Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Foundation Releases Document On UEFI Secure Boot

Posted by Soulskill on from the keep-it-fair dept.

mvar writes "The Linux Foundation today released technical guidance to PC makers on how to implement secure UEFI without locking Linux or other free software off of new Windows 8 machines. The guidance included a subtle tisk-tisk at Microsoft's Steven Sinofsky for suggesting that PC owners won't want to mess with control of their hardware and would happily concede it to operating system makers and hardware manufacturers." Canonical and Red Hat have also published a white paper (PDF) suggesting that all OEMs "allow secure boot to be easily disabled and enabled through a firmware configuration interface," among other things.

4 of 318 comments (clear)

  1. Let me guess by 0123456 · · Score: 4, Interesting

    As I look into my crystal skull through the mists of time I see Microsoft release a white paper saying that OEMs will get $10 off the cost of Windows if they don't allow users to turn off 'Windows boot'?

  2. So as I follow it... by SuricouRaven · · Score: 4, Insightful

    Intel: We've invented a new technology that can be used to prevent low-level malware from being loaded during the pre-kernel boot process, when conventional antimalware techniques are ineffective. It could also be used by a manufacturer to prevent the user from installing any unapproved OS, as from a technological standpoint this functionality is identical to blocking malware, but that isn't what we designed it for.
    Microsoft: Oh, that sounds fun. Ok, all OEMs: If you want to ship with the 'windows 8' logo which everyone is going to want soon, you need to include support for this and it must be enabled by default. You will have to include Windows 8 on the trust list, but anything else you need to block as it may be malware. You can give the user the ability to turn this feature off and install non-Windows OSs if you want, but we don't really care.
    Linux supporters: But that means that unless an OEM has explicitly taken the trouble to install a feature that few users will even know of, it'll be impossible for us to use any OS except Windows - most seriously on laptops, where we can't build our own.
    Microsoft: Not our problem! Take it up with the OEMs. We're only mandating that they install linux-blocking capability, we're not asking them to actually use it.

    Throughout this, the OEMs have remained silent on the issue.

  3. Re:I'd say that's "mostly" true. by Bert64 · · Score: 5, Insightful

    Most users would be just as stuck if faced with a windows install which failed to recognise their wifi adapter...
    Stock out of the box windows often fails to recognise hardware, xp was especially bad because it got so dated but 7 is going that way too now...

    Users don't install their computers, they buy them preinstalled... There's no reason why a machine preinstalled with linux wouldn't have everything already configured and working, and come with a recovery disc to return it to the factory state... Same as currently happens with windows.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  4. Re:OEM can use this to lock in to there video, hdd by adonoman · · Score: 4, Interesting

    OEMs don't need this to lock in hardware, they can do this just fine with regular BIOS.