Language Selection

English French German Italian Portuguese Spanish

Could secure boot lead to Linux v Linux strife?

Filed under
Linux

Could Microsoft's implementation of secure boot be, one day, the reason why Linux vendors get into strife with each other? Could Oracle one day go to Microsoft in order to get a key issued to Red Hat by Microsoft revoked?

Kernel developer Matthew Garrett raised this possibility last year, within the context of a discussion that focused on the additional measures that have to be implemented for Linux systems to satisfy all the requirements of secure boot, so that there is no door left open for Microsoft to revoke the key issued to any Linux distribution.

An exchange of cryptographic keys takes place at boot-time so that a system can verify that the operating system attempting to boot is a genuine one, and not malware. There are further key exchanges along the way. Microsoft controls the key-signing authority, and thus anyone who wishes to boot an operating system on hardware certified for Windows 8 has to buy a Microsoft key.

rest here




More in Tux Machines

ammortizzata Scarpe Nike Zoom Winflo 2 marche che producono

Linux Graphics

  • Libinput X.Org Driver Updated For X.Org Server 1.19
    Peter Hutterer has announced the release of a new version of xf86-input-libinput, the X.Org DDX driver that makes use of libinput for input handling on the X.Org Server.
  • xf86-input-libinput 0.20.0
    Most important fix is the use of input_lock() instead of the old SIGIO stuff to handle the input thread in server 1.19.
  • Mesa 13.0 Planning For Release At End Of October, Might Include RADV Vulkan
    Following the mailing list talk over the past two days about doing the next Mesa release, plans are being discussed for releasing at the end of October and it might have just got a whole lot more exciting. Emil Velikov, Collabora developer and Mesa release manager for the past several release series, has commented on that previously discussed mailing list thread. He mentioned he was secretly waiting in hopes of seeing the RADV Radeon Vulkan driver merged for this next release! He said he'd even be willing to see it merged even if it's "not perfect/feature complete."

Security News

  • Don't Trust Consumer Routers
    Another example of why you shouldn’t trust consumer routers. d-link It isn’t just this specific d-link router. We’ve seen the same issues over and over and over with pretty much every non-enterprise vendor. Plus we don’t want our devices used by crackers to DDoS Brian Krebs anymore, right? We are Linux people. We CAN do this ourselves.
  • D-Link DWR-932 router is chock-full of security holes
    Security researcher Pierre Kim has unearthed a bucketload of vulnerabilities affecting the LTE router/portable wireless hotspot D-Link DWR-932. Among these are backdoor accounts, weak default PINs, and hardcoded passwords.
  • The Cost of Cyberattacks Is Less than You Might Think
    What's being left out of these costs are the externalities. Yes, the costs to a company of a cyberattack are low to them, but there are often substantial additional costs borne by other people. The way to look at this is not to conclude that cybersecurity isn't really a problem, but instead that there is a significant market failure that governments need to address.
  • NHS trusts are still using unsupported Windows XP PCs
    AT LEAST 42 National Health Service (NHS) trusts in the UK still run Microsoft's now-defunct Windows XP operating system. Motherboard filed Freedom of Information requests with more than 70 NHS hospital trusts asking how many Windows XP machines they use. 48 replied within the allotted time, and a whopping 42 of them admitted that they still use the operating system that reached end-of-life status in April 2014. Some of the culprits include East Sussex Healthcare, which has 413 Windows XP machines, Sheffield's Children's hospital with 1,290, and Guy's and St Thomas' NHS Trust in London with an insane 10,800 Windows XP-powered PCs. 23 replied to Motherboard's quizzing about whether they have an extended support agreement in place and, unsurprisingly, the majority said that they do not.

Games for GNU/Linux