back to article Windows 8 secure boot would 'exclude' Linux

Computer scientists warn that proposed changes in firmware specifications may make it impossible to run “unauthorised” operating systems such as Linux and FreeBSD on PCs. Proposed changes to the Unified Extensible Firmware Interface (UEFI) firmware specifications would mean PCs would only boot from a digitally signed image …

COMMENTS

This topic is closed for new posts.

Page:

This post has been deleted by its author

Silver badge
FAIL

Good grief....

They never learn, do they? Ho hum.

GJC

36
0
Anonymous Coward

@GJC

Nope, gawd bless'em.

The whole trusted computing architecture thing died a death before and the world is a different place now - you know, with some real competition for MS, the fading monopolist. So I don't rate their chances this time around as well. TCA required the connivance of Intel and I get the feeling that's not as likely these days either.

But you can't keep a good tyrant down so it's probably a good thing to publicise what they are up to so they don't get away with it just because no-one was looking.

15
0
Linux

hell

If Microsoft succeeds in this (I wonder how many millions or billions will change hands), I hope that the hackers in this world make life a living hell for windows products on the internet.

3
0
Anonymous Coward

Make?

"I hope that the hackers in this world make life a living hell for windows products on the internet."

From what I see, day and daily, it already is!

1
0

Won't happen like that

Which may be a shame as it sounds like the sort of push that might finally lead to broad mainstream acceptance of Linux desktops.

Nothing people dislike more than being told they are having choices removed even if they had no intention of taking up the alternative options.

4
2
Silver badge

Umm...

...explain Apple. Anyone who likes freedom and choice should eschew Apple, but people flock in their droves.

Make is shiny enough and people will pay you to enslave them.

30
10

Apple has boot camp

Which is one of the reasons I would consider one of their PCs even though it's quite possible that after buying one I would use it infrequently if ever.

2
0

Apple who created Boot Camp?

There may be many reasons why they did, some more cynical than others, but at the end of the day, Apple made Boot Camp so you don't have to use Mac OS X on their machines. And failing that, there's rEFIt, which if you ask me is the superior solution.

2
0
Silver badge

Yes it will

Because most people don't care. At all.

Your average (common?) PC buyer buys a PC and is even happy (relieved?) that it comes with an OS pre-installed because otherwise he or she wouldn't have the foggiest idea what to do. And those will be the same kind of people who may even support this movement because well (marketing crap here:) "It keeps my computer safe from booting unwanted or corrupted software such as virusses!".

I see a parallel here, though very vague... The European vote on encryption; the issue which would make it illegal for an household to own an encryption method /without/ handing a copy of the secret key to the government. Of course all in order to prevent "terrorism".

"It will never happen" people said, also because "We would lose our freedom". In the end hardly any political party cared (the attendance of said vote was very low) and it was IIRC Finland who eventually blocked the whole thing all together. Barely. It didn't even make it to the news.

While this thing may seem huge to us don't lose perspective; your average PC buyer or owner will probably have a hard time understanding what this fuss is all about.

13
0

Baaaaaaaaaaa.

People are sheep. They like the illusion of choice, but not really having any... that way any problems are someone elses fault.

Present company accepted of course as us el reg readers are more likely to want real choice and not just the pretend choice.

3
0
Gold badge
Trollface

Except that my MBP will happily run OS X, or Windows, or Linux, or BSD, or....

In fact more choice than a Windows machine :)

8
3
Anonymous Coward

Difficult as it maybe...

Apple don't stop you installing other operating systems on their hardware though. They are more concerned about you installing their software on hardware that wasn't sold by them. And only a very small minority of people who buy Apple hardware and the software that comes with it actually bother installing another OS. In either case though, you have bought Apple hardware and/or software and to some extent agree to the terms you've bought them on.

It seems that what Microsoft is attempting to do, is ensure that even though you'll inevitably buying your hardware from a third party manufacturer, you can only run Windows on it. Perhaps if I was buying Microsoft hardware such as an XBox it wouldn't be quite so unpalatable.

But I'm not even sure it's quite that bad either. So long as you have a suitably signed boot loader that the BIOS is prepared to execute, you're good to go. Perhaps Google will step in and get GRUB signed appropriately? Once the BIOS has passed control to the OS, you're trusting the OS anyway.

