LXer: Microsoft dragging its feet on Linux Secure Boot fix
Syndicated Linux NewsThis forum is for the discussion of Syndicated Linux News stories.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
LXer: Microsoft dragging its feet on Linux Secure Boot fix
Published at LXer:
The Linux Foundation's promised workaround that will allow Linux to boot on Windows 8 PCs has yet to clear Microsoft's code certification process, although the exact reason for the hold-up remains unclear. As The Reg reported previously, the Secure Boot feature of the Unified Extensible Firmware Interface (UEFI) found on modern Windows 8 PCs will only allow an OS to boot if its code has been digitally signed with a key obtained from Microsoft.
Yes. Because this is not the right solution. You should NOT need M$'s approval to boot another OS. They should have made a deal with hardware manufacturers not with M$.
Going through M$ gives them control. They can revoke the key anytime they want.
If it isn't done this way, then people will refuse to buy into Secure Boot until it supports more OSs properly.
Last edited by H_TeXMeX_H; 11-22-2012 at 12:05 PM.
How do you think they should do that? One of the requirements of getting the Windows 8 label is that there must be no option keys can be changed from an running OS.
Quote:
If it isn't done this way, then people will refuse to buy into Secure Boot until it supports more OSs properly.
You get it from the wrong side. Secure Boot is nothing more than a standard, it is the OS that has to support Secure Boot, not Secure Boot that has to support the OS.
Because the Linux Foundation decided to get their bootloader signed by Microsoft. They could have decided not to do that and to ask the hardware manufacturers directly, but chances are high that not every mainboard, especially those meant for OEM PCs, will come with those keys. You can be sure that any mainboard will come with Microsoft keys.
Quote:
I don't want M$ involved in the process. You don't deal with the devil.
I read from that that you don't want to use Microsoft software, so why bother at all? Just disable Secure Boot and you will be fine. Even if you don't want to do that, just get Microsoft certified hardware and you will be able to add your own custom keys and sign your own bootloader. This way no one is involved except you.
Because the Linux Foundation decided to get their bootloader signed by Microsoft. They could have decided not to do that and to ask the hardware manufacturers directly, but chances are high that not every mainboard, especially those meant for OEM PCs, will come with those keys. You can be sure that any mainboard will come with Microsoft keys.
Even if not every mobo would come with the keys, they could post which ones they convinced and we could go out and buy those specifically. Instead they sold out to M$. I don't like it at all. It was a bad decision and it will come back to haunt them.
Yes. Because this is not the right solution. You should NOT need M$'s approval to boot another OS. They should have made a deal with hardware manufacturers not with M$.
Going through M$ gives them control. They can revoke the key anytime they want.
If it isn't done this way, then people will refuse to buy into Secure Boot until it supports more OSs properly.
I agree with you; we should not have to get or have M$'s approval to boot another OS on our computer.
Maybe I'm off base but I (think) that the devil only needs an opportunity and Microsoft is providing just that tool for the devil to use.
Again this is why I have not installed Fedora on my laptop and it's not because I haven't educated myself on the "UEFI Secure Boot" issue. I have written about 5 to 7 pages of documentation from webpages just to try to understand this whole thing. It's still not clear to me what to do either before or after the install of a new disto-
Maybe I'm off base but I (think) that the devil only needs an opportunity and Microsoft is providing just that tool for the devil to use.
I find that really interesting:
Quote:
The Unified EFI Forum or UEFI Forum (where UEFI stands for Unified Extensible Firmware Interface) is an alliance between several leading technology companies to modernize the booting process. The board of directors includes representatives from eleven "Promoter" companies: AMD, American Megatrends, Apple, Dell, HP, IBM, Insyde Software, Intel, Lenovo, Microsoft, and Phoenix Technologies.
From http://en.wikipedia.org/wiki/Unified_EFI_Forum
I would like to know why anyone is blaming Microsoft, but no one blames AMD, IBM or Intel. They all are partners on the UEFI forum, they all have a voice when it comes to discussing new specifications, so why does Microsoft get all the hate, but none of the other partners?
I find that really interesting:
From http://en.wikipedia.org/wiki/Unified_EFI_Forum
I would like to know why anyone is blaming Microsoft, but no one blames AMD, IBM or Intel. They all are partners on the UEFI forum, they all have a voice when it comes to discussing new specifications, so why does Microsoft get all the hate, but none of the other partners?
Perhaps Microsoft is getting all of the hate because (this is only speculation; being suspicious)because they have reached full capacity on 'Greed' and are only concerned with pure profit for their establishment(Corporation).
I don't get why AMD, IBM or Intel is not in the 'blame' afterall they are assisting Microsoft to develop and manufacturer the product/merchandise. I would imagine that the contributing partners are receiving compensation and possibly; kickbacks from the Microsoft Corporation. As time passes things we don't know yet might be reveled by those other contributors/partners.
Originally, M$ wanted to make it so that Secure Boot couldn't be turned off like on ARM, but Intel and some of the other companies wouldn't have it. Eventually I think that Secure Boot will be mandatory.
Originally, M$ wanted to make it so that Secure Boot couldn't be turned off like on ARM, but Intel and some of the other companies wouldn't have it. Eventually I think that Secure Boot will be mandatory.
What has lead you to think that Secure Boot will be mandatory?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.