FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 09-26-2011, 03:37 PM
James Broadhead
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

On 26 September 2011 16:26, Nilesh Govindarajan <contact@nileshgr.com> wrote:
> And you really need not worry about it, some geek (Torvalds?) will
> surely find out a way.

Oh, I don't doubt that I'll be able to boot Linux, I just think that
we're going to enter another era where setting up a functional and
easily-switched dual boot between Linux and Windows will be difficult
again for a while.
Hopefully it won't require us to all be careful to buy specific
hardware, but who knows.

Case in point: The Windows 7's installer mangling of the MBRs on disks
that it has no business touching.
 
Old 09-26-2011, 03:42 PM
Dale
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

Nilesh Govindarajan wrote:

On Mon 26 Sep 2011 08:51:17 PM IST, James Broadhead wrote:

On 26 September 2011 16:01, Mick<michaelkintzios@gmail.com> wrote:

I don't know if you have seen this. Given that we're moving into UEFI
boot what are the workarounds to compensate for Microsoft's efforts to
exclude other operating systems from available hardware?

My opinion is that signed boot is probably on its way (despite not
actually offering much in the way of security, as the Apple Battery
hack has shown), and so we'll enter an era where you have the option
between a fully-signed system (Windows 9 / OS XI or so) or a cracked
boot, with little in the way of switching between the two, at least
initially

I know which one I'd pick if it came down to it

And you really need not worry about it, some geek (Torvalds?) will
surely find out a way.



Well, since I don't have or use M$'s junk, I guess I am OK then? I just
need to make sure any mobo I buy in the future either doesn't have this
or can be disabled?


Heck, if you didn't have to reboot windoze all the time, they wouldn't
need this. lol


Dale

:-) :-)
 
Old 09-26-2011, 03:46 PM
Michael Mol
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

On Mon, Sep 26, 2011 at 11:42 AM, Dale <rdalek1967@gmail.com> wrote:
> Nilesh Govindarajan wrote:
>>
>> On Mon 26 Sep 2011 08:51:17 PM IST, James Broadhead wrote:
>>>
>>> On 26 September 2011 16:01, Mick<michaelkintzios@gmail.com> *wrote:
>>>>
>>>> I don't know if you have seen this. *Given that we're moving into UEFI
>>>> boot what are the workarounds to compensate for Microsoft's efforts to
>>>> exclude other operating systems from available hardware?
>>>
>>> My opinion is that signed boot is probably on its way (despite not
>>> actually offering much in the way of security, as the Apple Battery
>>> hack has shown), and so we'll enter an era where you have the option
>>> between a fully-signed system (Windows 9 / OS XI or so) or a cracked
>>> boot, with little in the way of switching between the two, at least
>>> initially
>>>
>>> I know which one I'd pick if it came down to it
>>
>> And you really need not worry about it, some geek (Torvalds?) will
>> surely find out a way.
>>
>
> Well, since I don't have or use M$'s junk, I guess I am OK then? *I just
> need to make sure any mobo I buy in the future either doesn't have this or
> can be disabled?
>
> Heck, if you didn't have to reboot windoze all the time, they wouldn't need
> this. *lol

Most hardware will have UEFI. The trick will be making sure the
harware you buy allows the "secure boot" part of it to be turned off.
Microsoft's program requires vendors to support using secure boot, but
doesn't _require_ them to support _not_ using secure boot.

