Language Selection

English French German Italian Portuguese Spanish

UEFI secure booting (part 2)

Filed under
Microsoft

Microsoft have responded to suggestions that Windows 8 may make it difficult to boot alternative operating systems. What's interesting is that at no point do they contradict anything I've said. As things stand, Windows 8 certified systems will make it either more difficult or impossible to install alternative operating systems. But let's have some more background.

We became aware of this issue in early August. Since then, we at Red Hat have been discussing the problem with other Linux vendors, hardware vendors and BIOS vendors. We've been making sure that we understood the ramifications of the policy in order to avoid saying anything that wasn't backed up by facts. These are the facts:

* Windows 8 certification requires that hardware ship with UEFI secure boot enabled.

* Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we've already been informed by hardware vendors that some hardware will not have this option.

* Windows 8 certification does not require that the system ship with any keys other than Microsoft's.

* A system that ships with UEFI secure boot enabled and only includes Microsoft's signing keys will only securely boot Microsoft operating systems.

More here




Also:

An obvious question is why Linux doesn't support UEFI secure booting. Let's ignore the issues of key distribution and the GPL and all of those things, and instead just focus on what would be required. There's two components - the signed binary and the authenticated variables.

Rest of that here

More in Tux Machines

New Releases

  • Security-Oriented Qubes OS 3.2 Improves the Integrated Management Infrastructure
    Today, September 29, 2016, Joanna Rutkowska announced the general availability of the second point release of the Qubes OS 3 stable series of the security-oriented and open-source Linux-based computer operating system. Qubes OS 3.2 is a maintenance release, which means that it mostly adds general fixes and improvements to various of the distribution's core components and functionalities, including the integrated management infrastructure that was introduced as part of the previous update, Qubes 3.1, allowing users to also manage the "insides" of a virtual machine.
  • Alpine Linux 3.4.4 Is Out, Ships with Linux Kernel 4.4.22 LTS, OpenSSL Patches
    Today, September 28, 2016, Alpine Linux creator and lead developer Natanael Cop has the pleasure of announcing the release of the fourth maintenance update to the latest stable Alpine Linux 3.4 server-oriented operating system series. Alpine Linux 3.4.4 is out as the most advanced version, powered by the recently released, long-term supported Linux 4.4.22 kernel and bringing up-to-date components to make your Alpine Linux-based server(s) more stable and reliable than ever. Most of the core components have been updated, but the most important one is OpenSSL 1.0.2j, which received the latest security fixes, just like in the rest of the GNU/Linux distros.

Leftovers: Software

  • Web Publishing and Development: Free Tools Abound
    Are you involved in DevOps and web development, or are you aiming to be? If so, you're probably very aware of many of the tools from the open standards and open source arenas that can make your work easier. Still, these are always spreading out at a fast clip and there are some applications and tools that are rarely discussed. Here at OStatic, we try to regularly update our collections focused on them. In this post, you'll find our latest roundup of free resources for web development that range from complete online courses available for free to unsung applications.
  • Phoronix Test Suite 6.6.1 Released
  • Skype for Linux Alpha 1.9 Adds a Dark Theme, Notification Muting
  • GNOME Calendar Pencils In Great New Features
    GNOME Calendar is one of the few decent desktop calendaring apps available on Linux — and it's going to get better.
  • The future of GNOME Calendar
    Today, the Calendar Team had the first meeting in history. Isaque, Lapo, Renata, Vamsi and I attended it, and the meeting was extremely productive! In fact, we were able to sketch out the general direction that GNOME Calendar will head towards.

More Android Leftovers

  • ​Google beats back Oracle again in Java Android case
    To recap, Oracle claimed the 37 Java application programming interface (API) packages Google used to develop Android are covered by copyright. Of course, that's not really the issue. True, the the US Federal Circuit Court of Appeals foolishly ruled that APIs could be copyrighted. But the US District Court for the Northern District of California ruled in May 2016 that Google's use of the Java APIs were not subject to copyright licensing fees. Instead, Android's use of the APIs was covered by "fair use."
  • Google’s Open Source Fuchsia OS: The Mystery Linux Distro
    Few things are more tantalizing than a good mystery, and Google is making waves for an open source-centric mystery that may end up having profound implications. It all started in August when an extensive and unusual code repository for a new operating system called Fuchsia was discovered online, and now the growing source code set is on GitHub. Thus far, Google officials have been mostly mum on the aim of this operating system, although they have made a few things clear in chat forums. Two developers listed on Fuchsia's GitHub page — Christopher Anderson and Brian Swetland — are known for their work with embedded systems. The Verge, among other sites, has made a few logical deductions about the possible embedded systems focus for Fuchsia: “Looking into Fuchsia's code points gives us a few clues. For example, the OS is built on Magenta, a “medium-sized microkernel” that is itself based on a project called LittleKernel, which is designed to be used in embedded systems,” the site reports. The GitHub postings that confirm that Fuchsia is based on Magenta are particularly notable because Magenta has had applications in the embedded systems space. Here are some direct quotes: "Magenta is a new kernel that powers the Fuchsia OS. Magenta is composed of a microkernel as well as a small set of userspace services, drivers, and libraries necessary for the system to boot, talk to hardware, load userspace processes and run them, etc. Fuchsia builds a much larger OS on top of this foundation."
  • As Blackberry pulls out of handset business it has some big patent strategy calls to make