How to Jail Break UEFI to RUN Ubuntu?

Question

The ISSUE is how the Unified Extensible Firmware Interface (UEFI) Secure Boot (protocol) v2.3.1 that Microsoft has mandated for all Windows 8 64bit systems illegally blocks boot loading software (such as FREE and legal Ubuntu) from being loaded unless a Microsoft or one of it’s affiliates (collaborators) has digitally sign (cryptographic signature) your code with their UEFI signing key (KEK certificate which is a DER encoded binary X509 v3 certificate) stored in the firmware.

Why should Ubuntu developers or any other free software developer be held hostage and forced to PAY Microsoft any FEE for the right and privilege of running our own software?

No to mention there is no centralized signing authority to provide UEFI keys. Microsoft has made itself the only authority (gatekeeper) holding all the master keys.

I want to point out there is NO such thing as “Windows Hardware” because Microsoft does NOT manufacture Lenovo, Sony, Toshiba, Acer, Asus, MSI, VIA, HP, Dell, Celvo, Sager, etc… This is Microsoft extending its own brand (software) upon firmware, claiming it’s their platform. Why do the manufactures accept this theft of their hardware product?

Your question is a bit unclear, if you mean to load in another boot loader to install a Linux OS or even dual-boot, it is very east to Disable the UEFI Secure Boot through the BIOS and easily install GRUB or any other boot loader you're trying to install. This question you posted is more of an opinion rather than a question. If you wish to "jailbreak" as you said or disable this feature to do something with Ubuntu, simply ask and someone can most likely help you to do so. — Casey, Aug 16 '13 at 05:04
@Alvar That's about using UEFI "Secure Boot." This is about not using UEFI "Secure Boot." — Eliah Kagan, Aug 16 '13 at 11:51
@EliahKagan This is a discussion about why secure boot is bad and why doesn't the manufacturers care, there isn't a question in here. — Alvar, Aug 20 '13 at 21:11
Secure Boot itself is a good concept. It is the hardcoding of firmware by vendors that makes innocent people like you ask things like "how to jail break?..." This is a rant and not a question appropriate on the main site. Try meta or even somewhere else to learn about how UEFI specification and UEFI implementation are two different things. Secure Boot can be used for Ubuntu to lock out any other operating system on any UEFI >=2.2 specification machine depending how that has been implemented by vendor of hardware. Like Windows; Ubuntu prefers UEFI >= 2.3.1 for Secure Boot. — geezanansa, Aug 20 '13 at 23:43
I vote to close this question as "unclear what you are asking", because if we concentrate on the technical aspects, there is not enough information to help you, and the political aspects are rather off-topic and too broad to be discussed in a q&a format. — Bruni, Jul 30 '19 at 08:14

score 1 · Answer 1 · edited Apr 13 '17 at 12:23

I didn't quite understand your question, it is like an opinion. Your title suggests you want to get pass the secure boot function to install ubuntu. (but your question content asks, why ms doing all the stuff)

Moreover, UEFI is not depended upon secure boot. Secure boot is a feature of UEFI. UEFI can be there without secure boot enabled.

Well as an answer based on your title , all I can say, from ubuntu 12.10 the secure boot is supported. But as the secure boot implementation varied from manufacturer to manufacturer, it may not be reliable. One more important thing, you need 64bit Ubuntu to work with UEFI.

So, if you are facing problem just turn off the secure boot in firmware settings page (which in general called as BIOS). That's all.

And here goes the guide to install ubuntu in a win 8 laptop : Installing Ubuntu Alongside a Pre-Installed Windows with UEFI

= 12.04.2 for signed.efi which means you should be able to leave Secure Boot ON. But as Web-E highlights it is how vendors have implemented this (by what is in their firmware) Many vendors are going to have to pull their fingers out and get releasing updates. It is them who are the problem. Not Secure Boot or UEFI. FAWC — geezanansa, Aug 20 '13 at 23:54

score 1 · Answer 2 · answered Aug 20 '13 at 20:57

1

Microsoft has certainly excluded out Linux, an open platform, on the Windows Surface RT tablets!

