Language Selection

English French German Italian Portuguese Spanish

Blocking Linux From Booting

Filed under
Linux
Mac
  • Don’t Panic, You Can Boot Linux on Apple’s New Devices

    Does Apple stop Linux from booting on its newly refreshed Mac Mini PC or MacBookAir laptops?

    That’s the claim currently circling the web‘s collective drain. The posit is that the new T2 ‘secure enclave’ chip Apple has baked in to its new models prevents Linux from booting.

    But is this actually true?

    Kinda. The answer is both “yes, technically” and “no, not completely”.

  • Apple's New Hardware With The T2 Security Chip Will Currently Block Linux From Booting

    Apple's MacBook Pro laptops have become increasingly unfriendly with Linux in recent years while their Mac Mini computers have generally continued working out okay with most Linux distributions due to not having to worry about multiple GPUs, keyboards/touchpads, and other Apple hardware that often proves problematic with the Linux kernel. But now with the latest Mac Mini systems employing Apple's T2 security chip, they took are likely to crush any Linux dreams.

    At least until further notice, these new Apple systems sporting the T2 chip will not be able to boot Linux operating systems. Apple's T2 security chip being embedded into their newest products provides a secure enclave, APFS storage encryption, UEFI Secure Boot validation, Touch ID handling, a hardware microphone disconnect on lid close, and other security tasks. The T2 restricts the boot process quite a bit and verifies each step of the process using crypto keys signed by Apple.

"...Blocking Linux From Booting"

  • Apple’s T2 Security Chip Is Currently Blocking Linux From Booting

    Linux enthusiasts must be knowing that one can run Linux distributions on Apple’s older hardware, including the MacBook Air. The quality of Apple’s solid hardware had even prompted Linux creator Linus Torvalds to use MacBook Air to run Linux in the past.

    However, the newer lineup Apple hardware is becoming increasingly hostile towards Linux. With the latest T2 security chip, Apple’s latest Mac Mini is stopping Linux from booting, as reported by Phoronix. I guess it would be safe to assume similar results on other newer Apple hardware.

Thom Holwerda's Take

  • Apple blocks Linux on new Macs with T2 security chips

    Right now, there is no way to run Linux on the new Mac hardware. Even if you disable Secure Boot, you can still only install macOS and Windows 10 - not Linux. Luckily, Linux users don't have to rely on Macs for good hardware anymore - there are tons of Windows laptops out there that offer the same level of quality with better specifications at lower prices that run Linux just fine.

The update

  • Apple T2 Security Chip removes Linux support from some newer Macs [Update]

    A reader has pointed out that it's possible to disable Secure Boot on T2-equipped devices making it possible to boot and install Linux distributions. To run Linux you must first access the Startup Security Utility and choose the 'No Security' option, here are the instructions on how to access to the utility...

Booting Linux On New Apple Hardware

  • Booting Linux On New Apple Hardware

    I ran across articles that point to the fact that Apple (with new hardware) is making it difficult to boot into Linux. This would seem to be a perpetuation of Microsoft and Apple attempting to "elbow" Linux aside. Whether true or not, I do not know.

    My viewpoint is simply a reflection of reading passing headlines. I don't know whether Microsoft and Apple are actually attempting to frustrate the adoption of Linux as a mainstream operating system. If they weren't; my guess would be that both Microsoft and Apple would have been working with the Linux community to have a (universal) secure boot option that would work with virtually all operating systems.

Macs to Linux fans: Stop right there

  • Macs to Linux fans: Stop right there, Penguinista scum, that's not macOS

    The knickers of the Linux world have become ever so twisty over the last few days as Penguinistas fell foul of the security hardware in their pricey Apple hardware.

    Reports are coming in of Linux fans struggling to get their distribution of choice to install on the latest Cupertino cash cows with fingers pointed at the T2 chip.

    The T2 does all manner of things in the latest batch of Macs (including the new MacBook Air and Mac mini models announced last week) including dealing with the SSD, audio, and secure boot. And it is with the latter that problems appear to be occurring.

Linux could be banned on Apple’s new Macs

  • Linux could be banned on Apple’s new Macs

    Apple recently announced their new Macs with powerful chipsets and enhanced security. The security has been beefed up with an Apple T2 Security Chip that provides a strong and Secure Enclave co-processor that is mainly responsible for TouchID, APFS storage encryption, UEFI Secure Boot validation, Touch ID handling, a hardware microphone disconnect on lid close, and others. This same chip also enables the secure boot feature on most new Apple computers, which could be a huge block for most Linux installations.

