back to article Why Windows 10 on Raspberry Pi 2? Upton: 'I drank the Kool-Aid'

Today Microsoft and the Raspberry Pi Foundation announced that Windows 10 will run on the new Raspberry Pi 2. But why? The Register spoke to Pi founder and CEO Eben Upton. “We’ve had people queuing up and saying they want Windows, the whole time,” says Upton. “I think there’s a sense that 'you’re a real PC' if you run Windows …

Page:

          1. Peter Gathercole Silver badge

            Re: Security??? @AC re Apache and IIS

            I think that you are deliberately blurring the distinction between an operating system and an application in a repository, particularly in the Open Source world.

            Just because something appears in the repository for a particular OS does not mean that it forms part of the operating system! If it did, then you could imply, by applying reductio ad absurdum, that everything in the Apple App store or Google Play is part of IOS or Android respectively.

            What Redhat, Cannonical, SuSE, Debian et. al. do when creating a repository is take a package which has an open or permissive licence, and compile it to run on their distribution. They take ownership of the port and packaging, but pass any security, functionality or performance problems upstream to the package owner. And in some parts of the repositories, there are community maintained packages where the Distro maintainer does even less!

            So in the case of Apache, problems that have nothing to do with the build process will be passed to the Apache Software Foundation, not owned by the Distro organisation.

            You were correct in pointing out that my analogy with IIS was actually not a good one though, because with IIS, the owning organisation is the same as the owner of the OS.

            I don't think that was your intention, however!

            1. Anonymous Coward
              Anonymous Coward

              Re: Security??? @AC re Apache and IIS

              "Just because something appears in the repository for a particular OS does not mean that it forms part of the operating system! "

              How about if it's on the DVD? The default install?

              1. Peter Gathercole Silver badge

                Re: Security??? @AC re Apache and IIS @AC again

                Plain and simply, no it doesn't.

                Same issue. The CD/DVD is just a local extract of the repository. And I'm not too sure how many distros have Apache on the install CD/DVD. Desktop releases of Ubuntu don't.

                To put this in context, LibreOffice is on most distro media, and that is not part of Linux. Similarly Firefox.

                You've still not understood what Open Software is about.

      1. I don't have a handle

        Re: Security???

        "You are out of date. Windows is a long way ahead of Linux there. Just look at website defacement stats and then divide by market share. You are far more likely to be compromised these days running a Linux server stack than a Windows one."

        That actually made me laugh: "Just look at website defacement stats and then divide by market share".

        I can't decide if you are a shill, a comedian or just unbelievably naive. (Hopefully you were aiming for comedy).

      2. sisk Silver badge

        Re: Security???

        Just look at website defacement stats and then divide by market share. You are far more likely to be compromised these days running a Linux server stack than a Windows one.

        And here I thought that particular breed of ignorance was extinct in this day and age. Here's an education: OS and even web server software are pretty much non-issues for website defacement. Every major web server software, be it IIS, Apache, NGinix, or any of the various Java based servers (ie Tomcat) can be locked down so tight that the NSA would be jealous of their security.

        When you actually dig into the statistics and look at how the attacks were accomplished it turns out that almost all of them came in either through a misconfiguration or through SQL injection. In other words bad administrators and web developers are to blame, not the OS or application.

        1. Anonymous Coward
          Anonymous Coward

          Re: Security???

          When you actually dig into the statistics and look at how the attacks were accomplished it turns out that almost all of them came in either through a misconfiguration or through SQL injection"

          A quick search shows that you are wrong. Most of them were Linux OS compromises. See www.zone-h.org/news/id/4737

          1. Androgynous Cupboard Silver badge

            Re: Security???

            A quick search shows that you are wrong. Most of them were Linux OS compromises. See www.zone-h.org/news/id/4737

            That's a four-year-old article. Got any recent truthiness to cite?

            1. sisk Silver badge

              Re: Security???

              A quick search shows that you are wrong. Most of them were Linux OS compromises. See www.zone-h.org/news/id/4737

              Perhaps you should read the article in its entirety. And I quote...

              We were talk­ing about local ker­nel exploits, but the first prob­lem is in the web­site code.

              From the results one out­come is clear – code devel­oper teams and web­server admins are still liv­ing in two dis­tinct worlds. And if some­thing is not work­ing prop­erly, their answer is that this is most likely the other side’s fault. While this “fight” con­tin­ues, the deface­ment count still grows up.

              And also, as Androgynous Cupboard pointed out, that article is very out of date. It's a 4 year old article discussing a Linux kernel vulnerability from 7 years ago.

