So with 11, is killing Rufus, or are they going to play nicely now? Asking for a friend.
This is a very serious question BTW.
The hard requirement of SecureBoot validated by the installer means the installer cannot be ran from Rufus flash drives.
Conversation
Linux kernel is GPLv2, not GPLv3. GPLv3 has specific clauses restricting secure boot implementations. By taking the code, signing it and distributing it Microsoft would be constrained by the GPLv3 license.
This is GPLv3 working by design. It's designed to forbid doing this.
The Linux kernel isn't in question here at all though. It's the loaders that are in question.
1
Linux kernel is capable of acting as an EFI application and can be booted directly. The use case for a shim is just that you have to deal with this additional party unlike a typical secure boot implement where the vendor making the OS controls the key such as with Android phones.
1
Show replies
I think Microsoft is correct about this. It's a consequence of using GPLv3. GPLv3 forbids a secure boot setup with an immutable root of trust rather than it always being possible for the user to use the key of their choice. If you use GPLv3 you forbid setups with hard-wired keys.