Language Selection

English French German Italian Portuguese Spanish

Blocking Linux From Booting

Filed under
Linux
Mac
  • Don’t Panic, You Can Boot Linux on Apple’s New Devices

    Does Apple stop Linux from booting on its newly refreshed Mac Mini PC or MacBookAir laptops?

    That’s the claim currently circling the web‘s collective drain. The posit is that the new T2 ‘secure enclave’ chip Apple has baked in to its new models prevents Linux from booting.

    But is this actually true?

    Kinda. The answer is both “yes, technically” and “no, not completely”.

  • Apple's New Hardware With The T2 Security Chip Will Currently Block Linux From Booting

    Apple's MacBook Pro laptops have become increasingly unfriendly with Linux in recent years while their Mac Mini computers have generally continued working out okay with most Linux distributions due to not having to worry about multiple GPUs, keyboards/touchpads, and other Apple hardware that often proves problematic with the Linux kernel. But now with the latest Mac Mini systems employing Apple's T2 security chip, they took are likely to crush any Linux dreams.

    At least until further notice, these new Apple systems sporting the T2 chip will not be able to boot Linux operating systems. Apple's T2 security chip being embedded into their newest products provides a secure enclave, APFS storage encryption, UEFI Secure Boot validation, Touch ID handling, a hardware microphone disconnect on lid close, and other security tasks. The T2 restricts the boot process quite a bit and verifies each step of the process using crypto keys signed by Apple.

"...Blocking Linux From Booting"

  • Apple’s T2 Security Chip Is Currently Blocking Linux From Booting

    Linux enthusiasts must be knowing that one can run Linux distributions on Apple’s older hardware, including the MacBook Air. The quality of Apple’s solid hardware had even prompted Linux creator Linus Torvalds to use MacBook Air to run Linux in the past.

    However, the newer lineup Apple hardware is becoming increasingly hostile towards Linux. With the latest T2 security chip, Apple’s latest Mac Mini is stopping Linux from booting, as reported by Phoronix. I guess it would be safe to assume similar results on other newer Apple hardware.

Thom Holwerda's Take

  • Apple blocks Linux on new Macs with T2 security chips

    Right now, there is no way to run Linux on the new Mac hardware. Even if you disable Secure Boot, you can still only install macOS and Windows 10 - not Linux. Luckily, Linux users don't have to rely on Macs for good hardware anymore - there are tons of Windows laptops out there that offer the same level of quality with better specifications at lower prices that run Linux just fine.

The update

  • Apple T2 Security Chip removes Linux support from some newer Macs [Update]

    A reader has pointed out that it's possible to disable Secure Boot on T2-equipped devices making it possible to boot and install Linux distributions. To run Linux you must first access the Startup Security Utility and choose the 'No Security' option, here are the instructions on how to access to the utility...

Booting Linux On New Apple Hardware

  • Booting Linux On New Apple Hardware

    I ran across articles that point to the fact that Apple (with new hardware) is making it difficult to boot into Linux. This would seem to be a perpetuation of Microsoft and Apple attempting to "elbow" Linux aside. Whether true or not, I do not know.

    My viewpoint is simply a reflection of reading passing headlines. I don't know whether Microsoft and Apple are actually attempting to frustrate the adoption of Linux as a mainstream operating system. If they weren't; my guess would be that both Microsoft and Apple would have been working with the Linux community to have a (universal) secure boot option that would work with virtually all operating systems.

Macs to Linux fans: Stop right there

  • Macs to Linux fans: Stop right there, Penguinista scum, that's not macOS

    The knickers of the Linux world have become ever so twisty over the last few days as Penguinistas fell foul of the security hardware in their pricey Apple hardware.

    Reports are coming in of Linux fans struggling to get their distribution of choice to install on the latest Cupertino cash cows with fingers pointed at the T2 chip.

    The T2 does all manner of things in the latest batch of Macs (including the new MacBook Air and Mac mini models announced last week) including dealing with the SSD, audio, and secure boot. And it is with the latter that problems appear to be occurring.

Linux could be banned on Apple’s new Macs

  • Linux could be banned on Apple’s new Macs

    Apple recently announced their new Macs with powerful chipsets and enhanced security. The security has been beefed up with an Apple T2 Security Chip that provides a strong and Secure Enclave co-processor that is mainly responsible for TouchID, APFS storage encryption, UEFI Secure Boot validation, Touch ID handling, a hardware microphone disconnect on lid close, and others. This same chip also enables the secure boot feature on most new Apple computers, which could be a huge block for most Linux installations.