    A report by Phoronix states that the T2 Chip has been blocking Linux from booting and only allows Apple MacOS and Microsoft Windows OS to work well.

You can’t run Linux on Apple’s 2018 Macs

No, Apple's not locking you out of Linux

  • No, Apple's not locking you out of Linux on Mac with the T2 chip

    Apple's T2 Security Chip provides a lot of great features for the vast majority of people, including secure boot, real-time AES 256-bit data encryption, and even Touch ID authentication for MacBook Air and MacBook Pro. For them, it's on by default and should just be left on by default.

    Because of that security, it's led some power-users to believe that Apple is locking down T2 machines, including those MacBooks as well as the iMac Pro and new Mac mini, so completely you will no longer be able to do things like boot into Linux.

    My understanding is that you can, in fact, boot into Linux if you really want to. You just need to disable secure boot on your Mac first.

Microsoft holds the keys

  • Linux could be banned on Apple’s new Macs

    A report by Phoronix states that the T2 Chip has been blocking Linux from booting and only allows Apple MacOS and Microsoft Windows OS to work well.

    Apple explains that there is currently no trust provided for the Microsoft Corporation UEFI CA 2011, which would allow verification of code signed by Microsoft partners. UEFI CA is commonly used to verify the authenticity of bootloaders for other operating systems such as Linux variants.

Apple's new bootloader won't let you install GNU/Linux

  • Apple's new bootloader won't let you install GNU/Linux

    Locking bootloaders with trusted computing is an important step towards protecting users from some of the most devastating malware attacks: by allowing the user to verify their computing environment, trusted computing can prevent compromises to operating systems and other low-level parts of their computer's operating environment.

    But as with every security measure, there's a difference between "secure for the user" and "secure against the user." Bootloader protection that doesn't allow an owner to decide which signatures they trust is security against the user: security that prevents the user from overriding the manufacturer, and so allows the manufacturer to lock the user in.

    Apple's latest bootloader protection, the controversial T2 chip, is a good example of this. The chip comes with a user-inaccessible root of trust that allows for the installation of Apple and Microsoft operating systems, but not GNU/Linux and other open and free alternatives.

What will Apple's T2 chip mean for the rest of us?

Apple Will Block Certain Third-Party Repairs

  • Apple’s T2 Security Chip Will Block Certain Third-Party Repairs, Users Might Have To Shell Significantly More For Repairs

    If you are a fan of Apple and a Gadget geek, you must be familiar with the T2 chip, which goes about as a co-processor in Apple’s devices and, is the key to a considerable lot of Apple’s freshest and most advanced features.

    Apple affirmed this is the situation for fixes including certain parts on more up to date Macs, similar to the rationale load up and Touch ID sensor, which is the first run through the organization has freely recognized the new fix necessities for T2 prepared Macs. In any case, Apple couldn’t give a rundown of fixes that required this or what gadgets were influenced. It additionally couldn’t state whether it started this convention with the iMac Pro’s presentation a year ago or if it’s another strategy organized as of late.

    The T2 is a customized component that performs different complex and essential functions such as preparing for Touch ID. It additionally stores the cryptographic keys important to boot the machines it keeps running on safely. According to Apple, the chip has new features, as well, for example, empowering the MacBook Pro to react to “Hello Siri” queries without expecting you to press a catch. It additionally keeps its workstation from being remotely worked on by programmers when the cover of the gadget is shut. Furthermore, the T2 chip is equipped for speaking with different segments with the end goal, to play out the simple most essential and advanced errands present day Macs are prepared to do.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's howtos

