|
Secure Boot It consists of a type of mechanism that verifies that the executed code is digitally signed. This way, you can only boot an operating system that has a properly signed loader.
This is a requirement which Microsoft will use to put the label on all the computers in the universe that says «Windows 8 Certified«. This advance by Microsoft has divided the waters between large Linux distributions, find out why. |
The position of Red Hat and Fedora: the "less bad" alternative?
As we saw in detail A few days ago, for this charger to be approved by Microsoft, Red Hat will choose to use a Microsoft service called Sysdev (paying $ 99 for registration), although the money is ultimately left to VeriSign. Apparently this would imply that any GNU / Linux distribution could use the same key, no doubt an act of great charity on the part of Red Hat.
The cost is not important - it is only $ US99 - but isn't that principle the reason why GNU / Linux distributions have avoided Microsoft all the time?
Canonical and Ubuntu's position: don't depend
Canonical, which is present at the UEFI Forum, has generated its own key for Ubuntu, which would avoid having to use one from Microsoft, as proposed by Red Hat.
The fundamental difference between Ubuntu's proposal and Microsoft's is that there would be no indication that Canonical offers key creation services. A system that has the Ubuntu key will only be able to run Ubuntu unless, of course, the user disables Secure Boot or adds other keys to UEFI.
With this goal in mind, Canonical is already working on a replacement for GRUB 2 because apparently it would create legal problems due to its GPLv3 license.
Not using Secure Boot: the best solution
Perhaps the best option is not to use Secure Boot at all, although this will require modifying an option in the BIOS, which can scare many newbies in their move to Linux. However, to be completely honest, the same is true today for users to run Linux from a LiveCD or LiveUSB.
It just takes time to find a solution that the entire free community can use and take advantage of.
Terrible news, without a doubt it is a big obstacle for the GNU / Linux distros and their arrival to the common users.
It is difficult to find even solutions for all the distros each one takes the path that seems best to him. The really bad one is Microsoft, it does not have the right to dispose of the computers that each user buys and wants to use them as they please.
For my part, I will continue to deprecate Windows and use more of the Linux flavors, even if I have to disable the secure boot of my PC, when I get one.
Hopefully and Secure boot can be disabled (sure if) but in the worst case it will only be a matter of time for the community to find a solution.
Until that I think that the least evil is in the key that Red Hat has made with which it will surely be possible to run Linux on certified computers (in the worst case scenario - I will repeat if the solution has not yet been developed)
Are there already computers that can be bought in Argentina with secure boot? Can not a sovereign State legislate on this issue, that machines do not enter or sell with this type of restrictions tending to monopoly? Of course, in Argentina it is unlikely that it will happen, but in Brazil or some European perhaps yes.
Let's see what happens with this matter.
As they say in the previous comment, hopefully that option can be disabled in the bios and with that to be able to install linux, but also, they are supposed to create that measure for greater security, but I think they focus it more for the benefit of microsoft, and how no, if it is the main distributor of operating systems in the world and all companies want to be with the big boys.
Deactivation is apparently the only option.
My question is, if Windows, RedHat / Fedora and Ubuntu are not used, the only solution is to deactivate SecureBoot? Or will there be a way to incorporate keys into UEFI?
the future cannot be locked behind microsoft bars, there is life beyond and what bothers them the most is that there are OSs that work better or at least the same as theirs without having to pay the abusive license prices
Well, as long as the manufacturers allow disabling the Secure Boot there is no problem.
If it can be used then better (I suppose), more security. Although we have been like this all this time and nothing happens, in business environments it will be more important, for security and others but for normal users ... not using Secure Boot is not the end of the world.
It is very simple, although it seems to me that this that Microsoft requires manufacturers to put is a very large bullshit, if windows wants to ensure that only windows that manufacture their own hardware like apple are used and see if the cost is worth it, Surely then people would get cheap PCs and their own proprietary OS
Done the law done the snare….
Somehow the community is going to solve this Secure Boot, without using microchoft keys.
At this stage of technology, I don't think modifying a BIOS option will scare any newbie under 45 🙂
huh !!!! change that "under 45" for "anyone alive" ……………. (I'm 53… ..
and I have changed BIOS since I bought a brand new sinclair ZX 81 ..
a ton of time ago)