            2. Anonymous Coward
              Anonymous Coward

              Re: Security???

              Not only is that article four years old and its statistics largely irrelevant to applications other than web servers, it admits that the most used exploit in question came from a bug that had been fixed some years previously but accidentally re-introduced before rapidly being corrected again.

              Not mentioned in the article was that the error in question was exposed when you ran a particular 32bit Linux app under a 64bit Linux OS.

              Now, I don't know about you, but I'm hoping that the chances of that particular set of circumstances occurring again ought to be small.

              Whereas at least one other OS vendor still seems to be shipping code that has been broken for years, despite multiple claims of thorough code reviews, judging by the number of patches that go back to XP and occasionally beyond.

              1. Anonymous Coward
                Anonymous Coward

                Re: Security???

                "Not only is that article four years old and its statistics largely irrelevant to applications other than web servers, it admits that the most used exploit in question came from a bug that had been fixed some years previously but accidentally re-introduced before rapidly being corrected again."

                But it still resulted in millions of websites being compromised. Just like the number of recent critical Linux vulnerabilities have probably also resulted in...

                1. Anonymous Coward
                  Anonymous Coward

                  Re: Security???

                  "But it still resulted in millions of websites being compromised. "

                  It certainly did when there was a brief reversion that reintroduced the bug and a rash of defacements having fun.

                  Whereas the recently-fixed MS bugs that go back unfixed as far as XP (e.g. JPG handling, again?) have been out there unfixed for how long? Affecting

            3. Anonymous Coward
              Anonymous Coward

              Re: Security???

              "That's a four-year-old article. Got any recent truthiness to cite?"

              Does being 4 years old make it any less truthful? Got any more recent anything to cite?

          2. Peter Gathercole Silver badge

            Re: Security??? @AC re Linux OS compromises

            The cited defect in the Linux kernel is actually a privilege escalation issue.

            Now I know that I don't know the full details of the way that this was used, but I would suspect that it is not a remote vulnerability. Looking at it, it appears that in order to exploit it, you need to be able to have a local user session on the system, which implies that the first point of security has already been breached. Looking at the stats, this is probably because of lax user or password administration or issues with input validation of data in web pages.

            Indeed, the quoted stats. appear to show that the highest vector for attack is a file inclusion, with the second highest being an attack against the administrator like password stealing or sniffing.

            So if web site owners tightened up their code ad administration practices, even if the bug still existed, it would not be nearly as important.

            Anyway, the public aspects of the Zone-H web site appear to show that it is not frequently maintained (only two news items in 2014), although there may be more information to logged in users, so it's probably not that creditable source of information.

      3. Anonymous Coward
        Anonymous Coward

        Re: Security???

        "Just look at website defacement stats"

        You're not still quoting that stupid blogpost from some bloke who turns out to be MS Director of Trusted Computing or something like that are you?

        Sorry, can't remember the details right now, can't find sufficiently unique keywords to find my posts on here about it either. Reminders welcome.

        Anyway, amazing though it may seem, there is actually more to computing than running a webserver.

    1. dogged

      Re: Security???

      > Ok, admittedly MS has made huge strides on improving their security, but they're a long ways from security being a reason that you choose Windows.

      It's getting close though and you have to admit that Windows has the largest attack surface. How many billion Windows installs are out there? That anyone can install software on (without a walled garden)?

      The most secure OS is probably some dodgy port of AmigaOS used by four people in a lab somewhere but I thought we'd all agreed that security via obscurity was a stupid idea.

      1. Kevin Fairhurst

        Re: Security???

        It *was* the most secure... but someone wanted to play a copied version of SWOS, and they're infected with a bootloader now :(

  1. Ragequit
    Joke

    Security...

    Well in this case maybe he's right. After windows 10 is loaded there won't be enough ram left to load the latest malware platform...

    1. Dan 55 Silver badge
      Joke

      Re: Security...

      You mean there won't be enough RAM left to load the malware, the latest malware platform is Windows 10. See, MS have finally made Windows secure at last by removing the memory.

    2. Anonymous Coward
      Anonymous Coward

      Re: Security...

      "After windows 10 is loaded there won't be enough ram left to load the latest malware platform..."

      If it's anything like Windows Phone compared to Android, then the Windows version should need less RAM and run faster.

  2. adnim Silver badge
    Linux

    Not a problem

    As long as one has the freedom to remove Win 10. Why all the bitchin'?

    MS lubbers can lube for the shafting, whilst those with a clue will do whatever they want.

    Linux aint OS to the gods, it's an OS for those with a clue..... Perhaps El Reg should change the mouse over description.

