Linked by Thom Holwerda on Fri 22nd Jun 2012 23:17 UTC
Ubuntu, Kubuntu, Xubuntu After Fedora, Ubuntu has now also announced how it's going to handle the nonsense called "Secure" Boot. The gist: they'll use the same key as Fedora, but they claim they can't use GRUB2. "In the event that a manufacturer makes a mistake and delivers a locked-down system with a GRUB 2 image signed by the Ubuntu key, we have not been able to find legal guidance that we wouldn't then be required by the terms of the GPLv3 to disclose our private key in order that users can install a modified boot loader. At that point our certificates would of course be revoked and everyone would end up worse off." So, they're going to use the more liberally licensed efilinux loader from Intel. Only the bootloader will be signed; the kernel will not.
Permalink for comment 523485
To read all comments associated with this story, please click here.
vaette
Member since:
2008-08-09

There is a point there, though I think people are a bit quick to jump to the legal attacks based on the convicted monopolist status of Microsoft. One has to understand that Microsoft is not the only company in the Secure Boot game. I also think that one has to accept at least that Microsoft implements Secure Boot and pushes for it a bit.

The thing one could consider is preventing Microsoft from making Secure Boot a Windows 8 logo requirement, but on the other hand the logo requirement is likely the only thing that is ensuring that all x86 systems will have a toggle and key update facility for Secure Boot. Left to themselves many motherboard manufacturers would likely implement Secure Boot (simple checklist feature) either way, but putting in the key update stuff probably has somewhat poor returns in reality.

Mostly what I want to get said though; legal interventions is a dangerous game. Launching challenges against Microsofts uses of cryptography will make principled stands against limitations on cryptography use a bit trickier.

Reply Parent Score: 3