Secure boot: Linux Foundation, vendors offer solutions

Sam Varghese
Monday, 31 October 2011 11:52

Opinion and Analysis

Microsoft's proposal for a secure boot process in Windows 8 has alarmed GNU/Linux vendors and the body that caters to kernel development to the extent that they have drafted documents to specify how such a process can be used without hindering the use of other operating systems.

Both papers, one from the Linux Foundation, and the second a joint effort from Red Hat, Canonical and Parallels, were released on October 28.

But, as the Linux Foundation paper (PDF) points out, GNU/Linux and other open operating systems can only take advantage of secure boot if it is implemented properly in the hardware. Control rests with the hardware vendor who, in turn, will be under pressure from Microsoft.

The Windows 8 secure boot process was made public in September when a developer preview of the operating system was released.

Windows 8 uses specifications from the Unified Extensible Firmware Interface -that defines a software interface between an operating system and platform firmware - namely the secure boot protocol, to ensure exclusive booting rights on hardware.

The fact that this process could, theoretically, be used to lock out other operating systems was initially noticed and commented on by Linux kernel developer Matthew Garrett; Microsoft reacted to this with its own comments but did not alleviate any of the concerns he had raised.

There was concern voiced, among others, by Australian GNU/Linux users, some of whom complained to the Australian Consumer and Competition Commission; their complaints earned them form letters in response, letters that excited some tech outlets which saw in them reason for hope when there was none.