Language Selection

English French German Italian Portuguese Spanish

Supporting third-party keys in a Secure Boot world

Filed under

It's fairly straightforward to boot a UEFI Secure Boot system using something like Shim or the Linux Foundation's loader, and for distributions using either the LF loader or the generic version of Shim that's pretty much all you need to care about. The physically-present end user has had to explicitly install new keys or hashes, and that means that you no longer need to care about Microsoft's security policies or (assuming there's no exploitable flaws in the bootloader itself) fear any kind of revocation.

But what about if you're a distribution that cares about booting without the user having to install keys? There's several reasons to want that (convenience for naive users, ability to netboot, that kind of thing), but it has the downside that your system can now be used as an attack vector against other operating systems. Do you care about that? It depends how you weigh the risks. First, someone would have to use your system to attack another. Second, Microsoft would have to care enough to revoke your signature.

rest here

More in Tux Machines

IBM latest to open source AI program

Thomas said IBM has another reason to open-source its machine learning code – it helps the company recruit new AI experts, which are currently in great demand. Read more

Camunda BPM 7.4: Camunda Releases Latest Version of its Open Source Software

Besides this, the new Camunda Modeler is an open source tool for creating BPMN diagrams. It is based on the well-known project and targets business users as well as software developers. Read more

8 projects with LEGO: plastic bricks meet open source

LEGO bricks: To a parent, they're a virtual minefield, hidden away in the carpet to inflict unimaginable pain from a seemly innocent barefoot step. But to a child, they are a tool for creatively engineering anything the mind can imagine. And for many, they are our first foray into open source. The instructions with a LEGO set start out as rigid rules, and become merely guidelines as children learn to remix, adapt, and extend the "code" which defines the object being built, and then be shared with anyone nearby. Read more

Give Thanks: Cyber Monday Linux Certification Offer

This season’s spirit of giving fits right in with the Linux and open source philosophy. Whether you’re paying it forward in line for coffee, volunteering at a local food bank, or contributing to an open source project in your spare time, giving back to the community is what it’s all about. In keeping with that tradition, the Linux Foundation is offering a special Cyber Monday deal on training and certification to help you build your job skills or transition to a new career. This week only, you can sign up for training and certification as a Linux system administrator for a special rate of $179 (regularly $499)! This special deal includes. Read more