OSS Leftovers

  • The Power Of Open Source AI
    he open source software movement produced iconic innovations like the Firefox web browser, Apache server software and the Linux operating system—the genesis of the Android OS that currently powers 86% of the world’s smartphones. It also fostered a mindset around continuous improvement of tools that can be collaboratively shared, improved upon and distributed.
  • Apache Dubbo, the Java-based open source RPC framework becomes a Top-Level Project
    The Apache Software Foundation announced that the Java-based open source RPC framework used by giants like Alibaba, Apache Dubbo, is now a Top-Level Project. Let’s have a look at what this framework is all about. Apache Dubbo is a high-performance, Java-based Remote Procedure Call framework that has been in use at more than 150 companies, including giants like Alibaba Group or the Industrial and Commercial Bank of China. The Dubbo project was originally developed at Alibaba and open-sourced in 2011. It entered the Apache Incubator in February 2018 and the Apache Software Foundation announced that Dubbo is now a Top-Level Project!
  • Bridging divides with open source
    Application delivery is changing. At the risk of using buzzwords, it is being transformed – digitally. Continuous delivery has become the norm for DevOps (71 per cent plan on implementing, according to a study conducted by F5 and RedHat – NetOps Meets DevOps: The State of Network Automation), and continuous deployment must follow if business is to succeed in the era of Application Capital. While 73 per cent of organisations plan on pursuing continuous deployment, nearly half of them have yet to begin. A staggering 42 per cent have yet to automate a single component of the continuous deployment pipeline (according to a study conducted by F5 and RedHat – NetOps Meets DevOps: The State of Network Automation). [...] Applications themselves are mainly developed today from third-party components, a majority of them open source. Application infrastructure is increasingly built from open source components. From web servers to app servers, databases to ingress control, messaging to container runtimes and orchestration. IT operations are driven by open source tools like Puppet, Chef, Terraform, Helm, Kubernetes, and Ansible. These technologies are adopted because they answer multiple challenges: fast, frequent delivery and deployment along with a frictionless business model. They also encourage collaboration and innovation when entire organisations move to standardise on open source-based operations. None of that is possible without the passionate communities of developers who work tirelessly to improve their open source solutions. At F5, we appreciate the value of such communities. In a comparable example, our DevCentral community is based on collaborative innovation, guided by many of the same principles that drive open source projects. Code sharing and knowledge transfers across the community help the hundreds of thousands of members innovate and create new capabilities for our BIG-IP platform. With those solutions come new extensions, plug-ins, and libraries for open source projects like Puppet and Chef and node.js.
  • Open Source Analytics Platform Grafana Gets Update
    This week Grafana Labs announced the 6.2 release of its Grafana open source analytics platform...
  • Mozilla Revamps WebThings, its Open Source IoT
    Mozilla recently released its open source IoT platform, formerly called Project Things, as WebThings. Mozilla WebThings brings a series of logging, alarm, and networking features. Mozilla WebThings is an open source implementation of emerging Web of Things standards at the W3C. W3C Web of Things is an initiative that aims to reduce the IoT fragmentation, through the recently launched Web of Things Working Group. W3C started to develop the initial standards for the Web of Things, aiming to reduce the costs of development, lessen the risks to both investors and customers, and encourage exponential growth in the market for IoT devices and services.
  • WELL Health Acquires Ontario Open Source EMR OSCARprn for $876k
    WELL Health Technologies Corp. (“WELL”), a Vancouver, Canada-based company focused on consolidating and modernizing clinical and digital assets within the primary healthcare sector has acquired Ontario-based EMR provider OSCARprn – Treatments Solutions Ltd. OSCARprn is a trusted provider of EMR software, support and other services that work with OSCAR, an open source EMR platform developed by McMaster University in Hamilton, Ontario.
  • Carnegie Mellon’s Massive Open Source Initiative – Interview With the Leader Behind It
    In March, Carnegie Mellon University (CMU) announced an unprecedented initiative. Over the course of the year, they plan to release dozens of digital learning tools they have developed over the past decade on an open-source license. These include the learning analytics platform LearnSphere and their pioneering adaptive learning project the Open Learning Initiative (OLI). In all, CMU estimates $100 million in grants and university funding went into these efforts. The effort was spearheaded by the Simon Initiative, which continues the legacy of Nobel Laureate, Turing Award recipient, and CMU professor Herbert Simon.
  • iXsystems TrueNAS brings Open Source Economics to VMware vSphere [Ed: A BSD company is hooking up with a majot GPL violator]
  • André Laperrière: Executive Director at Global Open Data for Agriculture and Nutrition
    Andre Laperrière is executive director at the Global Open Data for Agriculture and Nutrition (GODAN) an initiative aiming to exchange ideas and knowledge to solve the world's looming food crisis
  • Open-source gene expression platform could yield more efficient food, biofuel crops
    An open-source RNA analysis platform has been successfully used on plant cells for the first time — a breakthrough that could herald a new era of fundamental research and bolster efforts to engineer more efficient food and biofuel crop plants. The technology, called Drop-seq, is a method for measuring the RNA present in individual cells, allowing scientists to see what genes are being expressed and how this relates to the specific functions of different cell types …. [T]he freely shared protocol had previously only been used in animal cells.

