The release of Windows 8 has been a source of concern to the open source community because its Unified Extensible Firmware Interface (UEFI) threatened to make it impossible to run Linux on systems designed for Windows 8. However, the Linux Foundation has released a secure boot loader which should allow Linux users to avoid the potential problems.
The H reported, “On behalf of the Linux Foundation, kernel developer James Bottomley has released a Microsoft-signed mini bootloader whose signature is trusted by typical Windows 8 PCs and which allows such PCs to be started when Secure Boot is active.”
Computerworld’s Joab Jackson explained, “As a potential replacement to the long-used BIOS firmware, UEFI is an industry initiative to secure computers against malware by designing the computer’s firmware to require a trusted key before booting the operating system, or any hardware inside the computer, such as a graphics card. UEFI would provide a foundation for a chain of trust that would connect all the way up to the software layer, which could thwart attempts to install illicit, and harmful, software on computers. Microsoft is requiring UEFI on all machines running Windows 8. While OEMs (original equipment manufacturers) have the option of providing a way to turn off UEFI so other OSes can run on the machine, many in the Linux community fear that OEMs will not provide a UEFI off-switch, thereby not allowing other OSes without a key to run on these machines. A generic Linux distribution will not run on a Windows 8 computer without keys.”
The Register’s Neil McAllister added, “The Linux community was first alerted to potential problems with Secure Boot in 2011, when computer boffins warned that the digital signing restrictions in UEFI could lock Linux out of PCs that shipped with Windows installed and the firmware security features enabled. With Secure Boot switched on, the UEFI firmware will only boot operating systems that have been digitally signed, which is problematic for free software. In particular, software that is licensed under the GPLv3 – such as the popular Linux bootloader Grub 2 – is explicitly incompatible with Microsoft’s signing scheme.”
ZDNet’s Steven J. Vaughan-Nichols observed, “With these files you should be able to boot and install Linux on almost any Windows 8 PC. I say ‘should’ because this is the first release. As Bottomley himself wrote, ‘Let me know how this goes because I’m very interested to gather feedback about what works and what doesn’t work. In particular, there’s a worry that the security protocol override might not work on some platforms, so I particularly want to know if it doesn’t work for you.'”