Linked by Thom Holwerda on Fri 22nd Jun 2012 23:17 UTC
Ubuntu, Kubuntu, Xubuntu After Fedora, Ubuntu has now also announced how it's going to handle the nonsense called "Secure" Boot. The gist: they'll use the same key as Fedora, but they claim they can't use GRUB2. "In the event that a manufacturer makes a mistake and delivers a locked-down system with a GRUB 2 image signed by the Ubuntu key, we have not been able to find legal guidance that we wouldn't then be required by the terms of the GPLv3 to disclose our private key in order that users can install a modified boot loader. At that point our certificates would of course be revoked and everyone would end up worse off." So, they're going to use the more liberally licensed efilinux loader from Intel. Only the bootloader will be signed; the kernel will not.
Permalink for comment 523422
To read all comments associated with this story, please click here.
RE: Global Key
by Alfman on Sat 23rd Jun 2012 02:50 UTC in reply to "Global Key"
Member since:


"Can't the Linux community create a global key that will have to be shared among all Linux distributions if they want to be compatible? This will also create some sort of standardization the way Linux boots which would mean consistency."

Short answer, no. If they shared the same key, then a security flaw with "Bozo" Linux would mean revoking Debian's key as well. (I'm expecting key revocations could become a common occurrence).

Longer answer: There's no way under secure boot for the owner to tell his computer to trust Debian & Windows but not "Bozo" Linux. The privilege of choosing what can run is left to microsoft & friends since they hold the master keys to our hardware and they're running the certification program. Microsoft's bootloader will hand off to 3rd party bootloaders that are authenticated with a valid certificate.

An unfortunate side effect of this security model is that a vulnerability in ANY approved operating system opens up ALL operating systems to trojans. Bootloader trojans can hook into the system using a BozoLinux flaw and then continue to boot another OS such as windows.

Ideally the owner would be given explicit control over secure boot keys, then they'd just trust Debian's key and that'd be the end of it, no need to trust anyone other than Debian to boot my machine. Not only would it give owners more freedom, it'd be more secure too. It's a real shame secure boot was designed as it was.

Reply Parent Score: 4