Friday, May 24, 2013

UEFI Secure Boot: The story behind and where Linux stands

von Dr. Udo Seidel (Amadeus Data Processing GmbH)

Friday, 24.05.2013, New York I, 10:45-11:30 Uhr

Traditional BIOS and older (U)EFI implementations have executed arbitrary code without any security validation. With version 2.3.1 the UEFI specification has introduced a new feature which addresses this issue. The firmware will check if the code to be executed is validated by using RSA keys. The needed information are stored within UEFI. However, todays reality is that the hardware vendors ship only Microsoft keys. This locks out Linux in the first place. This talk will describe the architecture behind UEFI Secure Boot and which ideas the Linux community came up with. It will concentrate on the solution which was selected for Red Hat Enterprise Linux and is also used by other Enterprise Linux vendors.

Über den Autor Dr. Udo Seidel:

Without Linux Dr. Udo Seidel would have been a teacher for mathematics and physics. But since they met back in 1996 he is a big fan of that opensource operating system. After finishing his PhD studies in experimental physics, Udo worked as a certified trainer and examiner for Linux and Solaris. During his leisure time he enjoyed the first Linux base PDA - the Agenda VR3 and actually managed to port the X window application oneko and xsnow.

From 2002 til 2005 Udo was a Senior Solution Engineer at science+computing AG. He was responsible for HPC clusters and CAE workstations. The majority was based on Linux but he was not scared by administering IRIX and HP-UX. The Agenda VR3 was replaced by the Sharp Zaurus - one of the small software projects from these days is still part of OPIE.

Udo works since 2006 in a large data centre owned by Amadeus Data Processing GmbH in Erding. He leads an international team of Linux/Unix system administrators responsible for more than 700 servers. He regulary writes articles for several computer magazines and gives talks at conferences.

His interests are file systems, virtualization, security but also skiing, inline-skating and badminton.