SUSE Linux outlines plans for Windows 8 secure boot
Based on Fedora's strategy, this new approach to Windows 8's restrictions adds new flexibility to the mix.
IDG News Service - Well, the Secure Boot saga keeps going on and on as Linux distributions far and wide decide how they're going to work around Windows 8's planned restrictions, and this week we heard from yet another project.
"UEFI Secure Boot is a useful technology, making it harder for attackers to hide a rootkit in the boot chain," began Olaf Kirch, director of the SUSE Linux Enterprise department in SUSE Engineering, in a blog post on Wednesday. "At the same time, already the basics of its operation -- establishing a single root of trust -- conflict with the principles of Open Source development, which must be independent and distributed to work."
'It's a Smart Solution'
For those who missed it, Windows 8's Unified Extensible Firmware Interface (UEFI) will stipulate that only operating systems with an appropriate digital signature can boot. Both the Free Software Foundation and the Linux Foundation have weighed in with their own views on the matter.
Yet there are two ways of working around those restrictions, Kirch explained.
"One is to work with hardware vendors to have them endorse a SUSE key which we then sign the boot loader with," he explained. "The other way is to go through Microsoft's Windows Logo Certification program to have the boot loader certified and have Microsoft recognize our signing key."
SUSE plans to use the shim loader originally developed by Fedora, Kirch said: "It's a smart solution which avoids several nasty legal issues, and simplifies the certification/signing step considerably," he explained.
That shim loader will load the GRUB 2 boot loader, verify it, and then load kernels signed by a SUSE key.
Two Keys Possible
On Thursday, however, Vojet
- Maintain Less. Create More. Spend less on maintenance and spend more time creating with Red Hat Enterprise Linux. Read on to learn how Red Hat can help...
- Flying High on the Use of Red Hat Enterprise Linux Flybe was one of the 21 companies that were interviewed for quantitative results on their operations as part of an IDC ROI analysis....
- SANS: Next-Generation Datacenters = Next-Generation Security This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Linux and Unix White Papers | Webcasts