[wplug] UEFI secure boot could prevent New Linux installations
Jonathan Billings
billings at negate.org
Wed Sep 28 10:23:19 EDT 2011
On Wed, Sep 28, 2011 at 10:05:41AM -0400, John Lewis wrote:
> Yesterday I read on zdnet(1) yesterday that Windows 8 certifications on UEFI
> machines could make it hard to install Linux, because the kernel would have
> to be signed. I know that Linux could just be chain loaded off the NT kernel
> using something like Wubi, but I am worried about the potential harshness of
> the Digital Restrictions Management. Is there anything we are going to do
> about this to make sure we are free to use our newer hardware to run any
> software we want it to run (and nothing else)?
Probably one of the following:
1.) Use a windows based bootloader as you said
2.) Only buy hardware that supports:
a.) Adding keys to the secure boot trust list
b.) Include keys that are distributed to linux vendors
c.) Allow you to disable the secure boot in the kernel
3.) Use a hacked BIOS update that bypasses the secure boot or provides
additional keys. (similar to what's happening in the android
market) I doubt the hardware vendors want to see it but the
community will probably spring up just as soon as MS forces
vendors to only do secure boot.
--
Jonathan Billings <billings at negate.org>
More information about the wplug
mailing list