Language Selection

English French German Italian Portuguese Spanish

UEFI secure booting (No Linux for You)

Filed under
Linux
Microsoft

The UEFI secure boot protocol is part of recent UEFI specification releases. It permits one or more signing keys to be installed into a system firmware. Once enabled, secure boot prevents executables or drivers from being loaded unless they're signed by one of these keys. Another set of keys (Pkek) permits communication between an OS and the firmware. An OS with a Pkek matching that installed in the firmware may add additional keys to the whitelist. Alternatively, it may add keys to a blacklist. Binaries signed with a blacklisted key will not load.

There is no centralised signing authority for these UEFI keys. If a vendor key is installed on a machine, the only way to get code signed with that key is to get the vendor to perform the signing. A machine may have several keys installed, but if you are unable to get any of them to sign your binary then it won't be installable.

This impacts both software and hardware vendors.

rest here




UEFI Video

This impacts both software and hardware vendors.

Death to Microsoft!

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Leftovers: OSS

Ubuntu Images for Oracle

  • Certified Ubuntu Images available on Oracle Bare Metal Cloud Service
    Certified Ubuntu images are now available in the Oracle Bare Metal Cloud Services, providing developers with compute options ranging from single to 16 OCPU virtual machines (VMs) to high-performance, dedicated bare metal compute instances. This is in addition to the image already offered on Oracle Compute Cloud Service and maintains the ability for enterprises to add Canonical-backed Ubuntu Advantage Support and Systems Management. Oracle and Canonical customers now have access to the latest Ubuntu features, compliance accreditations and security updates.
  • Canonical's Certified Ubuntu Images Land in Oracle's Bare Metal Cloud Service
    Canonical announced the official availability of Certified Ubuntu images in Oracle's Bare Metal Cloud Services, which accompany the images that the company already provides in the Oracle Compute Cloud Service. Canonical's Certified Ubuntu images in Oracle Bare Metal Cloud Services are a great addition because they promise to provide developers with dedicated, high-performance bare-metal compute instances, as well as virtual machines with up to 16 Oracle Compute Unit (OCPU). They also add the ability for Oracle's enterprise customers to access the latest and greatest Ubuntu features.

Leftovers: Software

today's howtos