Language Selection

English French German Italian Portuguese Spanish

How Microsoft Is Riling Up the Linux Masses

Filed under
Linux
Microsoft

It was just the other day that Linux bloggers were celebrating the news from researcher Net Applications that desktop Linux had surged in popularity in recent months.

Now, the mood in the blogosphere has plummeted once again as a result of the latest developments on the Windows 8 front. Secure Boot, that is -- a topic astute readers may remember from last fall but that lately seems to have taken a turn for the worse.

Exhibit A: "Microsoft confirms UEFI fears, locks down ARM (Nasdaq: ARMHY) devices," as the the Software Freedom Law Center (SFLC) recently summed it up.

Exhibit B: "Why UEFI secure boot is difficult for Linux," in which Red Hat (NYSE: RHT) developer Matthew Garrett explains why things aren't looking much better on Windows 8 PCs.

Bottom line?




Microsoft vs. Linux?

gcn.com: Microsoft's Windows 8 "secure boot" feature is the controversy that just won't die, at least among Linux users.

Initial fears by the Linux community -- that Microsoft's requirements for secure boot on future Windows 8-based machines would thwart Linux use -- appear to be half-correct. The catch seems to be that Linux will have trouble dual booting on Windows 8 ARM-based hardware only. Unfortunately, Microsoft has added nothing new to clarify this confusing matter.

rest ehre

UEFI and bugs

Matthew Garrett: The fundamental problem is that UEFI is a lot of code. And I really do mean a lot of code. Ignoring drivers, the x86 Linux kernel is around 30MB of code. A comparable subset of the UEFI tree is around 35MB. UEFI is of a comparable degree of complexity to the Linux kernel. There's no reason to assume that the people who've actually written this code are significantly more or less competent than an average Linux developer, so all else being equal we'd probably expect somewhere around the same number of bugs per line. Of course, not all else is equal.

Rest here

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security Leftovers

  • Linux Foundation launches badge program to boost open source security
    The Linux Foundation has released the first round of CII Best Practices badges as part of a program designed to improve the quality and security of open-source software. Announced on Tuesday, the non-profit said the Core Infrastructure Initiative (CII), a project which brings tech firms, developers and stakeholders together to create best practice specifications and improve the security of critical open-source projects, has now entered a new stage with the issue of CII badges to a select number of open-source software.
  • Free Badge Program Signals What Open Source Projects Meet Criteria for Security, Quality and Stability
  • How to Conduct Internal Penetration Testing
    The best way to establish how vulnerable your network is to a hacker attack is to subject it to a penetration test carried out by outside experts. (You must get a qualified third party to help with penetration testing, of course, and eSecurity Planet recently published an article on finding the right penetration testing company.)
  • SSH for Fun and Profit
    In May last year, a new attack on the Diffie Hellman algorithm was released, called Logjam. At the time, I was working on a security team, so it was our responsiblity to check that none of our servers would be affected. We ran through our TLS config and decided it was safe, but also needed to check that our SSH config was too. That confused me – where in SSH is Diffie Hellman? In fact, come to think of it, how does SSH work at all? As a fun side project, I decided to answer that question by writing a very basic SSH client of my own.

Open Data in Europe

  • Helsinki to enhance open democracy technologies through a hackathon
    The International Open Data Day brings together citizens and developers in major cities around the world to develop tools and applications based on Open Data. In 2016, Open Data Day took place on the 5-6 March.
  • Dutch government organisations not ready for open data requests
    Dutch government organisations are generally unable to process requests under the new 'Law for re-use of government information' in a timely and correct manner. According to inventories made by the Open State Foundation and Open Archives, government at all levels took months to decide on the requests, had problems providing the information in an open and machine-readable format, and failed to forward requests that should be handled by other organisations.
  • Hungarian Post charging high costs to frustrate right to public information
    The issue was brought before Péterfalvi Attila, President of the National Authority for Data Protection and Freedom of Information, by Tóth Bertalan, Deputy Faction Leader for the Hungarian Socialist Party (MSZP). Tóth argued that citizens are restricted in exercising their right of access to public information if an agency asks that much money for its data.

No Ubuntu Back Doors, Windows and Mac Migrations

Today in Linux news Microsoft's market share has dipped below 90% and Mac is disappearing from Linux conventions. Ubuntu founder Mark Shuttleworth said in an interview today that security and encryption are a commitment of Ubuntu's. Jesse Smith reviewed the latest version of Ubuntu and OMG!Ubuntu! shared some glimpses of Ubuntu in the wild. Bryan Lunduke listed 12 "Linux geeks" all users should follow on social media and Sandra Gittlen highlighted six colleges that "immerse students in Open Source." Read more

pfSense 2.3 Open-Source BSD Firewall Gets Patch That Fixes NTP Security Issues

pfSense developer Chris Buechler announced the availability of a small update for the stable pfSense 2.3 open-source firewall platform based on the FreeBSD operating system. Introduced as pfSense 2.3 Update 1, this is a small patch that only fixes the recently discovered security issues in the Network Time Protocol (NTP) packages, upgrading them from version 4.2.8p6 to 4.2.8p7, and it shouldn't be confused with pfSense 2.3.1, which will be released in the coming weeks as the first maintenance build. Read more