No subject


Fri Jun 24 16:40:32 EST 2011


xxxxxxxxxxxxxxxxxxxxxxxxx

+--------------------------------------------------------------------------=
------------------------------
| Will Secure Boot Cripple Linux Compatibility?
|   from the security-through-totalitarianism dept.
|   posted by Unknown Lamer on Wednesday January 18, @18:14 (Security)
|   with 291 comments
|
https://linux.slashdot.org/story/12/01/18/167257/will-secure-boot-cripple-l=
inux-compatibility?utm_source=3Dnewsletter&utm_medium=3Demail
+--------------------------------------------------------------------------=
------------------------------

MojoMax writes "The advent of Windows 8 is drawing ever nearer and
recently we have learned that ARM devices installed with Windows 8 will
[0]not be able to disable the UEFI secure boot feature that many of us
are deeply concerned about. However, UEFI is still a very real danger to
Linux and the freedom to use whichever OS you chose. Regardless of
information for OEMs to enable customers to install their own keys, such
as that [1]published by the Linux Foundation, there are still very
serious and as yet unresolved issues with using secure boot and Linux.
These issues are best summarized quoting Matthew Garrett: 'Signing the
kernel isn't enough. Signed Linux kernels must refuse to load any
unsigned kernel modules. Virtualbox on Linux? Dead. Nvidia binary driver
on Linux? Dead. All out of tree kernel modules? Utterly, utterly dead.
Building an updated driver locally? Not going to happen. [2]That's going
to make some people fairly unhappy.'"

Discuss this story at:

https://linux.slashdot.org/story/12/01/18/167257/will-secure-boot-cripple-l=
inux-compatibility?utm_source=3Dnewsletter&utm_medium=3Demail#commentlistin=
g

Links:
    0.
http://linux.slashdot.org/story/12/01/14/0236244/microsoft-taking-aggressiv=
e-steps-against-linux-on-arm
    1.
http://www.linuxfoundation.org/publications/making-uefi-secure-boot-work-wi=
th-open-platforms
    2. http://mjg59.dreamwidth.org/9844.html


--=20
Don Knowles, Rockhampton, Australia
a Founding Member of Central Queensland Linux User Group

