Linked by Thom Holwerda on Thu 31st May 2012 11:11 UTC
Fedora Core "Fedora 18 will be released at around the same time as Windows 8, and as previously discussed all Windows 8 hardware will be shipping with secure boot enabled by default. [...] We've been working on a plan for dealing with this. It's not ideal, but of all the approaches we've examined we feel that this one offers the best balance between letting users install Fedora while still permitting user freedom." Wait for it... "Our first stage bootloader will be signed with a Microsoft key."
Thread beginning with comment 520160
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Wonderful...
by Neolander on Thu 31st May 2012 15:49 UTC in reply to "RE: Wonderful..."
Neolander
Member since:
2010-03-08

A bit of a weak comparison. If Fedora is to work with secure boot they either have to get a key into all hardware or get their bootloader signed by someone who already is getting a key into all hardware. Microsoft is the only company in the latter camp.

...which is only the case due to the brain-dead way Secure Boot has been designed, by Microsoft themselves, to begin with.

What Fedora is asking Microsoft for a small signature for their bootloader. No Microsoft code is involved.

What Fedora ended up having to do is paying Microsoft in order to receive a revocable permission to let their users comfortably run the OS they want on their hardware. Don't you see a problem there ?

There will be plenty of hardware which allows secure boot to be disabled, or keys to be replaced, in which case you can go through the trouble of setting things up right yourself.

Why should users have to fiddle with obscure firmware settings and break their Windows install by swapping the Microsoft key with something else only to get another OS on their computer ? Why couldn't they just insert or connect the OS installation media, add the new signing key to the firmware database when asked with a scary warning if they really want to do so, and get a working dual-boot setup like they do today ?

For the sake of novice users however it is useful both that the boot is protected from malware and that Fedora can install without a lot of manual configuration.

Plus, of course, Fedora having secure booting is a good security measure in itself.

I am not saying that Secure Boot is useless here, only that its core design is terrible, and that Microsoft have consistently refused to fix its flaws in what borders monopoly abuse.

It benefits no one but Microsoft when other OSs have to become their slave in order to keep a sane installation process.

Edited 2012-05-31 15:55 UTC

Reply Parent Score: 6