The question of whether Secure Boot technology in UEFI firmware could exclude Linux from PCs running Windows 8 has taken a fresh twist. Red Hat engineer Matthew Garrett, one of the first to flag up the Unified Extensible Firmware Interface issue, has blogged that Microsoft's rules for certified Windows 8 hardware do not make it …
As advertised ...
... Linux is perfectly happy on old computers with low performance marks. I'll just keep using it on my old AMD 3200+XP dinosaurs and be perfectly happy as usual.
Except in ten years time when that fails and there is no longer any way to get anything other than Wondows 9 (because why would they upgrade after that?)
Linux will work just fine on new stuff as well
...just that, IF YOU BUY A COMPUTER WITH WIN8 ON IT, you'll have to turn off the signed bootloader thingy.
Talking about messing with the keys is a red herring; if you want to do signed linux, you were always going to have to install your own keys, and even if the UEFI spec doesn't specify how this is to be done, it ain't Microsoft's job.
They key points is that MS have said that to get their shiny sticker on OEM PCs, they not only have to ship with a way to turn off these security features, but they have to be customisable. This will, in fact, make key-signed linux MORE likely than it would have been last week.
As to the ARM stuff, in the abstract this is annoying. But in reality, I can't see the presence or absence of the ability to load linux onto win8 phones and tablets affecting me one way or the other.
@frymaster - Actually we are not concerned
about this thing affecting you, so why are you posting here ?
That's all (Yes I know they don't care about win8 certification, but the system idea is right, and if the SoC manufacturers want to put Win8 on then you're screwed.
"As to the ARM stuff, in the abstract this is annoying. But in reality, I can't see the presence or absence of the ability to load linux onto win8 phones and tablets affecting me one way or the other."
ARM isn't restricted to "phones". There is also the matter of tablets, laptops, and potentially even desktops to consider. What about general purpose boards such as the Raspberry Pi, which are also ARM? It's a general CPU architecture, not a class of products. If the OEMs are forbidden to allow modification of the allowed keys, it will be impossible to boot anything except Microsoft-signed code on these systems, and that *is* certainly something that would affect people. It's a requirement for using the Windows logo on the hardware, which is a big commercial incentive to lock down the hardware, or else it has the appearance of not being approved for use with Windows, even when it's perfectly supported, which could have a commercial impact if it affects sales. Thus Microsoft achieves total lock-in on the platform.
You are seriously short sighted!
"As to the ARM stuff, in the abstract this is annoying. But in reality, I can't see the presence or absence of the ability to load linux onto win8 phones and tablets affecting me one way or the other."
What happens when nice laptops come out with win8 and long battery life from an ARM processor? Locked to MS-only and Linux must make do with the old Intel stuff.
Furthermore, the MS requirement only *allow* non-MS signed x86 booting, they don't *require* it, and one can imagine that secretly they will pressure OEMs to not support it.
It is high time that the EU or whatnot mandated all computer devices have a free way to disable secure boot should the user want to try another OS, or use a Linux-based recovery CD or similar. Most don't care, but it will eventually strangle any sense of freedom in computing in 5-10 years time.
ARM not ony tablets
ARM is not just for phones and tablets but may also be used in servers. This is advantageous as the server can have dozens or hundreds of CPUs which can be switched off when not needed. The power savings of ARM, plus switching off, would make this attractive for many types of server.
However, buying Windows licences, on a per CPU basis, would make this uncompetitive, unless there was some way of making this compulsory.
Realistically though: making your ARM based server product Win8 certified is going to cost you more sales than you would earn (and even taking the same product and making a special version for Win8 certification only will cost more in inventory than you will gain in sales), so I don't see this as an issue.
Linux must make do with the old Intel stuff...
anyone for designing an open source cpu ? intel compatible ?
with the effort being put into linux , this should be piece of cake right ?
I can see yet another EU court case in the offing for Microsoft - they just do not learn. Whilst any restrictions on the unlocking of Intel boards will be on the manufacturers head the ARM statement surely amounts to some form of trade restraint or competition blocking, yet again.
You must be fucking joking.
"It is high time that the EU or whatnot mandated all computer devices have a free way to disable secure boot should the user want to try another OS,"
The original IBM PC—from whence all modern Windows boxes came—was NEVER intended to be an "open" platform. It was supposed to be a closed platform, just like Apple, Atari's computers, Commodore's, Acorn's, Sinclair's, and every other bloody computer around at the time.
