homepage Welcome to WebmasterWorld Guest from 54.166.33.25
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Linus Torvalds Strongly Objects to Windows 8 Secure Boot Keys in Linux Kernel
engine

WebmasterWorld Administrator engine us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4549399 posted 11:45 am on Feb 27, 2013 (gmt 0)

I think he got his point across!

It started innocently enough. Red Hat software engineer David Howells asked Linus Torvalds, Linux's founder, to move on code that would let Microsoft-signed binary keys be added dynamically to a kernel while running in secure-boot mode on the Linux Kernel Mailing List (LKML). Torvalds wasn't having it. "Quite frankly, this is f*cking moronic."Linus Torvalds Strongly Objects to Windows 8 Secure Boot Keys in Linux Kernel [zdnet.com]

 

drhowarddrfine

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 2:17 pm on Feb 27, 2013 (gmt 0)

I agree and would have put it in stronger terms than he did.

SevenCubed

WebmasterWorld Senior Member



 
Msg#: 4549399 posted 5:34 pm on Feb 27, 2013 (gmt 0)

Be that as it may, booting Linux on Windows 8 PCs with Secure Boot active is still a headache -- and dealing with binary drivers will only make it more so.

I have had that exact headache recently when trying to setup my Windows 8 laptop as a dual boot with Ubuntu. I ran into soooo many problems and finally gave up. Even going into the BIOS and disabling Secure Boot didn't get me over the hurdle. However by the time I had reached that point I had other issues that may have prevented that from working -- primarily that Windows doesn't recognize more than 4 logical partitions on a HDD. I wasn't aware of that prior to beginning and was in fact trying to install Ubuntu on a 5th logical partition after shrinking my C drive by 100GB to give space to Linux. By default my HP laptop has the other 3 logical partitions already used out-of-box for proprietary stuff like recovery drive and tools.

In the end I now have a modified master boot record that on startup prompts me to boot into Windows or Ubuntu even though I couldn't get Ubuntu installed. I have since found an EXCELLENT tutorial [admaris.com...] which also cross-references other tutorials, on how to accomplish it but before I can retry I need to backup and reinstall back to factory settings. I just don't feel like going through that time consuming process right now, especially reinstalling all applications again afterward. It'll be a rainy day project. I'll have to settle with experimenting with it on my old box for now where it's running fine.

drhowarddrfine

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 2:51 am on Feb 28, 2013 (gmt 0)

I dual booted Ubuntu and Windows about 7(?) years ago for about a week. Then, one day, I booted into Ubuntu and that was the last time I ever used Windows. I don't use Ubuntu either for that matter. (I use FreeBSD.)

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 2:27 pm on Feb 28, 2013 (gmt 0)

The whole point of secure boot is to:

1) make it harder to install other OSes on Windows PCs.
2) prevent dual booting.
3) reduce life cycles to people buy new PCs sooner.

First two benefits to MS, last to PC vendors. Notice how conveniently it came out just as life cycles are lengthening? MS needs the other two because regulators are now wise to the tactics they used to kill BeOS and limit Linux.

Its a barrier to entry.

Vendors want control. Its not just MS and PC makers either. Google Chrome books would make great Linux laptops (Pixel! I want!), but it has a secure boot like system as well.

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 2:30 pm on Feb 28, 2013 (gmt 0)

@SevenCubed, I assume that if you disable secure boot you can run Linux but not Windows? That sounds like it works as intended. Windows will not run without secure boot.

The best solution may be to rub Windows 7 or earlier in Virtual Box. Its pretty impressive, especially in seamless mode. I have XP running that way for testing sites on IE.

SevenCubed

WebmasterWorld Senior Member



 
Msg#: 4549399 posted 3:58 pm on Feb 28, 2013 (gmt 0)

Ahhhhhh sneaky little rascals. I can see where they are going with this based on what graeme_p has outlined above.

My systems runs fine with Secure Boot disabled. I just went in and disabled it then rebooted just to answer that question -- it's inactive right now. The message in the BIOS says:

When Secure Boot mode is enabled, BIOS performs cryptographic check during bootup, for the integrity of the software image. It prevents unauthorized or maliciously modified software from running.