    1. Yet Another Anonymous coward Silver badge

      Re: Not a problem

      >As long as one has the freedom to remove Win 10. Why all the bitchin'?

      The raspberryPi was aimed at schools.

      It was aimed at fixing the problem that CS in schools is now click on icon in Word to bold a word.

      It was aimed at the; it is a offense to touch the school PCs without explicit permission, it is a violation of the schools service contract to do anything on the PCs not aligned with keystage 2 subsection 3 para 4 of the people's central curriculum.

      So Microsoft make a few phone calls to their friends in government to "develop enhanced curriculum support" - and all those Pi in schools are suddenly limited to running Internet Explorer to access Office365 to click on an icon in Word ....

      1. adnim Silver badge

        @YAAC Re: Not a problem

        I didn't think that all Rpis would come with Win 10 as standard. Is this the case?

        If so then Rpi is just a crock.. don't educate.. enslave.

        Like some bank ads (don't see enough ads to remember which bank) for computer programming.... Drag and drop this icon here and type plain English into this box... Congratz you are now a computer programmer.

        If the teachers haven't a clue.... And they won't have in a generation or two because they will be brought up on this bullshit, neither will the kids..

        I can't code in assembler. Too much thinking and hard work, maybe I ain't smart enough.

        Anything less than assembler/machine code is bending to another's will. It's yet another layer of abstraction from what is really happening. Another layer of wool over their eyes.

        Unfortunately those that are responsible for the curriculum and the education of our children haven't a clue now let alone in a generation or two.

        1. Yet Another Anonymous coward Silver badge

          Re: @YAAC Not a problem

          The point of the RPi was to get back to the BBC micro/Sinclair days when kids (who frequently knew more than the CS teachers) could play with the machines, have machines at home, discover things for themselves, break things and above all LEARN.

          Now a combination of factors has led to useless IT lessons with students basically being told to fear the locked down Windows PCs and doing anything outside the lesson plan is at best a fail and worse cyber-terrorism.

          Not all the kids will program in assembler or rewrite the kernel, but some will.

        2. wallaby

          Re: @YAAC Not a problem

          "don't educate.. enslave"

          PMSL

          the world CHOOSES Windows for 2 main reasons,

          1) most people dont care how a computer works they just want to use it.

          2) for me its mainly because of the vocal minions in the Linux community - there is nothing clever in making something complicated just because you can - click a button or type lines of case sensitive code to make something happen - give me the button every time.

          The Linux community are the most unwelcoming arrogant bunch I have ever come across - I had a need to run Win 95 on a linux platform as a VM, I asked for help online and all I got was "why the hell would anyone...... M$ *&$!"$!"%" - BECAUSE I WANT OR NEED TO THATS WHY !!!!

          I ask a question on an MS forum and (apart from the ones who always state the obvious) I usually have a sensible reply in a short time.

          I bought a Pi because I wanted to learn, instead I got something that didnt work out of the box without me modifying my config file in my Win 7 laptop first. A platform that updates itself before it will let me in, not download the files in the background and then apply on reboot, and a platform that has commands that are so unforgiving they have to be in the right case, in the right place etc. etc.

          You want people to embrace Linux - try getting of the high horses and actually help people, if your product is that good constant badmouthing the opposition wont mean a damn - and boy do I mean constant.

          Ive been into PC's since the first ones hit desks early 80's, Ive always tried to make life easier for the people I support, and not once in all that time have I derided them for asking a question - cant say the same about every question Ive asked about Linux.

          1. Pookietoo
            FAIL

            Re: Ive been into PC's since the first ones hit desks early 80's

            You don't like Linux because it's not like DOS, and you can't find the apostrophe key.

          2. Richard Plinston Silver badge

            Re: @YAAC Not a problem

            > a platform that has commands that are so unforgiving they have to be in the right case, in the right place

            It sounds like you wouldn't cope with modern computer languages either. You should stick to COBOL - that is case insensitive, though you do have to put stuff in the right place (such as columns 7, 8 and 12 and not beyond 72).

          3. JamesTQuirk

            Re: @YAAC Not a problem

            Is it because a Linux user READ's the MANUAL ..... While windows users wait for a icon or IT to show them ? If U Had installed WINE in your linux it would run Win95 Software, no real need for original, really, but I do keep a VM of it, myself, Cause I am still maintaining software & machines I sold in 80's & 90"s ..

            I have 1 who is still using SuperBase on Commodore 64, it's what he knows, & he refuses to change, and maybe that's the problem .... People stuck in their ways, refusing to learn NEW things, or spend more money on equipment ....

