{"id":1019,"date":"2013-02-12T13:18:52","date_gmt":"2013-02-12T18:18:52","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1019"},"modified":"2013-02-12T13:18:52","modified_gmt":"2013-02-12T18:18:52","slug":"secure-boot-loader-now-available-to-allow-linux-to-work-on-windows-8-pcs","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/02\/12\/secure-boot-loader-now-available-to-allow-linux-to-work-on-windows-8-pcs\/","title":{"rendered":"Secure boot loader now available to allow Linux to work on Windows 8 PCs"},"content":{"rendered":"

Secure boot loader now available to allow Linux to work on Windows 8 PCs
\nFreeing the way for independent Linux distributions to be installed on Windows 8 computers, the Linux Foundation has released software that will allow Linux to work with computers running the UEFI (Unified Extensible Firmware Interface) firmware.
\nThe Linux Foundation Secure Boot System solves a fundamental problem for many Linux distributions, by providing a way for a Linux-based OS to run on new hardware controlled by UEFI firmware, also known as “secure-boot” technology.
\n“The Linux Foundation wishes not only to enable Linux to keep booting in the face of the new wave of secure boot systems, but also to enable those technically savvy users who wish to do so to actually take control of the secure boot process by installing their own platform key,” wrote Linux Foundation technical advisory board member James Bottomley, who led the development of the bootloader, in a statement.
\nAs a potential replacement to the long-used BIOS firmware, UEFI is an industry initiative to secure computers against malware by designing the computer’s firmware to require a trusted key before booting the operating system, or any hardware inside the computer, such as a graphics card.
\nUEFI would provide a foundation for a chain of trust that would connect all the way up to the software layer, which could thwart attempts to install illicit, and harmful, software on computers.
\nWindows 8
\nMicrosoft requires UEFI on all machines running Windows 8. While OEMs (original equipment manufacturers) have the option of providing a way to turn off UEFI so other OSes can run on the machine, many in the Linux community fear that OEMs will not provide a UEFI off-switch, thereby not allowing other OSes without a key to run on these machines.
\nA generic Linux distribution will not run on a Windows 8 computer without keys.
\n“In secure mode … the platform will only execute EFI binaries signed with a key that is whitelisted in the UEFI secure boot signature database,” Bottomley explained.
\nThe latest releases of many major Linux distributions now include a bootloader or a shim of some sort to work with UEFI, including Ubuntu 12.10 and Fedora 18. This UEFI requirement, however, has been seen as a roadblock for those who like to create their own distributions of Linux. The Linux Foundation bootloader provides a hash code, certified by Microsoft, and support infrastructure to boot a generic Linux kernel.
\n“We have in place a protocol where Microsoft is happy for us to hand off from the initial Microsoft signed EFI binary load to a separately verified EFI binary chain, which the individual distributions control,” Bottomley wrote.
\nOther efforts
\nThis is not the first approach someone in the Linux camp has devised for working with UEFI. Security developer Matthew Garrett released his own shim last year.
\nA shim is different from a bootloader even though both override the UEFI security system to load Linux. Garrett’s shim is hardcoded to work with a specific generic bootloader, called elilo, that boots the Linux kernel.
\nUEFI
\nThe Linux Foundation bootloader, which Bottomley said technically is more of “a preloader,” can work with any generic Linux bootloader. “We did this because our mission is to enable any bootloader in the Linux ecosystem to work with secure boot,” Bottomley said.
\nGarrett and Bottomley are discussing the possibility of merging Garrett’s shim with the Linux Foundation’s bootloader. Garrett helped Bottomley create the bootloader, as did other developers from the Linux Foundation, Red Hat, and Canonical.
\nUEFI has proved to be a challenge to implement even for Microsoft Windows. Garrett also reported that certain Samsung laptops running Windows 8 could permanently stop working due to a bug in how the Samsung firmware stores system crash data in the UEFI storage space.
\nvia Secure boot loader now available to allow Linux to work on Windows 8 PCs | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Secure boot loader now available to allow Linux to work on Windows 8 PCs Freeing the way for independent Linux […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,4,5,9,11],"tags":[620,1218],"class_list":["post-1019","post","type-post","status-publish","format-standard","hentry","category-hardware","category-linux","category-microsoft","category-software","category-windows","tag-linux-2","tag-windows-8"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-gr","jetpack-related-posts":[{"id":9655,"url":"https:\/\/nccomputertech.com\/techtalk\/2021\/03\/09\/fuquay-varina-and-holly-springs-computer-repair\/","url_meta":{"origin":1019,"position":0},"title":"Fuquay Varina and Holly Springs Computer Repair","author":"NCCT","date":"March 9, 2021","format":false,"excerpt":"Welcome to our blog. NC Computer Tech services Fuquay Varina, Holly Springs, and surrounding NC areas. We offer prompt, professional, courteous service with over twenty years of experience dealing with residential and small business clients offering them solutions and fixing their computer and network issues at reasonable rates. Our services\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9428,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/10\/28\/all-the-presidents-phones-this-week-in-tech-690\/","url_meta":{"origin":1019,"position":1},"title":"All the President’s Phones – This Week in Tech 690","author":"NCCT","date":"October 28, 2018","format":false,"excerpt":"https:\/\/youtu.be\/pmfcU05twvo IBM buys Red Hat, worst Windows 10 ever, Right to Repair wins, and more. -- What's in store for Apple's big event this Tuesday? -- Tim Cook vs the \"data industrial complex\" -- Amazon's government controversies -- IBM buys Red Hat for $34 billion - the largest software purchase\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/pmfcU05twvo\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9902,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/tpm-2-0-is-not-required-for-windows-11\/","url_meta":{"origin":1019,"position":2},"title":"TPM 2.0 Is Not Required for Windows 11","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/yjjCbOOpREg On Security Now, Steve Gibson talks about Microsofrt dropping the TPM 2.0 requirement from Windows 11.","rel":"","context":"In "Microsoft"","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/yjjCbOOpREg\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9904,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/how-can-this-launch-get-any-worse\/","url_meta":{"origin":1019,"position":3},"title":"How can this launch get any worse?","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/cDuEq1URx5c The Zotac 5090 Solid OC is one of the most common 5080 and 5090 cards in the wild right now... but it has some of the worst software I've seen in a long time!","rel":"","context":"In "Hardware"","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/cDuEq1URx5c\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9890,"url":"https:\/\/nccomputertech.com\/techtalk\/2024\/12\/08\/49-years-of-video-game-consoles-in-10-minutes\/","url_meta":{"origin":1019,"position":4},"title":"49 Years Of Video Game Consoles in 10 Minutes","author":"NCCT","date":"December 8, 2024","format":false,"excerpt":"https:\/\/youtu.be\/27_xEN5srVI Believe it or not, the home video game console has been around for nearly 49 years. Yes, that\u2019s almost half a century. Since 1972, we\u2019ve seen over 30 consoles created and sold in North America, which is a ridiculous amount of consoles. That\u2019s an average of more than one\u2026","rel":"","context":"In "Hardware"","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/27_xEN5srVI\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1019","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1019"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1019\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}