After disabling it and resuming bootup I get a prompt to enter a code and accept the change. I guess it's a double measure to confirm that I am aware of the change request and that it's me who initiated it -- not some malware.

From within the article of the link above it's quite clear that it's doable but needless to say one has to have determination. Most average users would probably get discouraged and abandon the idea. Or, as graeme points out, buy more hardware to run each OS on its own system.

None the less I certainly can't fault Linus Torvalds for his response that would ease the burden. If it was now absolutely impossible to dual boot a system he might have been more receptive but it can still be done.

I know I'll get my laptop setup as a dual boot eventually now that I know what I didn't know before diving into it blindly. It isn't a priority right now. I just approached it like I did with other dual boot systems I've had over the years (Win98/Win2000, Win2000/WinXP). Now it's just a bit more complicated. On my next attempt I'll disable it until I get everything running smoothly then try re-enabling it to see if it will continue to run smoothly. My main issues though were the Windows system's MBR inability to recognize the 5th partition that I had attempted to install Ubuntu on. The second worst issue has been video drivers, which of course is the worst because with a black screen you can't even get any clues. But even with that I have found work-arounds based on tidbits of info I've found elsewhere.

Anyway I'm off for a date with Nadia right now. I have some Cinnamon for her too. She's a dual boot, with Ubuntu Server on my desktop. I'm going to take Linux Mint 14 for a test drive.

Oh and I'm not ignoring your other posts (and drhowarddrfine) in the other Linux thread I have open, I'm just putting together more info before I get back into it.

dstiles

WebmasterWorld Senior Member dstiles us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4549399 posted 8:45 pm on Feb 28, 2013 (gmt 0)

> It prevents unauthorized or maliciously modified software from running.

I find that impossible to believe. I have no doubt that trojan software will install and run itself regardless. I suspect this is a) a misquote or b) a mis-direction.

Nadia - I looked into upgrading Maya to Nadia and found several comments along the lines of "why bother?". There are probably a few improvements but Maya is LTS (long term) and Nadia isn't, so theoretically Maya is still a better option. My remaining Ubuntu 10.04 is due to become Mint Maya any day now, as soon as I've finished assessing the changes (eg this ubuntu machine handles printers and scanners for the network - I would need to reinstall that, which takes time).

As to windows anything - I need to run a very few programs under wine (mostly genealogy and Access 2000) and my wife still needs windows 2000 for a couple of things. Otherwise, it's all linux (currently Mint) and heading even more in that direction.

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 7:34 am on Mar 1, 2013 (gmt 0)

@dstiles, it does provide some protection against root kits, but that is just one threat among many, so does not do much to justify the disadvantages (no dual boot, needing to go into more BIOS settings to run a live USB/CD, harder to run Windows 7 and below on WIndows 8 hardware and no WIndows 8 even on high end Windows 7 hardware), all of which get much worse is any PC vendors fail to provide a BIOS option to turn it off.

@SevenCubed, you experiment with Linux is looking interesting. You were quicker than most Windows users to realise how much better and easier the Linux way of installing software is. Given the dual boot problem, can you cold turkey off Windows? I almost did (kept and old Windows box for about month to run software for a course I was doing), but dstiles (genealogy etc.) needs obviously make it a slower process.

To me the difficulty of getting off Windows is a reason to do it. The vendor lock-in needs to be broken as it will only increase over time.

dstiles

WebmasterWorld Senior Member dstiles us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4549399 posted 9:46 pm on Mar 1, 2013 (gmt 0)

Apropos genealogy - this is a major problem which I am about to investigate.

For family trees (gedcoms) there is software available, including gramps; though I haven't found a linux one yet to beat my (now obsolete) 10-year-old windows one for simplicity and versatility.

The real problem comes with data CDs - lists of births/etc, censuses and so forth. They are geared to running on windows, although they seem to not care how old the OS version is. As part of my investigation my first project will be to back up these CDs onto local hard disks: we encountered a failed and unrecoverable CD a year or so ago which highlit the poor life-time of CDs in general. After the backup I will look into the usablility of these data on linux but expect to require at least wine to run them, if not a real windows machine. I am not even certain that some of these CD-based data sources will run from hard disk.