The only reason there's a "PC clone" (for that's all modern PCs are) market at all is because Compaq (and, later, other companies) reverse-engineered their own compatible BIOS ROMs using a clean-room process.and invented the "PC-compatible" market, but—again—HP, Compaq, Dell and their ilk have never, EVER, been remotely interested in letting you install anything other than the de-facto standard software bundle on these machines—i.e. MS-DOS, Windows, and its successors. (Dell were infamous for customising some of their hardware and drivers, so their PCs weren't really as "open" as many people claim.)
These companies have tried to offer alternative software bundles, but every time they've run into the law of diminishing returns: the market for alternative OSes simply isn't big enough to justify the investments and support costs. Most people simply aren't aware that something called "Linux" even exists, let alone what it is. Hell, many people out there will blithely write "Microsoft Office" in the "What is your operating system?" field on a PC support site.
Most people are *ignorant* of IT theory and practice. That doesn't make them "dumb", "stupid" or "brain-dead". It just means they don't share your interests.
To this day, I still have no idea how Cricket works, or who won the FA Cup last time around. I find the whole concept of watching other people exercising and keeping fit utterly absurd and stupefyingly dull. But I don't go around demanding people stop doing it. Whatever floats your boat.
But I _do_ get annoyed when people insist that their "freedom" trumps _mine_, and everyone else's.
"Freedom" is a two-way street.
It includes the _freedom_ to make *any* product *I* damned well choose, and design it how *I* want. I then get to manufacture it and sell it to the public. *I* carry ALL the risk, because, if I've misjudged the market, all the capital investment I'll have made will be lost and I'll be bankrupt. The *market* decides whether I get to be spectacularly rich, make a basic living, or lose my home and the shirt off my back. If you disagree with that, you, sir, are a hypocrite. End of story.
If you want a computer that comes ready-built with Linux (or any other third-party OS), or onto which you can install same, the onus is on YOU to build such a machine, or find someone who is willing to build it for you. If you think your pet OS is so shit-hot, why don't you put YOUR money where your loud mouth is and build your _own_ range of PCs? Offer them to the public, and watch the money pour in! (I can think of a few ways you might be able to pull it off, but none involve following the traditional PC industry sales models. Hint: Red Hat.)
Like it or not, you have no right to demand that _other companies_ sacrifice _their_ design freedoms to meet your petty demands.
Get off your arse and build your own PCs. Nobody's stopping you. Not even Microsoft.
> It was supposed to be a closed platform,
There was an awful lot of detail (including schematics) in the blue Tech Ref manuals for a closed platform...
@Sean Baggaley - You the "fucking" joker here.
Microsoft appears to be abusing its monopoly status to try to hold onto to x86 market through deliberate stifling of any possible competition, and is further trying to leverage its x86 monopoly to create a monopoly on a whole new system architecture, namely ARM.
That is illegal, and they've been prosecuted and found guilty of this several times before.
Abusing a monopoly to stifle competition results in every single customer suffering - you end up with shitty products at very high prices, because the monopolist has no incentive whatsoever to improve and can jack up prices almost indefinitely.
If it was a minority player suggesting these clauses, then it wouldn't matter.
However, Microsoft are a practical monopoly for both desktop OS and desktop "office" applications, and these measures look very much like they are trying to leverage those monopolies to get more monopolies - which is illegal in the US, the EU and probably other places as well.
Incidentally, they are stopping me building my own PC
Or at least making it a lot harder than it should be.
When I last built my own PC, I didn't design, route and manufacture my own motherboard - I bought one from the likes of Asus/Gigabyte etc and it had a Windows Logo thingy on the box.
By the ARM clause, if I was building my own ARM PC, then buying an ARM motherboard with a Windows Logo on it means I cannot install *anything at all* onto it except Windows 8.
It also sounds like the converse would be true, meaningthat I cannot put Windows 8 onto ARM unless it's Logo'd.
Even though it's my damn PC that I am building, Microsoft are taking away my choice of OS to put onto it.
Equally, the x86 clause means that my new x86 motherboard won't let me install Linux (or even a retail Windows XP or Windows 7) on it until I mess about in an optional configuration tool.