    A report by Phoronix states that the T2 Chip has been blocking Linux from booting and only allows Apple MacOS and Microsoft Windows OS to work well.

You can’t run Linux on Apple’s 2018 Macs

No, Apple's not locking you out of Linux

  • No, Apple's not locking you out of Linux on Mac with the T2 chip

    Apple's T2 Security Chip provides a lot of great features for the vast majority of people, including secure boot, real-time AES 256-bit data encryption, and even Touch ID authentication for MacBook Air and MacBook Pro. For them, it's on by default and should just be left on by default.

    Because of that security, it's led some power-users to believe that Apple is locking down T2 machines, including those MacBooks as well as the iMac Pro and new Mac mini, so completely you will no longer be able to do things like boot into Linux.

    My understanding is that you can, in fact, boot into Linux if you really want to. You just need to disable secure boot on your Mac first.

Microsoft holds the keys

  • Linux could be banned on Apple’s new Macs

    A report by Phoronix states that the T2 Chip has been blocking Linux from booting and only allows Apple MacOS and Microsoft Windows OS to work well.

    Apple explains that there is currently no trust provided for the Microsoft Corporation UEFI CA 2011, which would allow verification of code signed by Microsoft partners. UEFI CA is commonly used to verify the authenticity of bootloaders for other operating systems such as Linux variants.

Apple's new bootloader won't let you install GNU/Linux

  • Apple's new bootloader won't let you install GNU/Linux

    Locking bootloaders with trusted computing is an important step towards protecting users from some of the most devastating malware attacks: by allowing the user to verify their computing environment, trusted computing can prevent compromises to operating systems and other low-level parts of their computer's operating environment.

    But as with every security measure, there's a difference between "secure for the user" and "secure against the user." Bootloader protection that doesn't allow an owner to decide which signatures they trust is security against the user: security that prevents the user from overriding the manufacturer, and so allows the manufacturer to lock the user in.

    Apple's latest bootloader protection, the controversial T2 chip, is a good example of this. The chip comes with a user-inaccessible root of trust that allows for the installation of Apple and Microsoft operating systems, but not GNU/Linux and other open and free alternatives.

What will Apple's T2 chip mean for the rest of us?

Apple Will Block Certain Third-Party Repairs

  • Apple’s T2 Security Chip Will Block Certain Third-Party Repairs, Users Might Have To Shell Significantly More For Repairs

    If you are a fan of Apple and a Gadget geek, you must be familiar with the T2 chip, which goes about as a co-processor in Apple’s devices and, is the key to a considerable lot of Apple’s freshest and most advanced features.

    Apple affirmed this is the situation for fixes including certain parts on more up to date Macs, similar to the rationale load up and Touch ID sensor, which is the first run through the organization has freely recognized the new fix necessities for T2 prepared Macs. In any case, Apple couldn’t give a rundown of fixes that required this or what gadgets were influenced. It additionally couldn’t state whether it started this convention with the iMac Pro’s presentation a year ago or if it’s another strategy organized as of late.

    The T2 is a customized component that performs different complex and essential functions such as preparing for Touch ID. It additionally stores the cryptographic keys important to boot the machines it keeps running on safely. According to Apple, the chip has new features, as well, for example, empowering the MacBook Pro to react to “Hello Siri” queries without expecting you to press a catch. It additionally keeps its workstation from being remotely worked on by programmers when the cover of the gadget is shut. Furthermore, the T2 chip is equipped for speaking with different segments with the end goal, to play out the simple most essential and advanced errands present day Macs are prepared to do.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

12 open source tools for natural language processing

Natural language processing (NLP), the technology that powers all the chatbots, voice assistants, predictive text, and other speech/text applications that permeate our lives, has evolved significantly in the last few years. There are a wide variety of open source NLP tools out there, so I decided to survey the landscape to help you plan your next voice- or text-based application. For this review, I focused on tools that use languages I'm familiar with, even though I'm not familiar with all the tools. (I didn't find a great selection of tools in the languages I'm not familiar with anyway.) That said, I excluded tools in three languages I am familiar with, for various reasons. The most obvious language I didn't include might be R, but most of the libraries I found hadn't been updated in over a year. That doesn't always mean they aren't being maintained well, but I think they should be getting updates more often to compete with other tools in the same space. I also chose languages and tools that are most likely to be used in production scenarios (rather than academia and research), and I have mostly used R as a research and discovery tool. Read more

