Weekly Edition
Return to the Announcements page
| |||||||||||||
Two UEFI secure boot white papers
Two white papers have been published on the subject of how the UEFI secure
boot specification can be made to work with free operating systems. The
first is Making
UEFI Secure Boot Work With Open Platforms by James Bottomley and
Jonathan Corbet; it is published by the Linux Foundation. "Linux and
other open operating systems will be able to take advantage of secure boot
if it is implemented properly in the hardware. This document is intended to
describe how the UEFI secure boot specification can be implemented to
interoperate well with open systems and to avoid adversely affecting the
rights of the owners of those systems while providing compliance with
proprietary software vendors' requirements."
UEFI Secure Boot Impact on Linux [PDF], published by Red Hat and Canonical, was written by Jeremy Kerr, Matthew Garrett, and James Bottomley. "We present a set of recommendations that will allow users the freedom to choose their software, while retaining the security features of UEFI Secure Boot, and complying with open source licenses used in distributions of Linux." (Log in to post comments)
Two UEFI secure boot white papers Posted Oct 28, 2011 15:03 UTC (Fri) by ernstp (subscriber, #13694) [Link]
Why two? I assume you were aware of each others work since Bottomley took part in both!
Two UEFI secure boot white papers Posted Oct 28, 2011 15:27 UTC (Fri) by paravoid (subscriber, #32869) [Link]
Funny how the Linux Foundation's website says "PDF - the publication will open directly in your browser", something that is not usually the case in a Linux desktop :-)
Also "funny" that the PDF was prepared with Adobe InDesign, presumably using a Windows or MacOSX operating system.
(FWIW, the RedHat/Canonical PDF was prepared in LibreOffice)
Two UEFI secure boot white papers Posted Oct 28, 2011 15:43 UTC (Fri) by imgx64 (guest, #78590) [Link]
> Funny how the Linux Foundation's website says "PDF - the publication will open directly in your browser", something that is not usually the case in a Linux desktop :-)
It does for me using Chrome (or at least it did, I disabled it because Chrome's PDF reader is a bit slow on my old laptop).
Chrome Posted Oct 28, 2011 16:26 UTC (Fri) by jbicha (subscriber, #75043) [Link]
But the PDF viewer part of Chrome isn't open source which is why it's not included in Chromium.
Chrome Posted Oct 28, 2011 16:35 UTC (Fri) by imgx64 (guest, #78590) [Link]
That's true, but the comment says "Linux desktop" and not "fully open source desktop" ;)
Two UEFI secure boot white papers Posted Oct 28, 2011 19:11 UTC (Fri) by chafar (guest, #63473) [Link]
Hey, my stock debian stable mozplugger uses xpdf to open pdfs within an iceweasel tab
Two UEFI secure boot white papers Posted Oct 28, 2011 18:06 UTC (Fri) by imgx64 (guest, #78590) [Link]
Now that I've read the white papers, I like the proposed solutions. Let's hope vendors actually implement them right.
On a side note, in some non-FOSS communities, there is a feeling that FOSS people are just crying that the sky is falling (See Ed Bott's article quoted in http://lwn.net/Articles/463759/ ). I hope these white papers make the case more clear to them.
Two UEFI secure boot white papers Posted Oct 29, 2011 1:23 UTC (Sat) by drag (subscriber, #31333) [Link]
The thing is that this UEFI isn't really any much different then what people are already using on embedded Linux devices and Android phones.
The difference here is that instead of depending on vendor-specific proprietary solutions Microsoft is creating a standard that people can use to reduce the effort of design and implementation of embedded devices.
Personally I am fairly indifferent to it. Like the boot loaders used in Linux devices for years and trusted computing modules the EUFI is a bad thing if it's used against individuals and it can be a good thing if the owner of the device has the ability to control the keys.
Even if this UEFI bootloader design makes out of tablets and other embedded Windows 8 devices and into PCs and laptops... (which I really doubt) it is not necessarily a terrible thing for Linux on the desktop.
It just means that instead of cobbling Linux installs on "Designed For Windows" hardware and then bitching out it's not as easy as OS X.. people will actually go out and support Linux hardware vendors and find out what it is like to run a Linux system were the hardware is configured and tested by professionals.
Two UEFI secure boot white papers Posted Oct 29, 2011 3:08 UTC (Sat) by drag (subscriber, #31333) [Link]
Hrm. Seems likely one of my assumptions are wrong. (which is normal) Windows 8 client seems like it's going to require UEFI.