- If I'm unlucky, then that optional tool may not even exist and I might not find out until I try to use my new motherboard. Then I'm in the mess of trying to return it (and spreading the word not to get that particular one)
It's abusive and unnecessary.
I mean, how many boot-sector rootkits are common in the wild anyway? And what exactly is wrong with a simple warning "boot sector changed, did you install a new operating system?"
- I don't think UEFI even gives you a way to roll back a nasty boot sector change anyway, so rootkits would just brick the computer on next boot. Not exactly a friendly response!
- I wonder who your "average" user will blame if their PC suddenly refuses to boot with a UEFI "Unsigned kernel!" critical error.
You're not going to be able to buy Windows 8 ARM and a logo'd motherboard it runs on separately at all- the same way you can't buy an Apple A5 motherboard and a DVD of iOS separately. (You want a hackable ARM machine with Linux, might I suggest the Raspberry Pi?)
Non-Windows x86 gear will still be made. Strangely enough, Linux is actually used quite a lot in the real world.
... its not just about a Win8 phone, but how about a tablet that you buy and then decide, hey, I want to run Android on it?
Also, as the Win8 OS is moved to other hardware devices such as Thin PCs and maybe some home theatre devices, etc... which would more than likely be ARM based as well, they are locking out the Linux or other OS enthusiast from the hardware.
This is the type of behaviour that has got them in trouble with various governments in the past! It seems that threats of anti-trust legislation is all that stops MS from doing such underhanded things!
And you're the joke!
You sir have no idea of IT history. MS, Apple etc. 'stole' from so many, and created an industry to make money - nothing more, nothing less. These companies have contributed nothing to the technology. Even the media created saint, Jobs, stole from Xerox Star to create Lisa. The biggest attribute that Apple has is repackaging. MS bought out so many companies to 'create' all their software (and I mean all), because they rode on the coattails of IBM.
These companies are not sacrificing their software or design because they have none. They are out to make money by not allowing ANY competition.
You are so clueless about these matters. Get off your arse and learn a little about technology.
Of course the original IBM PC was intended to be open. It was open in the sense that IBM published anything you would need to put your OS on the hardware. No, it wasn't intentionally cloneable... well, other than the fact that, unlike many other personal computers, every part of the IBM PC was off-the-shelf, TTL-Databook or Intel Catalog stuff.
@Richard 12 With all respect this is not a rerun of the nineties.
As far as the tablet market is concerned MS are entering into a market that already has two powerful well established players, one of whom has a *very* dominant position in that market. There is IMHO (whatever Microsoft's intentions/wishes) not a cat's chance in hell that they will be able to pull the same stunt in the ARM-based tab market that they managed twenty something years ago in the pc-market.
Sounds like we need one key. To run a modified GRUB as the alternative OS that can then find other bootable images.
This means that each distro won't have to obtain an expensive key from micros**t.
Two big players, Sony and Nintendo.
MS Came out of NO WHERE and blew them, and the world (gaming world) away. Of course there has been various issues form the very start, but they did exactly what you've described. They've got enough money to be able to do so, and they'll do it again easily too.
Micros~1 wants to be Apple for a song
Apple builds its own hardware and software, then tells you you can't just take different hardware and run their software on it, because their margin is in the hardware, not the software.
Micros~1's margin is in the software and has always had world domination tendencies, so now trying to own the hardware, too, is not that much of a surprise. Minor detail: They don't actually own that hardware. That arguably makes it theft.
If this particular scam isn't illegal, it should be. It might even be abuse of market power and thus monopolism or cartelism or whatever the legal term is. Mere promises here aren't good enough. There needs to be a strong incentive to not take away control from the owner of the hardware.
The irony here is withering. The reason micros~1 got big in the first place is that IBM owned the platform but left all but the BIOS open enough for easy copying, reducing cloning to coming up with a functional IP-free replacement for that bit; Compaq was the first to do so. That enlarged the OS market for that platform, a cozy asset that IBM neglectfully gave away to micros~1. So now they're trying to not merely keep their position, but to shuffle away the keys to your owned hardware as well.
Even if Joe Average User cannot be expected to understand this, he just might find later he couldn't afford to let it happen either.
Micros~1 = funny
From now on....
I will never write Micros~1 again...
I mean Micros~1... dammit!
Load of cr....
