Ubuntu Rethinks SecureBoot – GRUB Is Back In

SecureBoot is a feature of Windows 8 implemented through the EFI hardware on the latest laptops. The feature aims to allow only trusted and signed code to run when the computer starts up, which would cripple many rootkits. An unfortunate side effect to this is that legitimate code that’s not signed won’t run so if you were to try to boot (for example) Ubuntu in its current state it would fail, SecureBoot would recognize it as untrusted code.

There was a lot of commotion over this but leading distros such as Fedora and Ubuntu have had a public response. Ubuntu had previously planned on implementing a primary bootloader, which would be signed, but it wouldn’t be GRUB. The issue with GRUB was cited as the GPL3 license being too restrictive. Because the key used to sign the bootloader has to remain a secret Canonical (the financial backers of Ubuntu) feared that, through the GPL3, they might be forced to release the code. The GPL3 is kinda shitty because it, in so many words, states that no part of the software using GPL3 code can be closed source. The EFF (holders of the GPL3) have decreed that the private key is not an issue and it won’t violate the GPL3 to keep it private.

As such Canonical has decided to keep GRUB and use it in its SecureBoot implementation.

2 thoughts on “Ubuntu Rethinks SecureBoot – GRUB Is Back In

  1. It’s good that there is support, but personally I don’t use secure boot. What I would love to see is full UEFI support on the Ubuntu installation discs. Currently it’s downloading during the installation process so on offline UEFI machines the installation fails. 🙁

    • I know UEFI support is coming to ElementaryOS Freya, which is the next iteration of the OS that I’ve moved to. It’ll be a full grub replacement.

Leave a Reply

Your email address will not be published. Required fields are marked *