Translate

Archives

Image of Beginning Google Maps API 3
Image of Advanced Programming in the UNIX Environment, Second Edition (Addison-Wesley Professional Computing Series)
Image of Linux Kernel Development (3rd Edition)
Image of Android Wireless Application Development

Linux UEFI Secure Boot

While Matthew Garrett has been gathering a lot of attention with his blog posts about UEFI Secure Boot, another Red Hat employee, Peter Jones, has been doing excellent work down in the trenches developing a utility (pesign) for securing signing of UEFI binaries on Linux platforms and a setup tool for enrolling your public key(s) in UEFI firmware. Is Secure Boot breakable? Yes, of course, but it is not that easy to do. The technology underlying Secure Boot is battle tested and proven. Here is how it basically works. Assuming you have generated a 2048-bit RSA key, the signing process