Linked by Thom Holwerda on Fri 22nd Jun 2012 23:17 UTC
Ubuntu, Kubuntu, Xubuntu After Fedora, Ubuntu has now also announced how it's going to handle the nonsense called "Secure" Boot. The gist: they'll use the same key as Fedora, but they claim they can't use GRUB2. "In the event that a manufacturer makes a mistake and delivers a locked-down system with a GRUB 2 image signed by the Ubuntu key, we have not been able to find legal guidance that we wouldn't then be required by the terms of the GPLv3 to disclose our private key in order that users can install a modified boot loader. At that point our certificates would of course be revoked and everyone would end up worse off." So, they're going to use the more liberally licensed efilinux loader from Intel. Only the bootloader will be signed; the kernel will not.
Thread beginning with comment 523406
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Comment by Lazarus
by Pro-Competition on Sat 23rd Jun 2012 01:21 UTC in reply to "Comment by Lazarus"
Pro-Competition
Member since:
2007-08-20

I'm certainly not an expert in this, but from what I've seen, I agree. (In fact, I half wonder why Fedora isn't going the same route.)

This whole "Secure Boot" thing has me upset at Microsoft to a degree I haven't been for several years. The x86/x64 situation is bad enough, but the ARM (WinRT) situation really burns me up.

Reply Parent Score: 4

RE[2]: Comment by Lazarus
by mjg59 on Sat 23rd Jun 2012 02:48 in reply to "RE: Comment by Lazarus"
mjg59 Member since:
2005-10-17

(In fact, I half wonder why Fedora isn't going the same route.)


The only real difference is that Fedora will be requiring a signed kernel and Ubuntu won't. I think we've explained why we believe a signed kernel is necessary.

Reply Parent Score: 3

RE[3]: Comment by Lazarus
by Alfman on Sat 23rd Jun 2012 03:10 in reply to "RE[2]: Comment by Lazarus"
Alfman Member since:
2011-01-28

mjg59,

"The only real difference is that Fedora will be requiring a signed kernel and Ubuntu won't. I think we've explained why we believe a signed kernel is necessary."

I understand the reasons for your decision, but man locking up the kernel from user tinkering must have really clashed with your open source philosophy.

I'm sure you've thought this through more than I have, but my pragmatic impression is that running Fedora under MS's keys offers short term benefits, but comes with severe long term consequences and legitimises microsoft's control over secure boot.

Of course I'm not blaming you guys at all, the situation sucks all around, but a tiny spirit in me wishes you might have put up more of a fight. If the largest linux distros fold, then it seems pretty hopeless for the rest of us.

Reply Parent Score: 4