April 26, 2019

Microsoft's Secure Boot Gambit

  • September 28, 2011
  • By Sean Kerner

Few vendors and few topics on the Linux Planet inspire as much vitriol as Microsoft. This past week, Microsoft managed to inspire new outrage, as details about its secure boot approach for Windows 8 were alleged to be a potential risk for Linux. It was also a week that saw a delay for Linux 3.1 as the kernel.org servers remained offline.

1. Windows Secure Boot

Red Hat Engineer Matthew Garrett sounded the alarm bell this past week about Microsoft's plans for Windows 8. The upcoming Windows operating system will use the Unified Extensible Firmware Interface (UEFI) secure boot protocol in an effort to make Windows 8 more secure.

UEFI secure boot will require Windows 8 certified hardware vendors to digitally sign their hardware with keys to ensure that only signed applications can boot. That's a move Garret warned could severely impact the Linux ecosystem. Linux users might not be able to install or boot Linux on hardware that has been Windows 8 certified.

Microsoft has attempted to refute Garret's claims.

"There have been some comments about how Microsoft implemented secure boot, and unfortunately these seemed to synthesize scenarios that are not the case," Microsoft executive Steven Sinofsky wrote in a blog post.

Garrett, however, remains convinced that Windows 8 Secure Boot is a problem.

"We at Red Hat have been discussing the problem with other Linux vendors, hardware vendors and BIOS vendors," Garrett said. "We've been making sure that we understood the ramifications of the policy in order to avoid saying anything that wasn't backed up by facts."

Garrett also argued that Microsoft's rebuttal is entirely factually accurate but misleading.

"The truth is that Microsoft's move removes control from the end user and places it in the hands of Microsoft and the hardware vendors," Garrett said.

Windows 8 is still months away from being generally available, so the risk to Linux isn't immediate. That said, if Garrett's assertions prove to be entirely accurate, the Linux community will be severely challenged to overcome the Microsoft-certified hardware juggernaut as a barrier to Linux usage.

With $1 billion in revenue and relationships with many of the world's leading server vendors, Red Hat is a good company to help lead the fight on some levels. Let's hope other Linux vendors join the battle to ensure hardware isn't locked to Windows, locking out Linux.

2. Linux 3.1 Delayed

Linux kernels are pushed out by Linus Torvalds on a six- to eight-week cycle, with some releases taking a bit longer than others for various reasons. The upcoming Linux 3.1 release will be on the longer side thanks to some developer testing issues and issues at kernel.org.

On the testing side, Torvalds publicly chided some kernel developers about a lack of testing for new kernel patches.

"I really wanted to release -rc7 today. But no way am I applying these kinds of totally untested patches," Torvalds wrote last Monday. "Can you guys please get your act together? Stop with the 'this might just work' crap. Because -rc7 is just too late to dick around like that."

Linux 3.1 is also being impacted by Torvalds' desire to start the merge process for the Linux 3.2 kernel on the kernel.org site, which remained offline last week.

3. Kernel.org Still Down

The kernel.org site remained offline last week, as it has for almost all of September. Kernel.org was hit by an attack at the end of August, and site administrators have been scrambling to make its infrastructure more secure ever since.

It's still not clear when kernel.org will return to full service, although admin Peter Anvin has provided an update about what has been going on.

"As you know, we've been working very hard on building a new kernel.org infrastructure from the ground up," Anvin wrote. "This new infrastructure will no longer have shell access to the git repositories; instead, we will be running git using the gitolite web glue."

4. Ubuntu 11.10 Hits Beta 2, Gets 'Juju'

The next major Ubuntu release is coming soon. This past week, Canonical released the final beta ahead of general availability.

Ubuntu 11.10 Beta 2 includes the Linux 3.0.4 kernel and a new GNOME update to version 3.1.92. On the Server side, Ubuntu 11.10 now includes something called Orchestra, which is a suite of tools for orchestrating (deploying and managing) data center infrastructure servers.

Part of Orchestra is the renamed Ensemble cloud orchestration tool, which is now known as 'Juju' -- an African word for magic.

5. Firefox 7 Released

Firefox 7 officially launches September 27th, providing Linux users with significant memory improvements.

Mozilla has been fielding complaints from Linux and other operating system users for years about Firefox's expanding memory footprint. With Firefox 7, the open source browser is taking its most dramatic steps yet to make the browser faster while reducing memory usage.

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.

Most Popular LinuxPlanet Stories