If you one of the many who happen to purchase a Microsoft Surface RT Tablet, you should know Android, Linux, Ubuntu, not even Windows 8.1, 8, 7, Vista, XP or any flavor of Windows will run except RT only! There is NO disable UEFI mode given. Your locked into using only 1 operating system for life on that device, given the OS is locked down not to the owner, but the device itself.

If you want to run Ubuntu on a Microsoft Surface Tablet, the word “jailbreak” certainly does apply.

answered Aug 20 '13 at 20:57

Earl. Yates

19
1

Let's try to be correct here: Microsoft Surface devices are ARM processor based tablets intended to run Windows RT. These devices technically cannot run x86/amd64 code, thus deprecated and non-compatible code will not run. This has nothing to do with Microsoft doing evil things. Also there are enough Linux tablets out there currently. It's almost the opposite with tablets compared to desktops and laptops. Of course it's stupid that history repeats itself with every new mainstream platform, but when you buy a tablet and want to run Linux, then just don't buy Windows, no matter how cheap it is. – LiveWireBT Aug 21 '13 at 22:26
On second thought: Buying Windows tablets and installing Linux on them (if it was possible) can also harm Linux, because it sends the wrong signal to the market (that Windows RT tablets sell well -> Windows RT is popular). Currently we have balance and a clean distinction in the tablet market. We shouldn't trade that in for some bargain that is none (if Windows RT tablets were popular, they would achieve higher prices) or pseudo freedom (freedom to install an OS that undermines your freedom). – LiveWireBT Aug 21 '13 at 22:52

score -1 · Answer 3 · answered Aug 20 '13 at 19:31

Dr. Richard Stallman, one of the most influential and important people in the Linux community, founder of the GNU Project and the Free Software Foundation, has basically said UEFI Secure Boot protocol should be illegal for how it is implemented in favor of only supporting the proprietary Windows monopoly.

He points out that the security feature causes the machine to only work with programs that are signed with a digital key that Microsoft has made itself the central authority. For everyone else, not just Linux enthusiast, this anti-social behavior encroaches upon the sovereignty of open platforms for everyone on the planet.

Excuse me, but this truly is an ACT of war! Microsoft is the invading advisory here, by claiming it has supreme authority over everyone else to dictate their terms as usual. No negotiation was ever given. It’s the same with the EULA, an ultimatum that demands 100% submission and surrender to their terms. No refunds are honored too!

Today, Microsoft has placed a barrier against liberty and everyone, it's a restrictive anti-competition business tactic, that hinders and works against every open platform and society (human race). As everyone knows we all build upon code, just as nobody sits down and innovates a 747-400 Jumbo Jet alone, all by themselves. There are over 6 million parts to a 747-400. Now imagine 50 million lines of code that an modern operating consist of. This effort is only possible through the collaboration and cooperation of a great many people, in the past and present. For humanity to advance in the future, this same strategy of building upon prior work, is required. No exceptions, no exclusions, our species doesn’t pass on genetic knowledge, we obtain it from a born blank slate.

Tomorrow holds the extermination of all open platforms, if we don’t stand up against the aggression of Microsoft’s extremist tyranny! It’s time to liberate humanity, assuming you’re a human being who values living in a world of choice, as that is what the open platform insures for all of us!

Kind of essay but good as an answer for the respective question. — Stef K, Aug 20 '13 at 20:31
UEFI specificatuion is a totally different thing compared to UEFI implementation. Vendors are free to implement UEFI specification to their hardware as they see fit - that is within certain parameters set out in the UEFI specification. The problem is vendors are not acting responsibly regarding this fact. In theory it is possible to install Ubuntu to Secure Boot system and if Secure boot is enabled this should prevent windows or any other operating system to install. What has happened is vendors have in one way or another have hard coded their firmware to only see Windows UEFI Boot Manager. — geezanansa, Aug 21 '13 at 00:51

score -1 · Answer 4 · answered Aug 21 '13 at 07:07

The answer to "How to Jail Break UEFI to RUN Ubuntu?" is that you shouldn't need to do that, if the UEFI secure boot protocol wasn't criminalized into a private business tool for profiteering. This is a much deeper social issue on display than what appears at the surface; a reflection of an economy without a conscience.

How to Jail Break UEFI to RUN Ubuntu?

4 Answers4