So you vent your anger a microsoft for trying to control the hardware on wich windows run? your venting on the wrong company.... Apple is culprit for this practice.
you don't want MS to mess with your bios? don't buy a computer with windows 8 pre-installed.... simple.... same goes for Apple, don't want grossly overprived hardware on top a freeBSD with a candy interface? don't buy Apple.
your rant sink like rock......
*takes stick, turns it round and hands back*
there you go!!!
Now correct me if i am wrong, but does he not mention the fact that Apple do this??? What he then goes onto explain is that MS are now trying to do this.
We all know and hate/love the fact that Apple do this, that is clearly evident in the number of posts for and against Apple's "walled garden" approach throughout a vast number of threads on here.
your rant sinks like a rock...or is that sank like a rock?
The proposed system will never happen in any recognisable form. It's basically microsoft asking the industry to give it a second monopoly on desktops and servers. it will fail.
No, it isn't.
It is MS trying to break out of the situation they are in where industry standards and expectations are that windows will support almost everything it ever has done. That is why it is so bloated, that is why other OSs perform better.
They tried to lock down the OS starting with vista so that 3rd parties found it harder to fuck up their code with dodgy drivers and software(which is the cause of most windows problems) only to have people scream and shout during beta testing that they couldn't install their legacy hardware or software because the manufacturers of that were too far behind, hence the speedy rewrite followed by years of problems caused by shoehorning legacy support into a system not designed for it.
If MS were allowed to release software like Apple can then it would be a much better OS and locking software to your hardware will have virtually not effect on the majority of users. It's just a shame that the vocal minority always seems to win.
@Jim 59 - I'd rather say it is Microsoft
forcing the hardware manufacturers to give up what's left of the control they had over their products. Looking at how enslaved by Microsoft computer OEMs are at this moment, I'm seriously worried. Don't take my word for it, just remember how hardware specs for the netbooks were castrated at Microsoft request (after successfully preventing the use of Linux), turning that class of computing devices into a joke.
We all know what happens to those who forget history.
@Micky 1 - You're totally off topic here
It is not about Microsoft supporting something in Windows, it is about Microsoft preventing the replacement of Windows on generic hardware.
1 - Apple can do whatever they want with their software on their own hardware
2 - Apple does not in any way prevent the installation of other OS on the hardware they produce.
"It's just a shame that the vocal minority always seem to win"
This is exactly what Monopoly legislation exists to ensure. MS have a monopoly on the desktop, therefore most if not all OEMs will bend to their every whim. Why on earth should they be permitted to extend that monopoly by making changes which will make it even harder to run something else?
Microsoft are (AFAIK) perfectly at liberty to release a MS PC, with a version of Windows designed specifically for that hardware. Hell, they can even lock that version to their own hardware stack. _That_ would be doing what Apple do. Trying to knacker the PC market for anyone not wanting to run Windows is something entirely different.
Oh and incidentally - why do you think that standards and expectations are the way they are? Could it be because Microsoft pursued that course? It's also got fuck all to do with whether or not we need UEFI. UEFI is about ensuring that only valid signed code can run at boot, RTFA and you'll see it's intended to stop rootkits etc. It has no bearing whatsoever on their support (or lack of) for legacy code.
I initially assumed you were a shill, but looking at your post it seems you are instead very pro-MS but willing to discuss other topics. So I'll just call you misguided instead!
Um, have you actually read this?
I can't help feeling you haven't actually read the article.
Microsoft are explicitly saying that OEMs won't get the shiny sticker unless both the orthodox way (no bootloader signing) and the new way (add your bootloader's keys to the firmware) of installing other operating systems are supported. What they are insisting on is that machines shipping win8 do things the new way by default.
If it's the whole idea of signed bootloaders you're objecting to, the UEFI forum published that spec in April 2011, and no one complained either before or after.
In terms of lockdown, the ARM stuff is much more restrictive (apart from the fact that MS only has a couple of percent market share so isn't a monopoly in any way)
"2 - Apple does not in any way prevent the installation of other OS on the hardware they produce."
Ummmm yes they do.. which is why you have to jailbreak their devices.
Anyone trying to run Linux on an iDevice is doing so for the lulz
or they would have bought an Android of comparable specs.
The cause of most of Microsoft's problems is Microsoft. They're arrogant, pushy, dictatorial and demanding. If you are an older PC computer user, then you contributed to their profit margin whether you used their software or not. They used to say, "Oooh, those 'pirates' are stealing our DOS operating system, we need the rest of the community to compensate us!" Consequently if you bought an MB or a CPU, M$ "taxed" you for it. Which, in turn, encouraged "piracy," since, why buy another copy from M$ when you had already PAID for one.
