Language Selection

English French German Italian Portuguese Spanish

Could secure boot lead to Linux v Linux strife?

Filed under
Linux

Could Microsoft's implementation of secure boot be, one day, the reason why Linux vendors get into strife with each other? Could Oracle one day go to Microsoft in order to get a key issued to Red Hat by Microsoft revoked?

Kernel developer Matthew Garrett raised this possibility last year, within the context of a discussion that focused on the additional measures that have to be implemented for Linux systems to satisfy all the requirements of secure boot, so that there is no door left open for Microsoft to revoke the key issued to any Linux distribution.

An exchange of cryptographic keys takes place at boot-time so that a system can verify that the operating system attempting to boot is a genuine one, and not malware. There are further key exchanges along the way. Microsoft controls the key-signing authority, and thus anyone who wishes to boot an operating system on hardware certified for Windows 8 has to buy a Microsoft key.

rest here




More in Tux Machines

Security: MuddyWater, DJI, Updates, Reproducible Builds and Excel

today's howtos

Android Leftovers

7 tools for analyzing performance in Linux with bcc/BPF

A new technology has arrived in Linux that can provide sysadmins and developers with a large number of new tools and dashboards for performance analysis and troubleshooting. It's called the enhanced Berkeley Packet Filter (eBPF, or just BPF), although these enhancements weren't developed in Berkeley, they operate on much more than just packets, and they do much more than just filtering. I'll discuss one way to use BPF on the Fedora and Red Hat family of Linux distributions, demonstrating on Fedora 26. BPF can run user-defined sandboxed programs in the kernel to add new custom capabilities instantly. It's like adding superpowers to Linux, on demand. Examples of what you can use it for include: Read more