--14dae93407657e3b3104b6e37721
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Is this the issue that just won't die? Is Microsoft trying to "fly=
 in under the radar&quot; to avoid any fights until too late?<div><br></div=
><div><div>xxxxxxxxxxxxxxxxxxxxxxxxx</div><div>From Slashdot on 15/01/12</d=
iv>
<div>xxxxxxxxxxxxxxxxxxxxxxxxx</div><div><br></div><div>+------------------=
---------------------------------------------------------------------------=
-----------</div><div>| Microsoft Taking Aggressive Steps Against Linux On =
ARM</div>
<div>| =A0 from the justice-department-be-damned dept.</div><div>| =A0 post=
ed by timothy on Saturday January 14, @08:05 (DRM)</div><div>| =A0 with 565=
 comments</div><div>| =A0 <a href=3D"https://linux.slashdot.org/story/12/01=
/14/0236244/microsoft-taking-aggressive-steps-against-linux-on-arm?utm_sour=
ce=3Dnewsletter&amp;utm_medium=3Demail">https://linux.slashdot.org/story/12=
/01/14/0236244/microsoft-taking-aggressive-steps-against-linux-on-arm?utm_s=
ource=3Dnewsletter&amp;utm_medium=3Demail</a></div>
<div>+---------------------------------------------------------------------=
-----------------------------------</div><div><br></div><div>New submitter =
Microlith writes &quot;Microsoft has updated their WHQL</div><div>certifica=
tion requirements for Windows 8, and [0]placed specific</div>
<div>restrictions on ARM platforms that will make it impossible to install<=
/div><div>non-Microsoft operating systems on ARM devices, and make it impos=
sible to</div><div>turn off or customize such security. Choice quotes from =
the certification</div>
<div>include from page 116, section 20: &#39;On an ARM system, it is forbid=
den to</div><div>enable Custom Mode. Only Standard Mode may be enabled&#39;=
 =E2=80=94 which prevents</div><div>users from customizing their security, =
and in section 21: &#39;Disabling</div>
<div>Secure MUST NOT be possible on ARM systems&#39; to prevent you from bo=
oting</div><div>any other OSes.&quot;</div><div><br></div><div>Discuss this=
 story at:</div><div>=A0 =A0 <a href=3D"https://linux.slashdot.org/story/12=
/01/14/0236244/microsoft-taking-aggressive-steps-against-linux-on-arm?utm_s=
ource=3Dnewsletter&amp;utm_medium=3Demail#commentlisting">https://linux.sla=
shdot.org/story/12/01/14/0236244/microsoft-taking-aggressive-steps-against-=
linux-on-arm?utm_source=3Dnewsletter&amp;utm_medium=3Demail#commentlisting<=
/a></div>
<div><br></div><div>Links:</div><div>=A0 =A0 0. <a href=3D"http://www.softw=
arefreedom.org/blog/2012/jan/12/microsoft-confirms-UEFI-fears-locks-down-AR=
M/">http://www.softwarefreedom.org/blog/2012/jan/12/microsoft-confirms-UEFI=
-fears-locks-down-ARM/</a></div>
<div><br></div><div>xxxxxxxxxxxxxxxxxxxxxxxxx</div><div>From Slashdot on 19=
/01/12=A0</div><div>xxxxxxxxxxxxxxxxxxxxxxxxx</div><div><br></div><div>+---=
---------------------------------------------------------------------------=
--------------------------</div>
<div>| Will Secure Boot Cripple Linux Compatibility?</div><div>| =A0 from t=
he security-through-totalitarianism dept.</div><div>| =A0 posted by Unknown=
 Lamer on Wednesday January 18, @18:14 (Security)</div><div>| =A0 with 291 =
comments</div>
<div>| =A0 <a href=3D"https://linux.slashdot.org/story/12/01/18/167257/will=
-secure-boot-cripple-linux-compatibility?utm_source=3Dnewsletter&amp;utm_me=
dium=3Demail">https://linux.slashdot.org/story/12/01/18/167257/will-secure-=
boot-cripple-linux-compatibility?utm_source=3Dnewsletter&amp;utm_medium=3De=
mail</a></div>
<div>+---------------------------------------------------------------------=
-----------------------------------</div><div><br></div><div>MojoMax writes=
 &quot;The advent of Windows 8 is drawing ever nearer and</div><div>recentl=
y we have learned that ARM devices installed with Windows 8 will</div>
<div>[0]not be able to disable the UEFI secure boot feature that many of us=
</div><div>are deeply concerned about. However, UEFI is still a very real d=
anger to</div><div>Linux and the freedom to use whichever OS you chose. Reg=
ardless of</div>
<div>information for OEMs to enable customers to install their own keys, su=
ch</div><div>as that [1]published by the Linux Foundation, there are still =
very</div><div>serious and as yet unresolved issues with using secure boot =
and Linux.</div>
<div>These issues are best summarized quoting Matthew Garrett: &#39;Signing=
 the</div><div>kernel isn&#39;t enough. Signed Linux kernels must refuse to=
 load any</div><div>unsigned kernel modules. Virtualbox on Linux? Dead. Nvi=
dia binary driver</div>
<div>on Linux? Dead. All out of tree kernel modules? Utterly, utterly dead.=
</div><div>Building an updated driver locally? Not going to happen. [2]That=
&#39;s going</div><div>to make some people fairly unhappy.&#39;&quot;</div>
<div><br></div><div>Discuss this story at:</div><div>=A0 =A0 <a href=3D"htt=
ps://linux.slashdot.org/story/12/01/18/167257/will-secure-boot-cripple-linu=
x-compatibility?utm_source=3Dnewsletter&amp;utm_medium=3Demail#commentlisti=
ng">https://linux.slashdot.org/story/12/01/18/167257/will-secure-boot-cripp=
le-linux-compatibility?utm_source=3Dnewsletter&amp;utm_medium=3Demail#comme=
ntlisting</a></div>
<div><br></div><div>Links:</div><div>=A0 =A0 0. <a href=3D"http://linux.sla=
shdot.org/story/12/01/14/0236244/microsoft-taking-aggressive-steps-against-=
linux-on-arm">http://linux.slashdot.org/story/12/01/14/0236244/microsoft-ta=
king-aggressive-steps-against-linux-on-arm</a></div>
<div>=A0 =A0 1. <a href=3D"http://www.linuxfoundation.org/publications/maki=
ng-uefi-secure-boot-work-with-open-platforms">http://www.linuxfoundation.or=
g/publications/making-uefi-secure-boot-work-with-open-platforms</a></div><d=
iv>
=A0 =A0 2. <a href=3D"http://mjg59.dreamwidth.org/9844.html">http://mjg59.d=
reamwidth.org/9844.html</a></div><div><br></div><div><br></div>-- <br>Don K=
nowles, Rockhampton, Australia<br>a Founding Member of Central Queensland L=
inux User Group<br>

</div>

--14dae93407657e3b3104b6e37721--



More information about the linux-aus mailing list