[ubuntu-uk] heads up - Secure Boot Problems for Linux Users Are Here Already
Alan Bell
alan.bell at libertus.co.uk
Fri Jun 8 13:21:16 UTC 2012
On 02/06/12 14:06, Nigel Verity wrote:
> Hi All
>
> If anybody can get a key from Verisign for $99 that makes a mockery of
> having secure boot in the first place.
no, that isn't how it works at all. It is possible for some people to
get a binary signed by Microsoft by paying $99 which goes to verisign.
You don't get the key and it isn't clear who can do it and what binaries
will get signed.
> We can take it as read that there are long term plans by Microsoft to
> tighten up the secure boot spec in the future in their favour.
yup, on ARM. Devices running Windows 8 on ARM will be pre-bricked at the
factory.
>
> To my mind, this first pass is just to establish the principle and
> getting all OEMs to adopt the spec. Making keys readily available will
> help MS to respond to legal challenges from non-tech savvy legislators.
>
Possibly. I would imagine they are expecting and preparing for antitrust
action. As a slightly pedantic point, legislators don't tend to make
legal challenges.
> I suspect that the secure boot technology will be hacked pretty
> quickly enabling we enthusiasts to stay up and running. Having to
> apply a hack as a fundamental part of Linux installation will not
> exactly help with promoting wider adoption, though.
>
disabling it on Intel isn't a hack, it would be a checkbox option in the
place you currently call the BIOS. ARM would require a hack.
> Regards
>
> Nige
>
>
--
Libertus Solutions http://libertus.co.uk
More information about the ubuntu-uk
mailing list