View Single Post
Old 06-03-12, 04:10 PM   #1
News
Registered User
 
Join Date: Jun 2009
Posts: 47,769
Post Fedora could seek Microsoft code signing to contend with secure boot

This penguin is also contemplating boots.
Gilad Rom


Future versions of Fedora could come with a bootloader that is signed by Microsoft, a move that would ensure that the Linux distribution is easy to install on computers with the secure boot mechanism. The proposal was described in a blog entry this week by Red Hat kernel developer Matthew Garret.

Microsoft's compatibility certification criteria for Windows 8 requires PC vendors to adopt UEFI and enable secure boot. The transition to signed bootloaders will help protect users against certain kinds of malware, but it could also pose an obstacle for for users who want to run third-party operating systems.

In a hardware environment with secure boot, the code that bootstraps the operating system must be signed with a key that corresponds with a certificate stored in the computer's firmware. The computer will refuse to execute code that lacks a trusted signature. The purpose of this mechanism is to prevent arbitrary, untrusted code from running during startup and tampering with the operating system.

Read more | Comments







More...
News is offline   Reply With Quote