            Linux Users on "High Horses", OMG, maybe it's the maniacs who keep throwing money @ MS & MaCrapple to solve problems by building a huge OS to cover EVERY possible user need, while Linux user's who just install what they need ... We don't need a 3d dancing paperclip with tits to keep us company while CONTINOUSLY update, scan for virus&malware, we know were our files are, we know what we are doing, we do not need Microsoft trying to own our hardware by it's OS ...

        3. d3vy Silver badge

          Re: @YAAC Not a problem

          Its Barclays.

          And actually if you tried what they are suggesting rather than bashing it because *you* dont understand it then you would know that what its teaching kids is how programs are structured - what a loop is, what logic statements are, how events work - without requiring the kids (6-7 year olds) to remember the syntax.

          Whats easier for a 7 year old - the orange block with a loop arrow in it and a box to type a number or drop a variable block - or :

          for (int i = 0; i < 10; i++){}

          The idea isnt to teach kids to program - its to get them interested, to give them the knowledge that underlies programming that they can then take forward. Same as maths or any other subject, they are taught the basics, the building blocks.. a foundation for further learning.

    2. Richard Plinston Silver badge

      Re: Not a problem

      > As long as one has the freedom to remove Win 10. Why all the bitchin'?

      Current Windows RT (Windows on ARM) devices are _required_ to be UEFI locked without the option to unlock them.

      1. Cynic_999 Silver badge

        Re: Not a problem

        Surely the UEFI is on the SD card? So you just replace the SD card with one loaded with whatever OS you like.

        1. Richard Plinston Silver badge

          Re: Not a problem

          > Surely the UEFI is on the SD card? So you just replace the SD card with one loaded with whatever OS you like.

          On current computers the UEFI is in ROM and switching the disk does not replace it. That does not mean the the Pi will implement UEFI in ROM, nor that they will make it locked.

          Apparently a cut-down version of Windows already runs on the Galileo Board in some crippled way (no display). Microsoft have said that on the Pi it will be 'similar to other boards'.

          1. werdsmith Silver badge

            Re: Not a problem

            A lot of guessing going on here.

            1. James Hughes 1

              Re: Not a problem

              Indeed. There isn't any way of embedding a boot loader on Pi, it just doesn't work like that.

              Pi's come with NOTHING installed. You then install what OS you want on an SD card. There is no possibility of MS lock in here.

        2. Peter Gathercole Silver badge

          Re: Not a problem @Cynic

          UEFI is a BIOS replacement. It will always be in the ROM/Flash memory as a first stage bootstrap.

          If you have the part of UEFI hard-coded so that only allows booting of a cryptographically signed OS from the media (and this is what WindowsRT mandated, it would not boot if UEFI was configured to be more relaxed), then you've got a chicken-and-egg situation where you can't break in to run another OS.

          Microsoft insisted that WindowsRT systems were locked down like this because they did not want someone buying a Surface, and showing how well Android would run on the rather nice hardware.

          As discussed before on these forums, the consensus is that one of the distro owners should provide a UEFI complient cryptographically signed Grub that could be booted to break the straight-jacket that was being planned by the Trusted Computing Group, or whatever it was last called.

          A locked UEFI on a RiPi would be a complete disaster.

    3. d3vy Silver badge

      Re: Not a problem

      "As long as one has the freedom to remove Win 10. Why all the bitchin'?"

      Remove it from what exactly? RPis dont come with an OS... Christ, they dont even come with the memory card required to load the os onto...

      So what people are complaining about is being given the choice to run windows if they want to...

      Those bastards at microsoft... letting me choose an operating system for my hardware...

      1. Richard Plinston Silver badge

        Re: Not a problem

        > So what people are complaining about is being given the choice to run windows if they want to...

        The RPi does not 'run Windows' in any way that would be generally understood. There is no 'launcher', no menu, no OS screen. What MS supply is the ability to run a [single] 'Universal app' on RPi as long as you have a full Windows 10 PC to develop that on and load it into the RPi.

  3. Anonymous Coward
    Anonymous Coward

    Ok, as long as I can write services, I can access it using RDP, and I dont have to put everything through as a Windows Store apps, I might be interested.

  4. Stoke the atom furnaces

    Windows 10.

    When you look at the dark side, careful you must be... for the dark side looks back.

  5. Teiwaz Silver badge

    You're a real PC if you run Windows.

    In my experience a depressingly common perception among many...

    Good for the Raspberry, they'll see an increase in Sales provided they sell an option to pre-install (and please please make it only an option).

