This Week in Linux 111: Linux 5.8, BootHole & GRUB2 Flaws, Firefox 79, JellyFin, Nitrux, & More

Originally published at: 111: Linux 5.8, BootHole & GRUB2 Flaws, Firefox 79, JellyFin, Nitrux, & More - Podcasts - TuxDigital

3 Likes

Excellent show, as usual, @MichaelTunnell, though on our forum I think the tag does list main topics covered, but the body of your post is perhaps referring to last week’s show?

I’m glad the community pulled-together and had a look at GRUB2 and related flaws. Apparently the Debian team have fixed it as of a few days ago with 10.5 release including updates to shim, as far as I understand this link:

https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/

I think the nano snobbery might be originating from system administrators who long consider vi to be the standard for professional use. nano’s supposed to be easier but coming from an Emacs background, I’m happy enough with vim rather than nano, though I have nothing against it myself.

I’m wondering to what extent Coreboot is an open replacement for SecureBoot? Does it get around the problem of code/certificates being authorised only by Microsoft?

1 Like

Thanks for that, didnt notice that problem. I have fixed it now. :smiley:

This is why the topic was complicated in the show . . . the fixes for the GRUB2 issue created its own problems so when I said Debian had an issue it was because the one I was talking about was the side-effect of the fixes. This seems to have been solved now though as of this morning. I don’t know but I will do some more research on this piece before the separate video.

You are probably right. I think were just tired of the snobbery in general and that is what made us want to have that story in the show :smiley:

I am pretty sure CoreBoot doesn’t replace SecureBoot because that is a part of the hardware itself

1 Like

Thanks for the clarifications and updates, Michael :slight_smile:

I reserve the right to add a flame background to any terminal app that adds a “scroll bar”. Like living in 2050!!

1 Like