Open Hardware: Adafruit Feather and Stanford Doggo

  • Feather Plus Blackberry Equals Open Source Fauxberry
    The keyboard is a superior means of input, but to date no one has really figured out how to make a keyboard for small, handheld electronics. You could use tact switches, but that’s annoying, or you could use a touch screen. The best option we’ve seen is actually a Blackberry keyboard, and [arturo182] has the best example yet. It’s a small handheld device with a screen, keyboard, and WiFi that’s ready to do anything imaginable. Think of it as an Open Source Fauxberry. In any case, we want it. This project is actually a breakout board of sorts for the Adafruit Feather system, and therefore has support for WiFi, cellular, or pretty much any other networking of connectivity. To this blank canvas, [arturo] added an accelerator/magnetometer sensor, a single Neopixel, and of course the beautiful Blackberry keyboard. This keyboard is attached to an ATSAMD20G, a microcontroller with a whole bunch of I/O that translates key presses into I2C for the Feather.
  • Students from Stanford's Robotics Club Releases Open-Source Robo-Dog Online
    Robotics isn't cheap by any means, and no one knows this better than the students of the Extreme Mobility Team of Standford University's Robotics Club (SEMT). The materials used by university robotics clubs can cost upwards of tens of thousands of dollars, making it that much harder for many high schools and less well-funded colleges and universities to invest heavily in this important field of research.
  • Watch this open-source dog robot do backflips [Ed: This is more likely to be used in military rather than in aeronautics and astronautics (luxury of the rich)]
    “We’re hoping to provide a baseline system that anyone could build,” says Patrick Slade, graduate student in aeronautics and astronautics and mentor for Extreme Mobility.
  • Meet Doggo: Stanford’s cute open-source four-legged robot
    Doggo follows similar designs to other small quadrupedal robots, but what makes it unique is its low cost and accessibility. While comparable bots can cost tens of thousands of dollars, the creators of Doggo — Stanford’s Extreme Mobility lab — estimate its total cost to be less than $3,000. What’s more, the design is completely open source, meaning anyone can print off the plans and assemble a Doggo of their very own.
  • Stanford Students Built This Adorable, Bouncy, Open-Source Robot Dog
    Nearly all of the parts used to create Doggo were bought intact through the internet, while the rest can be easily 3D-printed. The total costs involved in building Doggo—including shipping and handling—amounted to less than $3,000, Kau and his team claim. Via the website Github, the team has also released all of the relevant information you would need to create your Doggo, including software coding, supply list, and manual instructions. From there, any enterprising roboticist could tweak the design to create an even more capable Doggo.

Programming: JavaScript, Perl, Python and C++

  • SD Times Open-Source Project of the Week: Knockout
    This week’s open-source project is Knockout (KO) and it works purely on JavaScript. KO is a JavaScript MVVM (a modern variant of MVC) library that enables developers to create rich, desktop-like user interfaces with JavaScript and HTML. KO uses “observers” that help the UI stay in sync with an underlying data model and declarative bindings to enable productive development, according to Knockout’s page on GitHub.
  • Why I love Perl 6

    love Perl 6 because, if that solution seems too scary to you (too infinite, too lazy, too concurrent, too pipelined, too Unicoded, too declarative, too functional, too much like something that an Erlang guru would code), then Perl 6 will equally allow you to write a plain and simple version: one that's imperative, iterative, block structured, variable-driven, pure ASCII, and more-or-less exactly what you'd write in Perl 5, or even in C: [...]

  • Python's creator thinks it has a diversity problem [Ed: Python has Microsoft entryism problems (far more urgent than this)]
  • Evennia: Creating Evscaperoom, part 1
  • Evennia: Creating Evscaperoom, part 2
  • Dissecting boost::astar_search
    Right now, I am having a hard time understanding BGL’s (the Boost Graph Library) template spaghetti, so decided to write a blogpost while I decipher it, one at a time, documenting the whole thing along the way.
  • KTextEditor/Kate Bugs – Scratch Your Own Itch