    Subsequently an increase in customer complaints unless MS actually ensures their Arm variety can do everything their regular version can, 'cause most of the 'real pc = windows' customers won't understand why they can't do X, install X or run X when their laptop can.

    1. James Hughes 1

      Re: You're a real PC if you run Windows.

      AIUI, this Win10 is the IoT version, so command line kernel stuff only, no desktop.

      But I'll find out more this evening...!!

      1. Teiwaz Silver badge

        Re: You're a real PC if you run Windows.

        Sounds like some sort of zen. Windows without windows.

        Sounds fine for the IoT applications, the putterers and tinkerers if this is the case, but it's be a bit hardcore (no, not that kind) for the cherished offspring of Mr & Mrs 'real PCs run windows' should they decide to fastrack their childs IT education with one. They'll not windwoo many outside industry with that.

        The Penguin is laughing now, "see this is why the ui is separate from the OS."

        1. Yet Another Anonymous coward Silver badge

          Re: You're a real PC if you run Windows.

          If it is just the .Net Compact Framework then there is very little point, I can do that on an Netduino already with 1 core and 256Mb of memory.

          If they needed quad core and 1Gb it has to be a decent tablet-esque version with a display, network keyboard etc etc - even if it can't host visual studio 2013.

      2. Anonymous Coward
        Anonymous Coward

        @James Hughes 1 - Re: You're a real PC if you run Windows.

        And no Secure Boot ?

      3. dajames Silver badge

        Re: You're a real PC if you run Windows.

        AIUI, this Win10 is the IoT version, so command line kernel stuff only, no desktop.

        No, AIUI it will be graphical ... but probably Metro and store apps rather than a desktop.

        As it says in the article:

        Although the desktop might not be available, the Windows build will support visual applications. “It is a headed device, HDMI primarily at the moment but then LCD panels in due course".

        So, still not really Windows as most users understand it, then.

  6. thx1138v2

    What's in it for MS?

    They get all of those young hearts and minds. Remember that the Pi was originally developed to get school children interested in computing and thus developed contacts in the schools. So MS gets to take advantage of those contacts.

    Back in the day, Apple was giving their early versions to schools free of charge to get the youngsters familiar with their system before they ever got into the working world where corporate computing was happening. This is, essentially, the same marketing technique on the Pi.

    "The pitch from Microsoft is they’ve got great tooling to get it started..." Sure and a great marketing opportunity with the marketing channel already opened up by the Pi developers. And the opportunity to get the kids started on using their development tools.

  7. Anonymous Coward
    Anonymous Coward

    Although the desktop might not be available

    All you need to know right there. This isn't Windows 10, it's Windows 10 kernel, and a huge publicity stunt....

    Even Windows 10 on the desktop is getting downgraded. I wonder how many Windows 7 upgraders will be miffed about the loss of Aero....

  8. Anonymous Coward
    Anonymous Coward

    Trying to keep Windows relevant. The ARM version being especially unpopular.

  9. sorry, what?
    WTF?

    "There is nothing to touch Visual Studio"

    #sigh# I do wish people would stop saying this sort of thing. As an IDE it is so last century. Try something that actually does a good job of supporting modern software development, like IntelliJ IDEA. Then you'll see that VS is really old hat.

    1. Richard 12 Silver badge

      Re: "There is nothing to touch Visual Studio"

      Qt Creator is also considerably better than Visual Studio.

      Infinitely better if you want to go cross-platform, whether Qt or pure C++. (Kits are awesome)

      The MS C++ compiler is great for Windows, but only Windows.

      Pretty much every developer knows that Windows is the wrong OS for IoT - too expensive in terms of hardware, development tools and per-unit licence costs.

      Presumably this is MS' attempt to change that, but unless they become free they will fail.

      IoT is low margin, high volume. That's the point!

      I can do embedded Linux and RTX development for the cost of the hardware alone, and while I'm happy to pay extra for developer support, the key feature is that the resulting product has a zero cost licence.

      For a device that has a total hardware cost of under $30, a $50 licence is laughable, and even $5 is unrealistic.

      Enclosure or Windows? I pick enclosure.

  10. Anonymous Coward
    Anonymous Coward

    " I’ve drunk an enormous amount of Kool-Aid by the sounds of it"

    Hmm yes.

    Anyways, if Microsoft stick to treating the Pi as a device to port embedded applications to only, and Eben Upton makes damned sure they stay well away from the key reason he claims for starting the Pi - kick-starting proper CS training in schools - then maybe he hasn't made a big mistake.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019