Language Selection

English French German Italian Portuguese Spanish

UEFI secure booting (part 2)

Filed under
Microsoft

Microsoft have responded to suggestions that Windows 8 may make it difficult to boot alternative operating systems. What's interesting is that at no point do they contradict anything I've said. As things stand, Windows 8 certified systems will make it either more difficult or impossible to install alternative operating systems. But let's have some more background.

We became aware of this issue in early August. Since then, we at Red Hat have been discussing the problem with other Linux vendors, hardware vendors and BIOS vendors. We've been making sure that we understood the ramifications of the policy in order to avoid saying anything that wasn't backed up by facts. These are the facts:

* Windows 8 certification requires that hardware ship with UEFI secure boot enabled.

* Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we've already been informed by hardware vendors that some hardware will not have this option.

* Windows 8 certification does not require that the system ship with any keys other than Microsoft's.

* A system that ships with UEFI secure boot enabled and only includes Microsoft's signing keys will only securely boot Microsoft operating systems.

More here




Also:

An obvious question is why Linux doesn't support UEFI secure booting. Let's ignore the issues of key distribution and the GPL and all of those things, and instead just focus on what would be required. There's two components - the signed binary and the authenticated variables.

Rest of that here

More in Tux Machines

FPGA-enabled vision system uses USB3 cams, runs Linux

NI unveiled a fanless, rugged vision computer that runs NI Linux on a quad-core Atom E3845, and offers an FPGA and support for 350MB/s USB3 Vision cameras. National Instruments (NI) has delivered its NI Linux Real-Time OS on a variety of embedded industrial computers and control systems, including its recent CompactRIO 4-slot Performance Controller. Now, the company is applying NI Linux to machine vision with its new USB3 Vision compatible NI CVS-1459RT. Read more

Fedora Might Try A New Scheduling Strategy For Its Releases

It's no secret that Fedora has had a challenging time sticking to their release schedules for a long time. With taking care of blocker bugs, Fedora Linux releases tend to frequently slip -- with Fedora 21 it's about two months behind schedule and we're just past the alpha stage. By the time Fedora 21 actually ships, Fedora 20 will have been at least twelve months old. However, a new release scheduling strategy might be tried starting with Fedora 22. Read more

Debian Jessie Might Get Rid Of The kFreeBSD Port

For years there's been the Debian GNU/kFreeBSD port that ships the same Debian GNU user-land as Debian GNU/Linux but replaces the Linux kernel with that of the FreeBSD kernel. Read more

Small firms and open-source software put Spine back into NHS after IT fiasco

Without the fuss and delays that have plagued so many large government IT projects, a key part of the NHS digital infrastructure was recently migrated and updated in a single weekend. The collection of applications and directory services known as the Spine connects clinicians, patients and local services to core NHS services such as the GP2GP patient record transfer, the Electronic Prescription Service, patients' Summary Care Records, and the Choose and Book service. More than 250,000 health service staff connect to it every day, sending more than 400m messages each month. Read more