15 November 2012

Paperless conference

No brochures anymore @devoxx.
Just Mobile apps & web.

If Java had true garbage collection, most programs would delete themselves upon execution.

Robert Sewell

5 November 2012

Windows 8 restricted boot

The new Windows 8 UEFI (Unified Extensible Firmware Interface) secure booting system will prevent hardware from booting anything that has not been signed, using keys from Microsoft or the OEM.
This will prevent the hardware from booting anything else than Microsoft software, like malware (the target) or Linux (collateral benefit).
The effective rules are discussed here:

  • Windows 8 certification requires that hardware ship with UEFI secure boot enabled.
  • Microsoft's certification requirements eventually revealed that that UEFI firmware on x86 systems must allow users to re-configure or turn off secure boot, but that this must not be possible on ARM-based systems (Windows RT)
  • Windows 8 certification does require that the user be able to disable UEFI secure boot, , but this must not be possible on ARM-based systems (Windows RT)
  • Windows 8 certification does not require that the system ship with any keys other than Microsoft's.
  • Developers (e.g. for drivers) must pay $99 (which goes to VeriSign) to access the Microsoft sysdev portal in order to get binaries signed by the Microsoft key.
On the same site you can find information on Shim, a Linux project to develop a first stage boot loader for supporting UEFI Secure Boot.