I feel there has been a lack of interest in making linux "home-user-friendly" in this respect and wonder how much of this lack can be laid at the doors of linux developers who only seem to push the "office" usefulness of linux (and it's WAY past time OpenOffice was able to properly manage Access MDB!).

drhowarddrfine

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 12:06 am on Mar 2, 2013 (gmt 0)

Linux can probably extract a lot of the data on those disks and you can then piece some of that together.

As far as home user friendly goes, the only people who feel there is a competition going on are those who don't work on Linux/BSD/Unix. afaik, people seem pretty happy with Mint if they aren't a developer. Linux is not a company and has (relatively) little funding compared to a paid distribution of software that Windows is. If people want to start paying $200 for their Linux distro, then you will see some movement.

Access is a Windows program and MDB is its format. I would no sooner expect Linux to run that than I would expect Windows to use and run extfs.

User friendliness does not mean "it works like Windows". A lot of people want distros like Mint or Ubuntu to work just like Windows and run all their programs but I would never expect Windows to run all the *nix programs or work like Linux.

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 7:33 am on Mar 2, 2013 (gmt 0)

Linux is not a company and has (relatively) little funding compared to a paid distribution


Linux has huge amounts of funding. The value of developer time put in my companies like IBM and Red Hat for a start. Unfortunately most of these resources are dedicated to the kernel and making server software run better.

I feel there has been a lack of interest in making linux "home-user-friendly"


Not enough demand from the existing user base. Linux works fine for many home users, but not all. Gamers are probably the biggest exception.

The real problem comes with data CDs


A lot of people want distros like Mint or Ubuntu to work just like Windows and run all their programs


Neither of these issues have held MacOS back, so I do not believe it is the major barrier for Linux.

My own feeling is that Linux on the desktop has no funds for marketing, so the people who would benefit most from it (IMO most home and small office users, bar those with specific needs) are not persuaded of its benefits.

drhowarddrfine

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 10:42 pm on Mar 2, 2013 (gmt 0)

Unfortunately most of these resources are dedicated to the kernel and making server software run better.
That's my point. You won't find many (any?) of those companies working on a GUI interface or a desktop for home users.
Neither of these issues have held MacOS back, so I do not believe it is the major barrier for Linux. My own feeling is that Linux on the desktop has no funds for marketing
That's what I'm saying. While marketing is part of it, you need developers and designers to make it look good as well as feel good. I never said Linux was the problem. It's not. Give me a few millions and I'll show you what I can get running on Linux.

Actually, you don't have to give me the money. I'll do exactly what you said. Point people to the Mac and you see what lots of time and money spent on programs can produce for a Unix/BSD/Linux system and far, far better than on Windows.

dstiles

WebmasterWorld Senior Member dstiles us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4549399 posted 11:14 pm on Mar 2, 2013 (gmt 0)

Ok, Access MDB iw a windows app. So is excel and Word but OpenOffice still has replacements that do most of the work. All I've got for Access on Linux is a viewer.

I may be an exception here in that I do use Acess (and almost never Excel or Word). It would still be nice to have Access as well, so I could manage 15 years worth of databases without having to revert to windows or wine.

Having copied several of the genealogy CDs now it's looking as if the majority are PDFs with a few text files thrown in. One is an Access read-only database but a couple more are proprietary. Just installed wine to see if that will work.

Despite my (small) problems trying to run windows software, I do think there should not be a windows portal installed in linux. There are far too many potential ways into windows and adding something that could work back to linux is scary. Or perhaps I'm reading more into this than I should. :(

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 7:21 am on Mar 4, 2013 (gmt 0)

I never said Linux was the problem. It's not. Give me a few millions and I'll show you what I can get running on Linux.


A lot more than a few millions has gone into the Linux desktop. I personally prefer it to Windows or Mac, both for myself and for family users I support. I really do think marketing is by far the biggest problem. There are certainly below par bits in Linux desktop, but there are horrible things in the Windows UI - I get annoyed and frustrated every time I have to use Windows.

