![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mjg59The Microsoft Surface is a fairly attractive bit of tablet hardware, and as a result people have shown interest in running Linux on it. The immediate problem is that (like many ARM devices) it has a locked-down firmware that will only run signed binaries - unlike many other ARM devices, this is implemented using an existing standard (UEFI Secure Boot). Microsoft provide a signing service for UEFI binaries, so it's tempting to think that getting around this restriction would be as simple as taking an existing Linux bootloader, signing it and then booting. Unfortunately Microsoft's signing service signs binaries using a different key (the "Microsoft Windows UEFI Driver Publisher" key) to the one used to sign Windows, and the Surface doesn't carry that key. Booting Linux on these devices would involve finding a flaw in the firmware and using that to run arbitrary code.
Could this also be a problem on x86? In theory - Microsoft don't require that vendors carry the driver publisher key, and so a system could be Windows 8 certified and still not carry it. It's unlikely to occur in practice, though, since any third party expansion hardware will then fail on that device. As a result, anything with PCIe or Expresscard slots is effectively certain to have this key. If anyone finds any counterexamples, please let me know.
Could this also be a problem on x86? In theory - Microsoft don't require that vendors carry the driver publisher key, and so a system could be Windows 8 certified and still not carry it. It's unlikely to occur in practice, though, since any third party expansion hardware will then fail on that device. As a result, anything with PCIe or Expresscard slots is effectively certain to have this key. If anyone finds any counterexamples, please let me know.
Fujitsu's laptop
Date: 2012-12-30 01:16 am (UTC)The only binary that EFI will start is Windows Boot Manager.
Re: Fujitsu's laptop
Date: 2012-12-30 01:19 am (UTC)Re: Fujitsu's laptop
Date: 2012-12-30 08:15 am (UTC)no subject
Date: 2012-12-30 09:56 am (UTC)no subject
Date: 2012-12-30 10:40 am (UTC)Yeh IF Linux was not Invented then might be your father came home early and you BASTARD never BIRTH
Date: 2012-12-30 11:42 am (UTC)Re: Yeh IF Linux was not Invented then might be your father came home early and you BASTARD never BI
Date: 2013-01-01 04:00 am (UTC)no subject
Date: 2012-12-30 03:58 pm (UTC)no subject
Date: 2013-01-01 04:02 am (UTC)no subject
Date: 2013-01-09 10:46 am (UTC)NOT REALLY SURE ABOUT THIS
Date: 2017-09-27 01:44 pm (UTC)no subject
Date: 2012-12-30 05:33 pm (UTC)Quite irrelevant
Date: 2012-12-31 12:05 am (UTC)And please don't say GNOME runs on tablets, it is utter crap and there's not the slightest light at the end of the tunnel. Really.
Re: Quite irrelevant
Date: 2012-12-31 12:09 pm (UTC)Re: Quite irrelevant
Date: 2012-12-31 01:05 pm (UTC)Re: Quite irrelevant
Date: 2013-01-01 01:11 pm (UTC)Gram's (HP) WebOS
Jolla's Sailfish
I haven't had the privilege of using e17 or plasma active so can't really comment on those. e17 definitely would provide a solid foundation but I haven't seen a specific tablet focused implementation.
Gnome and Unity thoughrally disappointed me on tablets. Considering how many users they abandoned I n pursuit of the tablet, they have done a very poor job.
Re: Quite irrelevant
Date: 2012-12-31 12:36 pm (UTC)OEM laptops - not yet, but probably soon
Date: 2013-01-03 11:53 pm (UTC)I will be very surprised if they do not omit the UEFI driver signing key on some laptops and servers to force you to use only supported, authorized and conveniently marked up hardware for disk/RAID controllers, hardware iSCSI initiators, PXE-capable NICs, remote management cards (VGA+USB host interface to Ethernet and VNC), etc. The temptation of lock-in and high margins is likely to be too strong, as we've already seen with various OEM's periodic attempts to lock server hardware support to their own storage controllers.
Re: OEM laptops - not yet, but probably soon
Date: 2013-01-09 01:45 am (UTC)Re: OEM laptops - not yet, but probably soon
Date: 2017-09-27 01:52 pm (UTC)