Home opinion-and-analysis Open Sauce Is secure boot going to become compulsory on servers?

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Is secure boot going to become compulsory on servers? Featured

Does the Germany-based GNU/Linux company SUSE know something about Microsoft's secure boot plans that other Linux companies do not?

SUSE's enterprise server distribution has today (July 8 in the US) become the first enterprise server distribution to incorporate support for secure boot.

It is one of several new features in the third service pack for SLES 11. The original release of SLES 11 was made in 2009.

Secure boot is one of the features available in the Unified Extensible Firmware Interface or UEFI, the replacement for the BIOS on motherboards. It was implemented in Windows 8 which was released in October last year.

Microsoft's implementation uses cryptographic keys to authenticate the kernel that is being loaded. Secure boot has to be turned on on all hardware that is pre-installed with Windows 8. Hence anyone who wishes to boot an image on such hardware would need to obtain a key from Microsoft.

Some GNU/Linux distributions have developed their own methods of booting on such hardware. However, installing such distributions on the same disk alongside Windows 8 is still not an easy task for the average user.

But thus far, secure boot has been seen only as an issue for desktop users, never in the server room.

SUSE has closer ties to Microsoft than other GNU/Linux companies. It signed a patent licensing deal with Microsoft back in 2006, and renewed the deal when it fell due.

So is there something about the spread of secure boot to servers as a compulsory feature that it knows something about?

Matthias Eckerman, a senior product manager at SUSE, has been quoted by the website ServerWatch as saying that market analysis shows that secure boot may be deployed and even required on servers "going forward".

Secure boot support was implemented in SUSE's community distribution, openSUSE, in its last release and features from this distribution often make their way into the enterprise distribution.

Given Windows 8 desktop take-up by businesss that can only be described as a disaster, one would have thought that Microsoft would think twice about making lockout mechanisms such as secure boot compulsory for its server range.

But then Microsoft has not always been known to make sane decisions, especially under the stewardship of Steve Ballmer.

FREE REPORT - IT MONITORING TOOLS COMPARISON

Are you looking to find the most efficient IT Monitoring tool available?

IT Monitoring is an essential part of the operations of any organisation with a significant network architecture.

Multiple IT monitoring platforms are available on the market today, supporting the various needs of small, medium-sized, and large enterprises, as well as managed service providers (MSPs).

This new report studies and compares eight different IT monitoring products in terms of functionality, operations, and usability on the same server platform with 100 end devices.

Which product is easiest to deploy, has the best maintenance mode capabilities, the best mobile access and custom reporting, dynamic thresholds setting, and enhanced discovery capabilities?

Download your free report to find out.

DOWNLOAD!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

Connect