Wednesday, September 21, 2011

#windows 8 "enabled" pcs may be prevented from booting linux

in a recent post matthew garrett (via greg.k.h) explains that windows 8 may utilize UEFI secure booting and lock away all linux boot managers (or at least attempt to do so).

There is no centralised signing authority for these UEFI keys. If a vendor key is installed on a machine, the only way to get code signed with that key is to get the vendor to perform the signing. A machine may have several keys installed, but if you are unable to get any of them to sign your binary then it won't be installable.
full read here:

a video presentation of UEFI booting (ironically in WMV format):

my opinion is that such a firmware setup may greatly reduce the choices for home users to purchase some new system and essentially limit their freedom if they are already using one of such due to certain circumstances. also software updates in signed boot managers might get prevented as well and therefore a firmware update will be required. but i do think that UEFI is a great peace of technology and that BIOS should be eventually replaced - sooner or later.

update 23.09.2011:
looks like microsoft responded to the issue, but apparently they do not provide enough evidence to contradict the available facts for the consequences of setting up a secure boot interface: