Linked by Thom Holwerda on Thu 31st May 2012 11:11 UTC
Fedora Core "Fedora 18 will be released at around the same time as Windows 8, and as previously discussed all Windows 8 hardware will be shipping with secure boot enabled by default. [...] We've been working on a plan for dealing with this. It's not ideal, but of all the approaches we've examined we feel that this one offers the best balance between letting users install Fedora while still permitting user freedom." Wait for it... "Our first stage bootloader will be signed with a Microsoft key."
Thread beginning with comment 520505
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Comment by Radio
by mjg59 on Sun 3rd Jun 2012 00:27 UTC in reply to "RE[2]: Comment by Radio"
Member since:

Just who will be allowed to get a key, what are the qualifications?

Anyone who's a member of the Microsoft Winqual program.

Who is responsible for approving applicants?


Are any developers or end users going to be denied?

As long as their identity can be validated, no.

If noone is there to vet the software, then doesn't that undermine the entire "security model" behind secure boot?

No, because keys can be revoked.

Do we really know where the money goes? MS may be outsourcing this program to Verisign because they specialise in selling code certificates already, I kind of doubt the deal between MS and Verisign lets Verisign keep all the profits?

All the profits from a $99 identity validation? I'm sure that's significant. In reality, Microsoft subsidise the program heavily.

Reply Parent Score: 1

RE[4]: Comment by Radio
by Alfman on Sun 3rd Jun 2012 03:30 in reply to "RE[3]: Comment by Radio"
Alfman Member since:

Thanks for answering my questions, but with regards to those, what is your source for the information? I'm not willing to assume this works like microsoft's normal code signing process without something authoritative that specifically says so. I couldn't find any of the information specific to alternate bootloader signing on the microsoft links.

I still find it unfortunate that secure boot was designed to control *who* has access instead of being a useful tool for owners to determine their machine has been compromised by bootloader malware. From the sounds of it, it won't be difficult for someone to sign a trojan directly or exploit someone else's buggy code. And from what we already know, "secure boot" will just accept the microsoft key without question.

After the fact revocation is better than nothing I suppose, but it gives very little confidence against a targeted attack, where a trojan is unlikely to be discovered by a victim for whom secure boot has failed.

Sorry mjg59, these last few paragraphs aren't addressed to you... I'm just extremely disappointed that we're going to be stuck with this instead of a more valid and open solution.

Reply Parent Score: 2