"The bad news they share is that Ubuntu will not be using GRUB2 by default on systems where SecureBoot is enabled (i.e. all future PCs that are Windows 8 certified). Canonical has invested heavily in the GRUB2 boot-loader, but their move away from GRUB2 comes from GPLv3 concerns. If an OEM shipping an Ubuntu pre-install ships a GRUB2-enabled Ubuntu release where there is Canonical's private SecureBoot key, they think as part of the GPLv3 they might have to disclose their private key with the source code so users could install a modified boot-loader. If the private key was publicly known, it would then be revoked. With the GPLv3-licensed GRUB2 not being an option, Canonical then explored using the GRUB Legacy release with EFI patches on top, but they didn't want to touch that aging code-base. Canonical has decided to use Intel's efilinux loader that is more liberally licensed and they're able to make some modifications to provide a simple menu interface. Also shared is that Canonical only plans to enforce requiring the authentication of boot-loader binaries but not signed kernel images or kernel modules. This will make Ubuntu Linux still capable of loading binary blobs like the NVIDIA and AMD Catalyst drivers and for users to easily spin their own kernels." - Miguel Caetano from Bookmarklet