Language Selection

English French German Italian Portuguese Spanish

UEFI secure booting (No Linux for You)

Filed under

The UEFI secure boot protocol is part of recent UEFI specification releases. It permits one or more signing keys to be installed into a system firmware. Once enabled, secure boot prevents executables or drivers from being loaded unless they're signed by one of these keys. Another set of keys (Pkek) permits communication between an OS and the firmware. An OS with a Pkek matching that installed in the firmware may add additional keys to the whitelist. Alternatively, it may add keys to a blacklist. Binaries signed with a blacklisted key will not load.

There is no centralised signing authority for these UEFI keys. If a vendor key is installed on a machine, the only way to get code signed with that key is to get the vendor to perform the signing. A machine may have several keys installed, but if you are unable to get any of them to sign your binary then it won't be installable.

This impacts both software and hardware vendors.

rest here

UEFI Video

This impacts both software and hardware vendors.

Death to Microsoft!

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Red Hat and Fedora

Android Leftovers

Zorin OS 12 Beta - Flat white, no sugar

I did not do any other testing, no extensive tweaking, no customization. I felt no need or desire to do so. Now, do remember Zorin OS 12 is still in beta, so we can excuse some of the problems we see here. But others are purely Ubuntu, and have been ported over from the parent distro without any discrimination or any improvements and fixes introduced in the last six months. The big offenders include: multimedia and smartphone support, poor software management, and then the somewhat heavy utilization and slow performance. Zorin is quite pretty but weary on the eyes, it tries perhaps too hard to be more than it is, and overall, the value it brings is negatively offset by the myriad papercuts of its design and the implementation of its unique style, plus the failings of the Ubuntu family. It's an okay choice, if you will, but there's nothing too special about it anymore. It's not as fun as it used to be. Gone is the character, gone is the glamor. This aligns well with the overall despair in the Linux desktop world. Maybe the official release will be better, but I doubt it. Why would suddenly one distro excel where 50 others of the same crop had failed with the exact same problems? Final grade, 5/10. Test if you like the looks, other than that, there's no incentive in really using Zorin. Oh how the mighty have fallen. Read more

PlayStation 4 hacked again? Linux shown running on 4.01 firmware

Hackers attending the GeekPwn conference in Shanghai have revealed a new exploit for PlayStation 4 running on the 4.01 firmware. In a live demo you can see below, once again the Webkit browser is utilised in order to inject the exploit, which - after a conspicuous cut in the edit - jumps to a command line prompt, after which Linux is booted. NES emulation hilarity courtesy of Super Mario Bros duly follows. Assuming the hack is authentic - and showcasing it at GeekPwn makes the odds here likely - it's the first time we've seen the PlayStation 4's system software security compromised since previous holes in the older 1.76 firmware came to light, utilised by noted hacker group fail0verflow in the first PS4 Linux demo, shown in January this year. Read more Also: 'Deus Ex: Mankind Divided' Coming To Linux In November, Mac Port On Hold