Linked by Thom Holwerda on Wed 21st Sep 2011 22:06 UTC, submitted by kragil
Windows After the walled garden coming to the desktop operating system world, we're currently witnessing another potential nail in the coffin of the relatively open world of desktop and laptop computing. Microsoft has revealed [.pptx] that as part of its Windows 8 logo program, OEMs must implement UEFI secure boot. This could potentially complicate the installation of other operating systems, like Windows 7, XP, and Linux.
Thread beginning with comment 490287
To read all comments associated with this story, please click here.
How about LiveCDs or USB Drives?
by BlueofRainbow on Thu 22nd Sep 2011 01:15 UTC
BlueofRainbow
Member since:
2009-01-06

Reading through the background (linked) articles, I'm not sure if I fully understand the various keys and what they do.

However, it seems that the firmware would not load a non-signed OS at boot time. If this is correct, then would this block experimenting with other OSes via LiveCDs or USB Drives? Would this also block the Hakintosh initiative?

I can appreciate the need for greater security. However, not at the expense of my freedom of choosing the OS I wish to boot.

Reply Score: 1

lemur2 Member since:
2007-02-17

Reading through the background (linked) articles, I'm not sure if I fully understand the various keys and what they do. However, it seems that the firmware would not load a non-signed OS at boot time. If this is correct, then would this block experimenting with other OSes via LiveCDs or USB Drives? Would this also block the Hakintosh initiative? I can appreciate the need for greater security. However, not at the expense of my freedom of choosing the OS I wish to boot.


As I understand it, you won't be able to boot any OS which isn't signed with a key compatible to what is stored in the UEFI firmware.

Which media is booted from is not important ... Linux LiveCDs or LiveUSBs would not boot (unless signed). Somehow I can't see compatible signing keys being given to Linux projects such as Ubuntu or OpenSuSe.

Reply Parent Score: 3

Neolander Member since:
2010-03-08

Any device which you can boot from is affected. The only way to boot an unsigned OS is to disable "secure boot"... when possible.

Edited 2011-09-22 07:32 UTC

Reply Parent Score: 1