article

UEFI - secure boot

[WHAT]

  1. ] Unified Extensible Firmware Interface (UEFI ) -  secure boot - is a feature in the UEFI. It helps prevent the booting(loading) of malicous software. 
  2. ] The UEFI itself is the replacement for the motherboard firmware or BIOS. ( a basic program that runs when your PC first starts and before it hands over control of the PC to the operating system). 
  3. ] MS has implemented this feature in such a fashion that it makes it more difficult to boot other operating systems (aka linux) while the feature is enabled.
  4. ] Users can still boot any other operating systems on their windows-8 certified hardware, but they would need to disable this feature.
  5. ] 15.1 UEFI firmware - concerns are being raised in the linux community about msft handling of the keys. the linux community has been unable to come to a satisfactory resolution to this issue.
  6. ] Several of the major linux distros(RedHat, Ubuntu, ) have implmented their own solutions to workaround the issue.   

[WHY]

  1. ] why do i need/want/use this [UEFI - secure boot]
    1. ] helps prevent your computer from loading malicous software( "malware" ) at boot time

[WHY NOT]

  1. ] you may have issues if you want to install a linux distribution on windows 8 certified hardware and the secure boot feature is enabled. AS I UNDERSTAND IT ...
    1. IF YOU DISABLE THE SECURE BOOT FEATURE IN THE BIOS(UEFI)
      1. you should be able to boot or install any disribution of linux that you desire
    2. IF THE SECURE BOOT FEATURE IS ENABLED 
      1. the only distribution of linux known to boot on windows certified hardware is Ubuntu 12.10 64bit

[WHERE]

  1. ] this feature is built in to the specifcation for any windows 8 device.

[WHEN]

  1. ] to use SECURE BOOT
    1. if your not planning to install another operating system other then windows 8 or > or ubuntu 12.10 (64bit)

[EXAMPLE]

  1. "An exchange of cryptographic keys takes place at boot-time so that a system can verify that the operating system attempting to boot is a genuine one, and not malware. There are further key exchanges along the way. Since Microsoft controls the key-signing authority, everyone who wishes to boot an operating system on hardware certified for Windows 8 has to buy a Microsoft key."

[HOW-TO]

  1. Disable the secure boot feature in the UEFI(BIOS)
    1. this will be dependant upon hardware mfg and will vary betwen upon the manufactere.

[REFERENCE]

  1. ] http://www.itwire.com/opinion-and-analysis/open-sauce/57920-secure-boot-microsoft-shows-up-linux
  2. ] UEFI BUGS from linux users
    1. ] https://plus.google.com/110953740010395822648/posts/3BdAfi77JyH
    2. ] https://plus.google.com/110953740010395822648/posts/c8fa2bwSz2A
    3. ] https://plus.google.com/110953740010395822648/posts/gibTP491tiD
  3. ] UEFI - secure boot ISSUE
    1. ] http://techrights.org/2012/11/21/hardware-keys-for-lf/  

 

Details Photos Edit more

Details

ID: 910

NAME: security-UEFI-secure-boot

DESCRIPTION: [what] a new feature designed to prevent the loading of malicous software at boot time.

AUTHOR: article.author/s

EDITOR: article.editor/s

PUBLISHER: article.publisher/s

STATUS: Write

PRIORITY: -5

OWNER ID: 1

Content Photos Edit more

photos

page_photo

actions

Email Email-Owner SMS and