Windows 8 Secure Boot Spells Trouble for Linux

It’s very early, but this might be worth freaking out about.

This was discovered by Linux developer Matthew Garrett, who’s been doing a lot of work with EFI booting in general for his day job. Recent UEFI specifications have allowed for “secure boot” that requires an OS to have a signed key in system firmware to work.

Microsoft is requiring (PowerPoint) that OEMs ship client systems with the secure boot enabled to get the Windows 8 logo. Of course, all major OEMs are going to want the Windows 8 logo. In short, a vendor like Dell would ship systems that recognize the OSes that Dell offers. That would mean whatever Windows versions that are offered by Dell would be properly signed. Other OSes – even retail versions of Windows 8 – wouldn’t necessarily be signed to run on the systems.

The secure boot requirement is already raising eyebrows in the Linux community. As planned, machines that would conform to the logo requirements for Windows 8 (read: virtually any system you would buy from Dell, Asus and so on) would not boot Linux.

Windows 8 Spells Trouble for Linux, Hackintosh Users and Malware Victims




  1. I’ve long advocated a dual approach to the ‘tubes: down-to-the-hardware security for commerce, and let everyone else be the wild west if they want.

    MS had their pee-pee whacked for requiring OEMs to pay for Windows even if they shipped with an alternate OS.  But I wonder if nowadays it is moot: in a word, VM.

  2. Security is great, but if you own the machine, you should be able to do whatever you want to it and not forced to run Linux in a VM.

Leave a Reply

Your email address will not be published. Required fields are marked *