Devices: Indigo Igloo, Raspberry Pi Projects and Ibase

  • AR-controlled robot could help people with motor disabilities with daily tasks
    Researchers employed the PR2 robot running Ubuntu 14.04 and an open-source Robot Operating System called Indigo Igloo for the study. The team made adjustments to the robot including padding metal grippers and adding “fabric-based tactile sensing” in certain areas.
  • 5 IoT Projects You Can Do Yourself on a Raspberry Pi
    Are you new to the Internet of Things and wonder what IoT devices can do for you? Or do you just have a spare Raspberry Pi hanging around and are wondering what you can do with it? Either way, there are plenty of ways to put that cheap little board to work. Some of these projects are easy while others are much more involved. Some you can tackle in a day while others will take a while. No matter what, you’re bound to at least get some ideas looking at this list.
  • Retail-oriented 21.5-inch panel PCs run on Kaby Lake and Bay Trail
    Ibase’s 21.5-inch “UPC-7210” and “UPC-6210” panel PCs run Linux or Windows on 7th Gen Kaby Lake-U and Bay Trail CPUs, respectively. Highlights include 64GB SSDs, mini-PCIe, mSATA, and IP65 protection.

NexDock 2 Turns Your Android Phone or Raspberry Pi into a Laptop

Ever wished your Android smartphone or Raspberry Pi was a laptop? Well, with the NexDock 2 project, now live on Kickstarter, it can be! Both the name and the conceit should be familiar to long-time gadget fans. The original NexDock was a 14.1-inch laptop shell with no computer inside. It successfully crowdfunded back in 2016. The OG device made its way in to the hands of thousands of backers. While competent enough, some of-the-time reviews were tepid about the dock’s build quality. After a brief stint fawning over Intel’s innovative (now scrapped) Compute Cards, the team behind the portable device is back with an updated, refined and hugely improved model. Read more

Graphics: Libinput 1.13 RC2, NVIDIA and AMD

  • libinput 1.12.902
    The second RC for libinput 1.13 is now available.
    
    This is the last RC, expect the final within the next few days unless
    someone finds a particulaly egregious bug.
    
    One user-visible change: multitap (doubletap or more) now resets the timer
    on release as well. This should improve tripletap detection as well as any
    tripletap-and-drag and similar gestures.
    
    valgrind is no longer a required dependency to build with tests. It was only
    used in a specific test run anyway (meson test --setup=valgrind) and not
    part of the regular build.
    
    As usual, the git shortlog is below.
    
    Benjamin Poirier (1):
          evdev: Rename button up and down states to mirror each other
    
    Feldwor (1):
          Set TouchPad Pressure Range for Toshiba L855
    
    Paolo Giangrandi (1):
          touchpad: multitap state transitions use the same timing used for taps
    
    Peter Hutterer (3):
          tools: flake8 fixes, typo fixes and missing exception handling
          meson.build: make valgrind optional
          libinput 1.12.902
  • Libinput 1.13 RC2 Better Detects Triple Taps
    Peter Hutterer of Red Hat announced the release of libinput 1.13 Release Candidate 2 on Thursday as the newest test release for this input handling library used by both X.Org and Wayland Linux systems. Libinput 1.13 will be released in the days ahead as the latest six month update to this input library. But with the time that has passed, it's not all that exciting of a release as the Logitech high resolution scrolling support as well as Dell Totem input device support for the company's Canvas display was delayed to the next release cycle. But libinput 1.13 is bringing touch arbitration improvements for tablets, various new quirks, and other fixes and usability enhancements.
  • Open-Source NVIDIA PhysX 4.1 Released
    Software releases are aplenty for GDC week and NVIDIA's latest release is their newest post-4.0 PhysX SDK. NVIDIA released the open-source PhysX 4.0 SDK just before Christmas as part of the company re-approaching open-source for this widely used physics library. Now the latest available is PhysX 4.1 and the open-source code drop is out in tandem.
  • AMD have launched an update to their open source Radeon GPU Analyzer, better Vulkan support
    AMD are showing off a little here, with an update to the Radeon GPU Analyzer open source project and it sounds great.