What it means for Microsoft, is that if your BIOS only allows bootloaders signed by a few authorities, and you run Microsoft's signed bootloader which is the only thing that can authenticate and launch a copy of Windows 8, then it's going to be hard for hackers to develop rootkits. It's one more backdoor that's been closed and not such a terrible thing from that perspective (i.e. would be useful for anyone wanting that chain of trust starting at the BIOS level).

2
4
Silver badge

These comments prove a very valid point

People don't get the problem. Just because the MBP you have today will allow you to do this, does not mean a MBP tomorrow will.

But the newer MBP will be shiny, and you like shiny dontcha.

Here, this ball and chain is shiny to. Shiny. Likey-likey?

9
6

As the article explains there are problems trying to release a signed copy of GRUB, it may violate the GPL v2, it definitely would violate the GPL v3.

On the other hand I don't expect this to go anywhere because it's Intel that has the most control over the BIOS/EFI layer and Intel don't want to make their kit less useful. Particularly with MS flirting with ARM, Intel have no reason to bend over here.

2
0
Silver badge

Apple vs MS

Actually, most punters flock to Apple's main competitor, Android, mainly because it is more open and bit cheaper.

1
6
Stop

No

I've run Linux on all my Macs. No Problems. Macs run all Major OSes.

So much for no freedom of choice on my Mac. So looks like Mac IS where to go for freedom of OS choice if this bit of fun goes through.

5
6
FAIL

Apples and Oranges

Apple is a HARDWARE vendor, not a software vendor, they have less interest in Locking out other OS's. They are naturally concerned with what HARDWARE you are running, not what sofware.

Mac 3 is running Mint, so much for my ball and chain......

1
0
Gimp

@dana

don't kid yourself. all apple need to do is pull another sony and pfft.. no more other os.

however, knowing your typical apple fanboi, they'd probably go orgasmic every time, apple decided to bugger them.

3
8
Anonymous Coward

@The Big Yin

Yeah, Apple allow you install any x86/x64 compliant O/S you want via boot camp and this new doo-dad from MS will allow you to run ONLY a signed and verified O/S and that would be...oh yes fricking Windows 8!

So Brain of Britain, which is worse? Apple allowing you to install any O/S you want on their hardware or Microsoft who want hardware locked down so tight that it only allows Windows to run on all non Apple hardware?!?!

3
2
Anonymous Coward

It might be a problem to some...

But like I said the majority of people who buys Macs or PCs won't be installing other operating systems anyhow. I have 3 Macs and 3 PCs at home and only occasionally in the past have installed various versions of Linux, but never kept any of them in the long term.

So even if I can't install other operating systems in the future, it really wouldn't be a problem for me nor a lot of other people.

That's not to say I necessarily approve of it though. There is scope for it to harm competition and consumers but I have a reasonable amount of faith in the open source community, EFF and companies like Google, Redhat, etc. to prevent that kind of thing.

Seemed to me a lot of people were starting to panic.

0
0

it could all backfire on MS then

If MS start to try to lock people to their tin supplier when you buy a PC, maybe even more people will flock to Macbooks.

Another shot in the proverbial foot MS.

1
0

Hmmm... A Google sourced grub? A boot loader that logs all your activities and reports them to its master so that they can better serve you adverts...

Sounds like a bad virus to me.

4
1
Anonymous Coward

uh huh ...

So does my Netbook. And it cost peanuts.

0
0
Silver badge

@AC 17:39

Do you think for one second that Apple will not start to use this as well? They'll dress it up a bit better than MS and make it all shiny for you, but they will use it. Then where will you be?

Apple run the most locked-down and controlling hardware/software when they can get away with it. This will be just another way of doing that for them.

And do leave off the ad hominems, they really are pathetic.

1
2
Silver badge

About Apple..

You can boot linux on Apple hardware.

Not tan many bother as its overpriced.

When you buy apple, you buy a total solutions.

I have no objection to people buying total solutions BUT if people want to buy hardware, that hardware should not be crippled.

Will windows 8 load on a virtual machine without some pseudo signed BIOS? Not sure. Apple wont. (not without serious hackery anyway).

The answer of course is to write BIOSes for all boards that don't have this issue. Are most bioses not in FLASH these days anyway?