--
:wq
 
Old 09-26-2011, 03:54 PM
Indi
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

On Mon, 26 Sep 2011 20:56:20 +0530
Nilesh Govindarajan <contact@nileshgr.com> wrote:

> On Mon 26 Sep 2011 08:51:17 PM IST, James Broadhead wrote:
> > On 26 September 2011 16:01, Mick <michaelkintzios@gmail.com> wrote:
> >> I don't know if you have seen this. Given that we're moving into
> >> UEFI boot what are the workarounds to compensate for Microsoft's
> >> efforts to exclude other operating systems from available hardware?
> >
> > My opinion is that signed boot is probably on its way (despite not
> > actually offering much in the way of security, as the Apple Battery
> > hack has shown), and so we'll enter an era where you have the option
> > between a fully-signed system (Windows 9 / OS XI or so) or a cracked
> > boot, with little in the way of switching between the two, at least
> > initially
> >
> > I know which one I'd pick if it came down to it
>
> And you really need not worry about it, some geek (Torvalds?) will
> surely find out a way.
>

As this is being touted a win8 feature (with win8 set for release
sometime in 2012), I predict this will be defeated before the first
win8 machine hits the stores -- just like product keys, slic, and wga.
Also it's probably safe to predict this "secure boot" scheme will end up
being another vector for windows malware.

--
caveat utilitor
 
Old 09-26-2011, 04:07 PM
Michael Mol
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

On Mon, Sep 26, 2011 at 11:54 AM, Indi <thebeelzebubtrigger@gmail.com> wrote:
> On Mon, 26 Sep 2011 20:56:20 +0530
> Nilesh Govindarajan <contact@nileshgr.com> wrote:
>
> As this is being touted a win8 feature (with win8 set for release
> sometime in 2012), I predict this will be defeated before the first
> win8 machine hits the stores -- just like product keys, slic, and wga.
> Also it's probably safe to predict this "secure boot" scheme will end up
> being another vector for windows malware.

Actually, that's the point of it; the BIOS doesn't allow programmatic
manipulation, and would refuse to load unsigned bootloaders. As long
as the system doesn't have the 'secure boot' feature disabled, the
only way for malware to get into the bootloader section will be if
it's signed with the keys in BIOS.

I don't know if this will go the way of Palladium and the TPM. Adding
it to the Windows8 certification program gives it some weight; OEMs
like being able to put those stickers on their hardware. If Microsoft
makes certification necessary for OEM bulk keys, the'll have a great
deal of leverage. On the other hand, they make push OEMs over the edge
to try Linux systems in retail again. (Yes, I realize that'll only
happen if Steam and friends become truly trivial to run on Linux)

--
:wq
 
Old 09-26-2011, 04:15 PM
Dale
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

Michael Mol wrote:

On Mon, Sep 26, 2011 at 11:42 AM, Dale<rdalek1967@gmail.com> wrote:

Nilesh Govindarajan wrote:


Well, since I don't have or use M$'s junk, I guess I am OK then? I just
need to make sure any mobo I buy in the future either doesn't have this or
can be disabled?

Heck, if you didn't have to reboot windoze all the time, they wouldn't need
this. lol

Most hardware will have UEFI. The trick will be making sure the
harware you buy allows the "secure boot" part of it to be turned off.
Microsoft's program requires vendors to support using secure boot, but
doesn't _require_ them to support _not_ using secure boot.



So buy a mobo without it or that can disable it. Got it. It'll be a
good while before I buy a new mobo tho. I'm sure they will have a nice
fix by then but this is something I need to remember just in case. ;-)


Dale

:-) :-)
 
Old 09-26-2011, 07:29 PM
Jonas de Buhr
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

>> between a fully-signed system (Windows 9 / OS XI or so) or a cracked
>> boot, with little in the way of switching between the two, at least
>> initially
>>
>> I know which one I'd pick if it came down to it
>
>And you really need not worry about it, some geek (Torvalds?) will
>surely find out a way.

yes, there will most likely be a technical way to circumvent it. the
problem is that involved companies might try (and likely succeed) to
make that illegal.
the reasoning will be this: it is assumed that you only make that
modification to run pirated copies of commercial operating systems.

that you will also need that mod to run free operating systems on it
will just not count. at least not for commercially offering the mod.
just look at decss. or playstation mod chips.
 
