Linux Foundation releases secure boot system for UEFI systems
The Linux Foundation has released a boot loader software that will allow the Linux operating system to work with computers equipped with the Unified Extensible Firmware Interface firmware. This makes it possible for systems incorporating this "secure boot" technology to boot up the Linux OS.
As we reported earlier, the UEFI is an industry initiative designed to stop hackers from inserting malware at the pre-OS environment by corrupting the boot loader. However, it stirred up concerns that an alternative OS could be prevented from being installed on such systems, and is a major issue given that Microsoft requires UEFI on all "Designed for Windows 8" PCs.
Under the hood, a UEFI system in secure mode will only execute system binaries that are signed with a key whitelisted in the UEFI secure boot signature database.
To get around this, major Linux distributions that were released recently have included a bootloader or a shim to work with UEFI, reports Computerworld. However, this route is a major barrier to individuals looking to roll out their own distribution of Linux. The secure boot system is aimed at providing a standardized method to make things easier.
"We have in place a protocol where Microsoft is happy for us to hand off from the initial Microsoft signed EFI binary load to a separately verified EFI binary chain, which the individual distributions control," says Linux Foundation technical advisory board member James Bottomley, in a statement. The secure boot system can be downloaded here.
- check out this article at Computerworld