SUSE Linux outlines plans for Windows 8 secure boot
Based on Fedora's strategy, this new approach to Windows 8's restrictions adds new flexibility to the mix.
IDG News Service - Well, the Secure Boot saga keeps going on and on as Linux distributions far and wide decide how they're going to work around Windows 8's planned restrictions, and this week we heard from yet another project.
"UEFI Secure Boot is a useful technology, making it harder for attackers to hide a rootkit in the boot chain," began Olaf Kirch, director of the SUSE Linux Enterprise department in SUSE Engineering, in a blog post on Wednesday. "At the same time, already the basics of its operation -- establishing a single root of trust -- conflict with the principles of Open Source development, which must be independent and distributed to work."
'It's a Smart Solution'
For those who missed it, Windows 8's Unified Extensible Firmware Interface (UEFI) will stipulate that only operating systems with an appropriate digital signature can boot. Both the Free Software Foundation and the Linux Foundation have weighed in with their own views on the matter.
Yet there are two ways of working around those restrictions, Kirch explained.
"One is to work with hardware vendors to have them endorse a SUSE key which we then sign the boot loader with," he explained. "The other way is to go through Microsoft's Windows Logo Certification program to have the boot loader certified and have Microsoft recognize our signing key."
SUSE plans to use the shim loader originally developed by Fedora, Kirch said: "It's a smart solution which avoids several nasty legal issues, and simplifies the certification/signing step considerably," he explained.
That shim loader will load the GRUB 2 boot loader, verify it, and then load kernels signed by a SUSE key.
Two Keys Possible
On Thursday, however, Vojet
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Protection for Every Enterprise: How BlackBerry Security Works Get an IT-level review of BlackBerry® Security, addressing data leakage protection, certified encryption, containerization and much more.
- Future Focus: What's Coming in Enterprise Mobility Management (EMM) Find out why Enterprise Mobility Management (EMM) solutions that are truly future-ready must be designed to enable Machine-to-Machine (M2M) capabilities and much more.
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the... All Linux and Unix White Papers | Webcasts