually on your machine the instant you turn it on.

It's the software that is in charge of starting the thing up; booting the machine; knowing

how to load the initial operating machine or whatever.

UEFI is a replacement for the original BIOS that's been with us for probably a quarter

UEFI allows the manufacturers to take more advantage of the capabilities of their machine;

capabilities that just didn't exist 25 years ago.

So, one of the things that they've done, actually, a couple of the things that they've

done, have been to increase the security associated with rebooting your machine.

It boils down to a couple of different problems.

The most interesting problem, the most risky problem if you want to call it that is that

with an older BIOS, or with a UEFI configured to run in what's called “Legacy” mode

to mimic the behavior of an older BIOS, anybody can walk up to your computer, turn it off,

insert a USB stick, CD, or DVD, reboot it and then have complete control over your machine.

In other words, physical presence is all they need to be able to access pretty much anything

on your machine through one means or another.

What UEFI does is it restricts what happens when you reboot your machine.

You may notice that on newer machines that come with things like Windows 8 or Windows

10, the process to get into the BIOS, the process to get into the different settings

that may be present in the UEFI, is different.

You don't do it by holding down a key when you reboot the machine.

Instead, you actually have to reboot the machine into Windows and then using the Windows settings

app, go through and have it then reboot into whatever your manufacturer provides.

What that means, and the reason that's done is that insures that only people who actually

have administrative access to the machine can in fact, reboot into the UEFI configuration.

Somebody can't just walk up to your machine and do things like change the boot order.

By restricting UEFI access to going through this path where you have to go through Windows

or the installed operating system in order to be able to see those settings, you basically

One of the other settings that comes into play is this thing called secure boot.

What that does is it prevents you from booting into something that isn't authorized, if

Something that isn't an official signed, allowed copy of an operating system.

Now many people think that this is a Windows thing but Microsoft is all about this, but

This is actually something that's implemented by the hardware manufacturers that is something

that is implement in the BIOS that is in the all of these machines in UEFI BIOS that's

But in reality, it has nothing to do with Windows specifically.

Windows just happens to be one of the operating systems that conforms to this specification.

It does mean that when it comes time to reboot your machine, if secure boot is turned on,

It will actually only boot from things that it is allowed to boot from, which means you

can't just download a random operating system from the internet and expect your machine

to boot into if secure boot is turned on.

So, unfortunately, what most people then ask is, “Great, how do I turn secure boot off?

How do I return my machine to a configuration that allows me to do the things I need to

The answer is, as so many times comes, it depends.

That's a situation I'm in as far as I can tell with my original Microsoft Surface

For the life of me, I cannot get it to boot from anything other than its internal hard

The UEFI BIOS is configured for this secure boot mode.

It is configured in such a way that I do not have access to the actual UEFI settings and

that's a choice that the computer manufacturer (Microsoft in this case) happened to make.

If that machine's hard disk fails, to be honest, I'm not sure what I'll do.

In other cases, it depends, again, on exactly the permissions that your computer manufacturer

You would start with the settings app but where you go will depend on exactly what your

computer manufacturer has allowed for and pre-configured.

Even then, when you reboot into the UEFI settings, like the BIOS before it, UEFI varies from

machine to machine, from manufacturer to manufacturer.

They're many things you can do with it but exactly which UEFI implementation is being

used by your computer manufacturer will vary.

What that really boils down to, the bottom line here is that I can't tell you for your

machine exactly what steps you need to take undo or to go back to a Legacy type scenario

You need to check with the documentation that came with your computer or you need to check

with the computer manufacturer to find out what capabilities are available to you and

then exactly what steps you need to take to make the configuration changes that will allow

So, UEFI, it really is all about protecting you from random, what I'll call “drive-by

reboots” where someone can just walk up to your machine and take control by rebooting

it randomly into whatever they happen to have in their pocket.

In home environments – maybe not so much.

How do you react to all of this security that's being implemented by UEFI?

If it is an issue for you, how have you been working around it?

As always, here's a link to this article posted on Ask Leo!

That's where all the comments are read; that's where all the comments are moderated.

I'd love to hear your experience with UEFI.

Subtitles ListPlay Video

Why UEFI?

incredibly

process

scenario

present