$99 to signing body

Chat about Linux in general

$99 to signing body

Postby andy chung on Tue May 21, 2013 8:16 am

Fedora has paid $99 to the signing body and its keys are included via microsoft.
should linux mint do the same? would it make installation easier under uefi?
have been looking around and it appears that it is bunch of trouble installing linux under new pc with win8 uefi.
Image
Petra 32 bit, KDE, Fedora 20, win7 triple boot
andy chung
Level 1
Level 1
 
Posts: 21
Joined: Mon Apr 01, 2013 11:58 am
Location: China Hong Kong

Linux Mint is funded by ads and donations.
 

Re: $99 to signing body

Postby monkeyboy on Tue May 21, 2013 11:12 am

andy chung wrote:Fedora has paid $99 to the signing body and its keys are included via microsoft.
should linux mint do the same? would it make installation easier under uefi?
have been looking around and it appears that it is bunch of trouble installing linux under new pc with win8 uefi.


There is no one answer for that question. Some folks really don't care because they have already addressed the problem in some way and some folks are still feeling victimized by the situation and see only a few ways out. Bottom line we will get whatever the Code Elves think is best. Enjoy
If you don't like it, make something better
If you can't make something better, adapt
If you can't do either ball your panties up and cry.

Complaining is like masticating most anyone can do it.
However doing it in public is really hardcore.
User avatar
monkeyboy
Level 5
Level 5
 
Posts: 772
Joined: Mon Oct 13, 2008 11:30 am

Re: $99 to signing body

Postby srs5694 on Tue May 21, 2013 4:06 pm

andy chung wrote:Fedora has paid $99 to the signing body and its keys are included via microsoft.


It would be more accurate to say that the result is that Microsoft signs Fedora's first-stage EFI boot loader (shim).

should linux mint do the same?


That's a matter of opinion. Mine is that they should, at least in the short- to medium-term. In the long term, I would hope that the open source community would be working on a better solution, such as getting an independent or blanket open source organization's keys included in mass-market computers so that this third-party key could be used rather than Microsoft's. I don't know if there are efforts underway to do this, though. Such an effort would have to be spearheaded by major open source players, such as Red Hat, Canonical, Novell, etc.

would it make installation easier under uefi?


It would make installation easier under Secure Boot, which is not synonymous with UEFI.

To elaborate: Secure Boot is one feature of UEFI, and a technically optional one, at that. I say "technically" because Microsoft requires that Secure Boot be active on computers that bear a Windows 8 logo, so for mass-market computers, Secure Boot is a Microsoft requirement. Because most new computers ship with Windows 8, this means that most new computers also ship with Secure Boot active. When installing to a computer with Secure Boot active, it's definitely easier to have Secure Boot support in the installation medium and in the resulting installed OS. (At least, assuming it works correctly. This isn't always the case, but it is the case often enough that it's still a benefit, overall.) Despite the fact that UEFI and Secure Boot are both present on most new computers, it's important to distinguish between the two, since they have entirely different effects on the Linux installation and boot processes, and it's possible to boot in EFI mode but with Secure Boot disabled.

have been looking around and it appears that it is bunch of trouble installing linux under new pc with win8 uefi.


There are several reasons for this, including:

  • Some distributions (including LMDE, the last I heard) lacked explicit EFI support, which means they can't be installed in EFI mode without jumping through extra hoops that are well outside the comfort zone of most Mint users. It is possible to install such distributions in BIOS mode and then add an EFI boot loader, but even that is likely to be too much for the average Mint user.
  • Some distributions (I believe including all versions of Mint) lack explicit Secure Boot support but do have EFI support. This means that they can't be installed to computers with Secure Boot active, but they can be installed on older EFI-based computers or on new computers once Secure Boot is disabled. It's possible to add Secure Boot support once such a distribution is installed, but doing so can be even more of a pain than adding an EFI boot loader to a BIOS-mode Linux installation.
  • Some distributions have EFI support that's broken in one way or another. Frequently the problems show up on only some computers.
  • Some distributions have Secure Boot support that's broken in one way or another. Frequently the problems show up on only some computers. Note that Ubuntu uses shim version 0.1, whereas the latest version is shim 0.2. Version 0.1 is missing some important features, and I suspect that it may be buggier than version 0.2, which may account for some Ubuntu problems with Secure Boot. I'm baffled as to why Ubuntu hasn't upgraded to shim 0.2 for 12.04.2 and 13.04. (Version 0.1 was current when 12.10 was released, though.)
  • Many EFIs are buggy and require workarounds at the OS installation stage; and such workarounds are ugly and unreliable hacks, at best. Unfortunately, the "it works with Windows, so it's OK" mentality of most manufacturers has made bug fixes for such problems slow in coming.
  • Plug-in cards, especially video cards, have their own firmware, which must be able to coexist with the motherboard's firmware (BIOS or EFI). In some cases, using a video card that's designed for BIOS can work on an EFI-based computer via the computer's BIOS compatibility layer; but sometimes this doesn't work, and so can cause problems.
  • Drivers for hardware (especially video hardware) sometimes relies on the firmware to initialize the hardware in a certain way. If this doesn't happen because of BIOS/EFI issues, the result can be video problems, up to and including a blank display. This seems to be an issue on some systems. Nvidia hardware with the proprietary Nvidia drivers seems to be particularly prone to such problems.
  • New computer models frequently have hardware for which Linux drivers either don't exist or are immature. This has always resulted in problems installing Linux to new computers, and such problems seem to be occurring with increased frequency today compared to a couple of years ago.
srs5694
Level 6
Level 6
 
Posts: 1014
Joined: Mon Feb 27, 2012 1:42 pm


Return to Chat about Linux

Who is online

Users browsing this forum: No registered users and 1 guest