PDA

View Full Version : Fedora could seek Microsoft code signing to contend with secure boot


News
06-03-12, 05:10 PM
http://cdn.arstechnica.net/wp-content/uploads/2012/06/2345748763_91a8e538e4_z.jpeg This penguin is also contemplating boots.
Gilad Rom (http://www.flickr.com/photos/gilad_rom/2345748763/)


Future versions of Fedora could come with a bootloader that is signed by Microsoft, a move that would ensure that the Linux distribution is easy to install on computers with the secure boot mechanism. The proposal was described in a blog entry (http://mjg59.dreamwidth.org/12368.html) this week by Red Hat kernel developer Matthew Garret.

Microsoftâ??s compatibility certification criteria for Windows 8 requires PC vendors to adopt UEFI and enable secure boot (http://blogs.msdn.com/b/b8/archive/2011/09/22/protecting-the-pre-os-environment-with-uefi.aspx). The transition to signed bootloaders will help protect users against certain kinds of malware, but it could also pose an obstacle (http://arstechnica.com/business/2011/09/windows-8-secure-boot-will-complicate-linux-installs/) for for users who want to run third-party operating systems.

In a hardware environment with secure boot, the code that bootstraps the operating system must be signed with a key that corresponds with a certificate stored in the computerâ??s firmware. The computer will refuse to execute code that lacks a trusted signature. The purpose of this mechanism is to prevent arbitrary, untrusted code from running during startup and tampering with the operating system.

Read more (http://arstechnica.com/information-technology/2012/06/fedora-could-seek-microsoft-code-signing-to-contend-with-secure-boot/) | Comments (http://arstechnica.com/information-technology/2012/06/fedora-could-seek-microsoft-code-signing-to-contend-with-secure-boot/?comments=1#comments-bar)

http://feedads.g.doubleclick.net/~at/88Uey633hV5piPWKyG5LR1yv5zQ/0/di (http://feedads.g.doubleclick.net/~at/88Uey633hV5piPWKyG5LR1yv5zQ/0/da)
http://feedads.g.doubleclick.net/~at/88Uey633hV5piPWKyG5LR1yv5zQ/1/di (http://feedads.g.doubleclick.net/~at/88Uey633hV5piPWKyG5LR1yv5zQ/1/da)

http://feeds.feedburner.com/~ff/arstechnica/index?i=Mq2NX1UwZpg:v-ryZ5sL10k:V_sGLiPBpWU (http://feeds.arstechnica.com/~ff/arstechnica/index?a=Mq2NX1UwZpg:v-ryZ5sL10k:V_sGLiPBpWU) http://feeds.feedburner.com/~ff/arstechnica/index?i=Mq2NX1UwZpg:v-ryZ5sL10k:F7zBnMyn0Lo (http://feeds.arstechnica.com/~ff/arstechnica/index?a=Mq2NX1UwZpg:v-ryZ5sL10k:F7zBnMyn0Lo) http://feeds.feedburner.com/~ff/arstechnica/index?d=qj6IDK7rITs (http://feeds.arstechnica.com/~ff/arstechnica/index?a=Mq2NX1UwZpg:v-ryZ5sL10k:qj6IDK7rITs) http://feeds.feedburner.com/~ff/arstechnica/index?d=yIl2AUoC8zA (http://feeds.arstechnica.com/~ff/arstechnica/index?a=Mq2NX1UwZpg:v-ryZ5sL10k:yIl2AUoC8zA)
http://feeds.feedburner.com/~r/arstechnica/index/~4/Mq2NX1UwZpg

More... (http://feeds.arstechnica.com/~r/arstechnica/index/~3/Mq2NX1UwZpg/)