0
0

Rally round the profit wagons

I don't think Intel will care as long as they are the major player in the technology.

A technology lock like this is just another method for other technologies, good or bad, to be excluded.

All the PR will be how they saved the world.

The reality is that there is no WMD out there, but it won't be played that way.

I will assume politicians taking money will pass laws, but manufacturers will have the ability to opt-out.

Sort of like when Xfinitity does not tell you about the free HD channels they must supply by law in the States. You'll never see them advertise that service.

0
0
Anonymous Coward

Damn IBM took my cassette port away...

1
0
Anonymous Coward

This is an article about Microsoft not Apple.

0
0
Anonymous Coward

Tinfoil for The BigYin

Apple has been using EFI/UEFI on all Intel based Macs since 2006 which just shows how paranoid you are. As for "ad hominems", thats all of your argumeants.

0
0
Anonymous Coward

@zanto

Can you give a reason why Apple would care which OS you run on their HW? No didn't think so.

0
0
Anonymous Coward

Where did I see that before???

Bundled OS with hardware, does that sound familiar to you?

This proposal is the ultimate blasphemy. Here we go, re-flashing our motherboards with unlocked UEFI/BIOS/whatever.

Good, now we will have motherboards that behave like a PS3. </sarcasm>

Shotgun shell, meet foot.

4
1
Thumb Down

Thankfully the UEFI board is not only made up of Microsoft

I doubt this will be realized... or at least I hope so. I really don't want to see an age when you have to install custom firmware to your bloody PC to make it function free of artificial restrictions.

8
0
Silver badge

The ISO...

...board is not made up of MS, but they still managed to force through their patent-encumbered 'standard'.

4
0
WTF?

"Garrett concluded that there is no need to panic just yet."

Oh.Yes.There.IS.

This is clearly illegal -- the concept alone is enough to have it declared as an assault. Yes, it would be a physical assault. This really *is* the thin end of the wedge!

There's nothing bad about EFI itself and UNIX/Linux has no problem being made to boot from EFI (Apple already has it) but this "trusted computing" bullshit? This from MICROSOFT?!?!

ALL computing already IS a dozen times more secure and trusted than anything MS has to foist on the world.

19
11

"ALL computing already IS a dozen times more secure and trusted than anything MS has to foist on the world."

In "ALL computing" do you include Windows computing?

2
1
Trollface

Microsoft is playing and gaming, it's not computing.

3
2
Go

Kindly provide references, legal precedences, judgments and final resolutions that support your "illegal" claim.

2
5
Coat

Oh, really ...

Don't be ridiculous. Its called Tying and its is illegal under European law. It would be an interesting test case under the same. It also probably falls under the Sherman Act in the US.

1
2
Silver badge

"Physical Assault".

"This is clearly illegal -- the concept alone is enough to have it declared as an assault. Yes, it would be a physical assault. This really *is* the thin end of the wedge!"

So "tying" is treated as "physical assault" in Europe? Somehow I doubt that. It is *certainly not* treated as "physical assault" under the Sherman Act, so it would interesting to know why you have even brought it up, unless, of course, you did so out of sheer ignorance and stupidity.

1
1
Silver badge

M$ could end up in seriously big trouble here

Having spent years trying to convince the powers that be world wide that they are not a monopoly if they then end up pushing a technology that guarantees that they are in fact a monopoly they could end up well stuffed.

16
0
Silver badge
Windows

RE: "M$ could end up in seriously big trouble here"

Indeed they most certainly would. It is impossible to believe that the competition authorities in Europe or in the US would sit still for this - the row would be unbelievable. However that is perhaps the point? The article does not quote MS on this subject or indicate whether any attempt to contact them has been made. I for one would be *very* interested in how Redmond would react to this accusation. If MS actually *wanted* to give Win8 the worst possible start they could scarcely have chosen a better way to do it - and it is precisely that point that causes me to have some reservations about this story. Not because I am under any illusions as to what MS might *like* to do if they could get away with it, I just have some difficulty believing that they would think that they *could* get away with this.

1
1
Silver badge

Well, maybe

I agree that the EU might well look on this as a form of monopoly manipulation by MS, but the US?