Old 09-26-2011, 07:42 PM
Michael Mol
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

On Mon, Sep 26, 2011 at 3:29 PM, Jonas de Buhr <jonas.de.buhr@gmx.net> wrote:
>>> between a fully-signed system (Windows 9 / OS XI or so) or a cracked
>>> boot, with little in the way of switching between the two, at least
>>> initially
>>>
>>> I know which one I'd pick if it came down to it
>>
>>And you really need not worry about it, some geek (Torvalds?) will
>>surely find out a way.
>
> yes, there will most likely be a technical way to circumvent it. the
> problem is that involved companies might try (and likely succeed) to
> make that illegal.
> the reasoning will be this: it is assumed that you only make that
> modification to run pirated copies of commercial operating systems.
>
> that you will also need that mod to run free operating systems on it
> will just not count. at least not for commercially offering the mod.
> just look at decss. or playstation mod chips.

I thought this is where we already are?

--
:wq
 
Old 09-26-2011, 07:49 PM
Mick
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

On Monday 26 Sep 2011 20:29:14 Jonas de Buhr wrote:
> >> between a fully-signed system (Windows 9 / OS XI or so) or a cracked
> >> boot, with little in the way of switching between the two, at least
> >> initially
> >>
> >> I know which one I'd pick if it came down to it
> >
> >And you really need not worry about it, some geek (Torvalds?) will
> >surely find out a way.
>
> yes, there will most likely be a technical way to circumvent it. the
> problem is that involved companies might try (and likely succeed) to
> make that illegal.
> the reasoning will be this: it is assumed that you only make that
> modification to run pirated copies of commercial operating systems.
>
> that you will also need that mod to run free operating systems on it
> will just not count. at least not for commercially offering the mod.
> just look at decss. or playstation mod chips.

I am assuming that unlike the old days when I used to boot Linux on PCs using
a floppy with SmartBootManager, now we'll need to generate some key/hash for
our freshly compiled kernel, then add it to the BIOS firmware and flash the
BIOS with it before we are able to boot into it?

Is it more complicated than that?
--
Regards,
Mick
 
Old 09-26-2011, 07:56 PM
Michael Mol
 
Default Should I be worried that I won't be able to dual boot in Gentoo?

On Mon, Sep 26, 2011 at 3:49 PM, Mick <michaelkintzios@gmail.com> wrote:
> On Monday 26 Sep 2011 20:29:14 Jonas de Buhr wrote:
>> >> between a fully-signed system (Windows 9 / OS XI or so) or a cracked
>> >> boot, with little in the way of switching between the two, at least
>> >> initially
>> >>
>> >> I know which one I'd pick if it came down to it
>> >
>> >And you really need not worry about it, some geek (Torvalds?) will
>> >surely find out a way.
>>
>> yes, there will most likely be a technical way to circumvent it. the
>> problem is that involved companies might try (and likely succeed) to
>> make that illegal.
>> the reasoning will be this: it is assumed that you only make that
>> modification to run pirated copies of commercial operating systems.
>>
>> that you will also need that mod to run free operating systems on it
>> will just not count. at least not for commercially offering the mod.
>> just look at decss. or playstation mod chips.
>
> I am assuming that unlike the old days when I used to boot Linux on PCs using
> a floppy with SmartBootManager, now we'll need to generate some key/hash for
> our freshly compiled kernel, then add it to the BIOS firmware and flash the
> BIOS with it before we are able to boot into it?
>
> Is it more complicated than that?

Just a hunch, but I think the BIOS will probably be signed. Perhaps in
replacement of the existing checksum functionality.

I *really* wonder what this is going to do to diagnosis tools. OEMs of
Compaq/HP/Packard Bell's stature* strike me as likely to use it as a
lock-in for having machines diagnosed and fixed by certified
technicians.


* Meaning, dirt-cheap pre-built PCs and laptops.
--
:wq
 

Thread Tools




All times are GMT. The time now is 01:57 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org