Dreaming of proper bundled Linux Posted Oct 31, 2011 6:17 UTC (Mon) by eru (subscriber, #2753) [Link] It just means that instead of cobbling Linux installs on "Designed For Windows" hardware and then bitching out it's not as easy as OS X.. people will actually go out and support Linux hardware vendors and find out what it is like to run a Linux system were the hardware is configured and tested by professionals.I wish I could share that optimism, but the actual examples of hardware-vendor supported Linux on laptops haven't been so great. Remember the original mini laptops like Asus eeepc 701 came with Linux, but it was always some obscure and vendor-branded (or rather, vendor-mangled) distribution, which was glitchy, upgraded only sporadically (lately not at all), and had no upgrade path. I think I saw the last update for my Asus 901 some 2 years ago. Of course, in a perfect world, the PC or laptop vendor would choose a major Linux distribution to bundle, and work closely with the distribution authors to ensure newer versions are fully supported and easy to upgrade to on their hardware. I would just love to see that happen. But for some reason this remains just a dream.
Dreaming of proper bundled Linux Posted Oct 31, 2011 17:51 UTC (Mon) by raven667 (subscriber, #5198) [Link]
Certainly even though traditional Linux desktop usage is only around 1% that's enough of a market for a very small number of vendors to cater to such as system76
Dreaming of proper bundled Linux Posted Nov 1, 2011 5:15 UTC (Tue) by drag (subscriber, #31333) [Link]
> I wish I could share that optimism, but the actual examples of hardware-vendor supported Linux on laptops haven't been so great. Remember the original mini laptops like Asus eeepc 701 came with Linux
Yeah Asus sucked at Linux. They had the stupid idea of trying to make a custom system rather then working with a existing Linux desktop OS vendor with far more experience and resources.
This is normal for hardware vendors to be incompetent at this sort of thing. They usually have very little understanding and capabilities for developing software. They even suck at low-level hardware stuff (instead they just base their designs on optimized versions of development platforms provided by people like Intel) What they are good at is industrial design, sourcing material from vendors, and getting production costs down on a assembly line. You're a idiot if you try to compete with them on production value.
As with anything the key for success in a capitalistic endeavour is specialization. It doesn't make a lot of sense to do something yourself if you can pay somebody else to do it cheaper and better. You can trust companies like Asus to do certain things correctly, but your going to be up shit's creek if you think you can trust them to make a driver for you... and that is trivial compared to a overall desktop.
System76 is a pretty decent example of what to do. Rather then try to make their own distro they use Ubuntu. Rather then make their own hardware they source designs from ODMs. So they specialize in combining hardware and software... something the ODMs suck at and something Canonical is probably unable to do themselves effectively.
In the future it will probably be more advantageous to show laptops and desktops you can buy from vendors rather then show links to bittorrent downloads of CDROMs when your website explains were to 'Get Linux'.
Time will show which vendors can be trusted and those companies should flourish and provide very positive Linux experiences. Companies like Asus that cannot figure out how to do it right will fall by the wayside. It's the responsibility of people providing links to hardware vendors to do a good job making sure they are giving good advice. That is their specialization.
Dreaming of proper bundled Linux Posted Nov 2, 2011 11:21 UTC (Wed) by Trelane (subscriber, #56877) [Link]
> Rather then make their own hardware they source designs from ODMs. So they specialize in combining hardware and software... something the ODMs suck at and something Canonical is probably unable to do themselves effectively.
Unfortunately, that leaves them exposed to ODM software bugs, particularly in ACPI. Perhaps they source better than ZaReason (there's an issue with the Terra HD's lid state somewhere in ACPI, but since it Works With Windodws, it's considered to be NOTABUG by the ODM and thus there's no fix forthcoming.) I've no experience with their hardware other than the nettop so far (something I hope to change). And the ZaReason AMD desktop I ordered for my wife doesn't have any issues that I can see either, so I'm left not knowing if ZaReason just needs to source better, or if this is a general bug in the Linux supply chain.
Regardless of the immediate source of the problem, the ultimate source of the problem is Linux users who buy Windows machines, or else the Linux vendors would have the leverage on the ODMs to get these sorts of bugs fixed. (Apple could do it even back when they were dying and had less marketshare than Linux, but you can't run OSX on Windows hardware due to software restrictions; s.a. "Hackintosh") Let's be clear on that point. :)
|
|||||||||||||