I am not so certain that they would, look at the way the DOJ handled the last monopoly case against MS. That didn't do much harm to MS did it? After all they do invoke the magic words "security"in their specifications for Windows 8 and you know how keen the authorities are on that. It would not surprise me if MS spun this as a tool in the "fight against terror" or something.

1
0
Trollface

Security

Surely if security is the goal then having it recognise the Windows keys and refusing to boot would be a better idea.

28
2
Bronze badge

If security is the goal...

Then, it should be a NATIONAL/GLOBAL mandate, not one from mshaft.

If it is about letting governments have backdoor, escrowed keys, then it should NOT BE ms that is the gatekeeper of those keys.

Stallman et al need to REALLY quit wasting time ranting about Android and kick it into full gear on this EFI/TC chip. Government COULD demand that all mass-maket or commercial/retail consumer computers capable of loading an OS must have a TC-type of BIOS regime, but then, it MUST be an OS agnostic system, not one that helps a piss-ant, ape-jumping company get rid of competitors.

Goddamn microsoft. JUST when I was gradually letting down my hair and easing up on anti-ms ranting, you STIR UP THIS SHIT AGAIN! I hate feeling filled with venom and vitriol, but goddammit, if i had the magic red nuke button, I'd kneecap that company, maybe up to the sternum.

All this benevolent kernel involvement was probably to get on working committees to get legit, timely, deep insight and constant data stream on how the Linux kernel development and deployment works JUST so ms and its root-sucking, jack-ass consortium of fools can support ms in coopting the boot/bios industry to the exclusion of all others, save for Apple.

Now, more than ever, foreign governments need to put a morningstar into ms' ass. In the name of national security, no government should let ms get away with this shit because it means likely only ONE country will have preview or full access to the global escrow.

This IS SCARY, and inFURIATING.

I still have a suspicion that ms has found ways to infiltrate and fuck up the distros distribution for the most popular distros such as Mandriva, PCLOS, Ubuntu and others. I for the past year have had increasing failure rates of installing PCLOS from magazine pressed/distributed discs than ever. It is maddening to have no clue, and no matter how thin or how fat an install, no matter which kernels, I have very little stability. I have no idea why ioslaves are rampantly failing for me. On FRESH installs, i'm talking about. It's so painful it drives paranoia a lot easier than questionable hardware. Each release of the kernels and update of KDE just brings me more and more frustration. I'm at the point where I feel I'd rather PAY $100 or $200 for someone to install it for me and provide me recovery disks and USB devices. But, i sure as hell will have them do it in a near-cleanroom setting, not from their own media and facility and have an opportunity to jack in some backdoor kit. I may inadvertently install a roge rpm, but it'll be MY error.

OTOH, I sometimes wonder whether the distros themselves may be making things randomly painful by over-providing, or on behalf of hardware dealers who wish they could be part of the build process. In either case, I want LINUX as the host OS, and any windows as a virtualized, sequestered, QUARANTINED GUEST! Not the other way around. It's my CHOICE and my RIGHT, and ms should be fracking happy they at LEAST get a legit sales via a legit consumer purchase out of me since my desired apps don't run well in wine or not at all in Linux.

5
1
MCG
WTF?

The simplest explanation would be that your PC and/or its optical drive is FUBAR'ed. But don't let me kill your paranoiac buzz!

0
0
Anonymous Coward

So who owns the hardware then?

Seems like a wonderful opportunity to force through legislation that says that if you own the thing you must be provided with all the relevant keys to it, too.

8
0
FAIL

will never happen - that would basically kill all game consoles security and therefore the business model

0
1
Thumb Down

Your computer or theirs ?

So, if I am reading this correctly, MS will be saying that, although you own your hardware, the computer you have purchased, you can not run your OS of choice ?

So what, I wonder, if you decided to reject the EULA at boot up ? Rejecting the T/C's from MS but still having them control your machine or rejecting them and essentially then having a vanilla machine with NO MS junk at all ?

This is one occasion when I hope the EU does throw some weight around and say " get stuffed boys……..".

17
0
Anonymous Coward

Re: Your computer or theirs ?

Whilst I agree with your sentiments, I'm surprised at your surprise.

Haven't you heard of xbox / playstations / iphones / ipads ?

Companies have been pulling this ruse for years

3
0

Page:

This topic is closed for new posts.

Forums