Home opinion-and-analysis Open Sauce Ubuntu 12.10 and Windows 8: an uneasy marriage

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Ubuntu 12.10 and Windows 8: an uneasy marriage Featured
Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


It is difficult to recall, in the recent past, a new technology about which there has such an avalanche of uninformed writing, misinformation or secrecy than secure boot.

Secure boot is one feature of the Unified Extensible Firmware Interface, or UEFI, the replacement for the BIOS on common hardware devices like PCs and laptops. (This is commonly referred to as the UEFI BIOS and I shall use this term right through this article).

Microsoft has implemented secure boot in a certain manner and since all hardware manufacturers will be following suit, any vendor of an operating system other than Windows has to follow Microsoft's system to get their operating systems to boot on machines on which secure boot is in operation. All devices that come with Windows 8 pre-installed have secure boot turned on.

PC motherboards that sell in retail come with secure boot off. You can turn it on after building your machine. The boards available in Australia at the moment need a UEFI BIOS upgrade before they will support secure boot.

When secure boot is turned on, the firmware on a motherboard will check, at boot time, to see if the operating system that is trying to boot is genuine; this check is done by means of cryptographic keys. It is ostensibly meant to prevent boot-time malware from infecting Windows 8; coincidentally, it also serves to make it pretty hard for a user to boot any other operating system on said machine.

Microsoft controls the key signing authority and has outsourced the job to Verisign; thus any keys purchased have to be bought from Verisign. Each key costs $US99.

On the x86 platform, Microsoft has mandated that there needs to be a way for secure boot to be turned off. This is not due to a sudden bout of kindness; if Microsoft did not do so, then there would probably be another anti-trust lawsuit given the dominance that Microsoft enjoys on this platform. Vendors are thus required to provide a means of turning off secure boot. However, on the ARM platform, there is no requirement for such a mechanism; there is no fear of an anti-trust suit, at least not yet, as no operating system vendor has a near monopoly of the platform.

Linux (the kernel) has been able to boot on UEFI systems for quite some time. But that does not mean a Linux distribution can boot on a system which is locked down using secure boot. And here is where there is much confusion; one of the most confusing documents I found over the last few days is this, where the reader will come away with the impression that UEFI and secure boot are one and the same thing.

The best way to understand the new technology is to get hands-on and that is what I have done: I have installed Windows 8 without secure boot, and then done an install with secure boot turned on. I built a machine with an MSI Z77A-G41 motherboard for these experiments; given that the layout for the UEFI BIOS differs from one major manufacturer to the next, my conclusions are for this hardware only. Your mileage may vary.

ITWIRE SERIES - REVENUE-CRITICAL APPS UNDERPERFORMING?

Avoid War Room Scenarios and improve handling of critical application problems:

• Track all transactions, end-to-end, all the time and know what your users experience 24/7

• View code level details with context and repair problems quickly

• Fix problems in minutes before they wreak havoc

• Optimize your most important applications, Java, .NET, PHP, C/C++ and many more

Start your free trial today!

CLICK FOR FREE TRIAL!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

Connect