Sorry but MS created their monopoly largely through creating a dependency trough legacy support. That's the whole reason many people use their junk. You can't just turn that off and expect people to be happy.
He's talking about computer. Osx devices are completely open for any OS. iOS devices aren't but the same can be said about many mobile devices.
Re: Anyone trying to run Linux on an iDevice is doing so for the lulz
I have an iMac G5 running Fedora. I installed that because OSX kept failing to boot.
Eventually, I found that it is complaining about a fault code (from the PSU, I believe). Shaking it hard enough gets it to boot eventually - at which point it is perfectly stable. But Fedora was much easier to get going...
Ok so your buyinng...
a AMD CPU and ASUS MOBO..... AMD and ASUS are giving money (or used to) to microsoft......
now let's the proof of that ridiculous and groundless acusation? buying a OEM computer with windows or dos on it IS NOT the same as buying the parts.... the later will NOT result in ANY MONEY been given to Microsoft UNLESS THE END USER BUY A COPY OF WINDOWS/DOS
Standard Microsoft tactic... fear, uncertainty, doubt. I saw precisely the same thing happen over OpenGL in Vista (the FUD was that it wouldn't work or be supported). In the end, it'll work fine and it'll be easy to do.
I'm not anti-Microsoft by the way - in fact I love Windows 7 and will almost certainly get Windows 8, but you know, I'm quite long in the tooth now and have seen it all before!
Embrace, extend, extinguish
Only, I don't think it's going to work in the days of pervasive interspazz. We'll see.
Is that some kind of universal person of diminished mental capacity?
Explains the popularity of Hollyoaks, X Factor, Facebook, etc, etc, etc.
No it's an emo band from Stoke on Trent.
Do you SERIOUSLY believe people install Linux because "it's easy". Anyone who chooses to install a new OS or reinstall an old OS does so with a little bit of knowledge, and entering the "BIOS" or "UEFI" setup is not a major technical series of steps that is going to stop them.
I understand there are competition concerns about secure boot, but at least find a defensible argument, not something stupid like "linux is user friendly"
Yes - I install Linux because it's easy.
I can take a disk, plug it in, boot it - and it works. Then, once it's up, I can mess around to my heart's content. It automatically sets up a dual-boot on a Windows box,. too.
If I have to somehow mess about with BIOS settings (which might also stop my Windows working) then it's one extra bit I frankly don't want to have to do.
Linux IS user friendly these days. Anyone with half a brain can install it.
both my (divorced) parents (both 70 years old) use linux for exactly that reason (moved from Ubuntu to Mint now though) because it is easy to install and use and if it seriously screws up (which has only happened to one of them once) I can get them to reinstall it themselves very simply.
I suspect I will find it a lot harder to talk them through installing secure boot keys through the bios or whatever proprietary interface is provided with their own particular hardware.
Missing the point there I think.
To me it reads as "It'll make it harder to install Linux which may put them off" which is very different to saying people install linux _because_ it's User Friendly.
Sadly, not everyone who does a (re)install does so with that little bit of knowledge. Some see how much it'll cost to get a techy to do it and then just chuck the install disc in themselves. Whether these types would actually be trying to install Linux is another thing, but it'd certainly put them off!
Find someone not very techy you know, and try explaining the concept of Public and Private keys to them. But do it in the crappy language that OEM's will use (if they publish anything), they might understand it but they will probably also be happy to confirm that they'd go out of their way to avoid it if possible.
Trolling? Not much!
When's the last time you booted a runtime Linux distro off a CD? 2002? I think you'll find there are less steps installing a copy of Ubuntu or better still Linux Mint, than there are to installing Windows these days.
"Anyone with half a brain can install it."
"Linux IS user friendly these days. Anyone with half a brain can install it."
And only someone with half a brain would _want_ to install it.
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- It's true, the START MENU is coming BACK to Windows 8, hiss sources
- Google embiggens its fat vid pipe Chromecast with TEN new supported apps
- Pic NASA Mars tank Curiosity rolls on old WET PATCH, sighs, sniffs for life signs
- Microsoft: Don't listen to 4chan ... especially the bit about bricking Xbox Ones