is this true

swfiua at gmail.com swfiua at gmail.com
Tue Sep 27 11:47:22 UTC 2011


It is sort of true.

MS are using a thing called secure boot in Windows 8, ostensibly to protect
users from boot record attacks -- so that would be where malicious attackers
mess with your boot record to get you to boot into dodgy code.

I guess another potential use would be in the corporate environment where
they don't want employees booting their machines from a USB stick into some
weird OS like linux -- or maybe in a few enlightened companies where they
don't want you booting into windows ;)

The way it works is you only get to boot into digitally signed OS'es.   Now,
in principle it isn't hard to sign your linux OS and have the secure boot
stuff have the key to verify your linux.

I've only read a bit about this, but the problem as I see it is that it is
down to the OEM's whether they let their customers configure the set of keys
that the secure boot software will have.    MS have said that's not down to
us, that is the OEM's choice + if they only use our key then that's not our
fault!    But, I do wonder if you are an OEM and you agree to configure your
machines this way then you'll get a break on the price from MS.

It is early days, this may all be a none issue, but it does look like this
might, at the very least, add another hurdle to installing linux.

John

On Sun, Sep 25, 2011 at 1:24 AM, Chris <candive1 at gmail.com> wrote:

> Linux installs may be blocked by Bios???
>
>
> http://packetstormsecurity.org/news/view/19904/MS-Denies-Secure-Boot-Will-Exclude-Linux.html
>
>
> Chris.
>
> --
> Linux! The Freedom to Choose.
> www.bglug.ca
>
>
>
>
> --
> ubuntu-ca mailing list
> ubuntu-ca at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-ca
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-ca/attachments/20110927/f1d2094e/attachment.html>


More information about the ubuntu-ca mailing list