Neither Windows or MacOS had a reasonably easy way of installing software until very recently, both impose a shorter life cycle on your hardware. neither gives you a choice of vendors, etc.

Having copied several of the genealogy CDs now it's looking as if the majority are PDFs with a few text files thrown in.


Why do people wrap a Windows executable around standard formats? I have come across it myself a few times. Annoying.

I may be an exception here in that I do use Access (and almost never Excel or Word).


Far more people use Excel and MS Word than Access, and the combination of using Access often and never Excel of WOrd is probably unusual - then again I think everyone on a forum like think probably has some unusual usage patterns. :)

More constructively, there appear to be tools to migrate access to Libre office, and to migrate access databaes to Sqlite. I have never tried any of them so, but they do exist.

SevenCubed

WebmasterWorld Senior Member



 
Msg#: 4549399 posted 6:25 pm on Mar 4, 2013 (gmt 0)

Given the dual boot problem, can you cold turkey off Windows?

I never give up that easy. I'll get it dual-booted. I'm still gathering information from various sources and trying to put it all together for a comprehensive understanding of what I'm dealing with.

Secure Boot is new to me, as well as UEFI which appears to be a transition away from the traditional BIOS. Combine those two new technologies (for me) along with my previous unawareness of MSFTs MBR's inability to handle more than 4 logical partitions and it was a perfect storm.

Add to the above that Ubuntu's site directed me to a 32 bit ISO image rather than the 64 bit one I had chosen and I was defeated before I even got started. I did stop and think during the install attempt that it was a 32 bit version I was working with rather than the 64 bit version I was expecting but I guess I was having a brain-dead moment and went ahead with it anyway knowing that a 32 bit will run on 64 bit platform.

Wrong. If I'm using UEFI, and Windows 8 is using UEFI (it is) then i must install the 64 bit version.

I think the link hand-off to a local mirror site on Ubuntu's site is wrong, I should contact them about it. I can see the 64 bit request in the hand-off in the address window but when I arrive at the mirror for download it switches to the 32 bit. I can manually force the 64 bit version by changing it in the URI in the address bar (I know now after-the-fact).

Ultimately if I had to quit cold turkey I could do it. But I would prefer to keep Windows on the laptop and Linux on my desktop if it doesn't work out.

I've been working with Linux Mint Nadia on my desktop for a few days now. I'm enjoying it. Response it quick and crisp. It was a (mostly) painless install. It's what I'm using right now in spite of it's miserly 512MB of RAM. I am in awe concerning the ease of finding and installing new software via command line using Aptitude.

dstiles

WebmasterWorld Senior Member dstiles us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4549399 posted 9:40 pm on Mar 4, 2013 (gmt 0)

> migrate access to Libre office, and to migrate access databaes to Sqlite

The problem is: I need MDB files on my Classic ASP web sites so I have to keep them in MDB format. :(

Yes, I could translate them and in a few cases have, importing them to MySQL, but local and remote management by myself AND windows website customers is not feasible. So: back to windows or wine for this. :(

When I installed Mint, as far as I recall, it detected my machine's type (32/64) and installed the 686 version. I seem to recall, though, that way back when I installed Ubuntu Gibbon there was a suggestion that 32bit was better even on a 64bit machine. From memory, so it could be faulty. :)

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 9:21 am on Mar 5, 2013 (gmt 0)

I think 64 bit is probably better now. 32 bit libs allow 32 bit software (which usually means Flash) to run, and its faster. It does use more memory so that may be an issue if you need to conserve memory (but then RAM is cheap).

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4549399 posted 9:26 am on Mar 5, 2013 (gmt 0)

The problem is: I need MDB files on my Classic ASP web sites so I have to keep them in MDB format.


You must know what I will say about that :)

dstiles

WebmasterWorld Senior Member dstiles us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4549399 posted 8:46 pm on Mar 5, 2013 (gmt 0)

:)

I'm currently looking at kexi but I don't hold out much hope as a solution to my problem. :(

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved