back to article Linux Foundation ships UEFI Secure Boot workaround

The Linux Foundation's open source workaround for Unified Extensible Firmware Interface (UEFI) Secure Boot has shipped, and while it's not necessarily the easiest way to boot Linux on UEFI-enabled PCs, its authors claim it should now work with any bootloader and any distribution. The Linux community was first alerted to …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    "But Linux enthusiasts observed that some OEMs were actually disabling the Secure Boot switch in their firmwares, leaving customers with no way to turn it off (and thus, no way to boot Linux)."

    Dear Auntie Reg,

    Please list those manufacturers so I can decide where I spend my money.

    Hugs and Cookies.

    1. Anonymous Coward
      Anonymous Coward

      I'm pretty sure these are the sorts of OEMs who would rather not receive loads of support issues from Linux newbies complaining about XYZ not working.

      The whole "designed for Windows" sticker regime seems to suggest that is their thinking.

      1. ElReg!comments!Pierre Silver badge

        @ AC 20:56

        "I'm pretty sure these are the sorts of OEMs who would rather not receive loads of support issues from Linux newbies complaining about XYZ not working."

        Yes, because everytime your copy of VirtuaGirl has a glitch you call Dell customer support to complain about it, do you? Kids these days...

        1. kain preacher Silver badge

          Re: @ AC 20:56

          You mean like people who call their ISP when the get a virus or when they forget their windows logon password. People would call Dell to fix silly issues they created them self's.

      2. Anonymous Coward
        Anonymous Coward

        Designed for Windows? ..

        'The whole "designed for Windows" sticker regime seems to suggest that is their thinking`

        Do you think the UEFI issues are part of some machiavellian strategy out of Redmond ?

        1. Suricou Raven

          Re: Designed for Windows? ..

          "Do you think the UEFI issues are part of some machiavellian strategy out of Redmond ?"

          Actually, yes. This is Microsoft we are talking about. Considering the company history of lock-in and dubious business practices, would you put it past them?

      3. John Bailey
        Boffin

        "I'm pretty sure these are the sorts of OEMs who would rather not receive loads of support issues from Linux newbies complaining about XYZ not working."

        To which the tech support Muppet replies..

        "I'm sorry sir, we only support the originally installed OS on your machine". End of call. No further action necessary. Problem solved.

        "The whole "designed for Windows" sticker regime seems to suggest that is their thinking."

        Is that like Vista capable?

      4. Anonymous Coward
        Anonymous Coward

        "designed for Windows"

        I got one of those off a second-hand laptop. It now adorns the lid of our wastebin

    2. Anonymous Coward
      Anonymous Coward

      What a surprise

      MS lets the dust settle then quietly whispers in OEMs ears that they will get a discount if there is no secure boot off in their BIOS. In 12 months time rocking horse shit will be easier to find than a BIOS with a secure boot flip switch

      "Everything is proceeding as I have foreseen" says MS

      Well time for for an EU anti trust kicking MS.

      1. This post has been deleted by its author

      2. Crazy Operations Guy Silver badge

        Re: What a surprise

        Except that Microsoft has mandated that the switch to turn off SafeBoot is a required to pass the 'Designed for Windows 8' certification. The worry is Mother Board manufacturers that don't give two shits about MS's certifications and push out boards as soon as they can (looking at you Asus).

        1. WonkoTheSane Silver badge
          Headmaster

          Re: What a surprise

          Actually, MS certification requirements state that the Secure Boot off-switch is required on x86 devices and PROHIBITED on ARM devices (like the Surface).

      3. This post has been deleted by its author

      4. dajames Silver badge
        Windows

        Panic ye not!

        MS lets the dust settle then quietly whispers in OEMs ears that they will get a discount if there is no secure boot off in their BIOS. In 12 months time rocking horse shit will be easier to find than a BIOS with a secure boot flip switch

        Fortunately that's not going to happen, at least on PCs. The ability to turn off Secure Boot is actually a requirement for Windows 8 compatibility certification on x86.

        Not least, I suspect, because a licence for Windows 8 Professional (and up) allows the user to run Windows 7 instead ... and Windows 7 isn't signed, so you wouldn't be able to do that with Secure Boot enabled.

        There's also the fact that if Microsoft say that turning off Secure Boot has to be allowed, nobody can really complain that they're using it to lock users in to Windows.

        Note that on x86 Microsoft don't make the hardware themselves. On Arm it's a different matter ... Microsoft don't want you buying their nice (?) new surface hardware and running Android on it. I might be able to understand and even forgive that attitude if surface was competitively priced.

        1. Crazy Operations Guy Silver badge

          Re: Panic ye not!

          Windows 7 is signed with Microsoft's private keys and would be allowed to run under SecureBoot, XP, Vista, Server 2003, 2008, 2008 R2 will all also run under SecureBoot.

          1. Anonymous Coward
            Anonymous Coward

            Re: Panic ye not!

            @Crazy ops guy: Windows 7 isn't signed and doesn't support secure boot. In order to boot it and all the other Windows versions you mention, secure boot must be switched off.

            That said, I'm pretty sure 2003 and XP don't even boot on UEFI, not sure about Vista and 2008 though.

    3. Zola
      Meh

      Acer: could be better

      I've got several Acer Aspire One 725 netbooks here (AMD C70 based) and while it's not possible to disable Secure Boot in the UEFI BIOS, you can select a "Legacy BIOS" mode - better than nothing, but not ideal.

      1. Anonymous Coward
        Anonymous Coward

        Re: Acer: could be better

        I thought the whole ethos of OS centred around sharing your findings... so had naively assumed that there would be somewhere on the net a list of Linux-friendly computers (in this example, those in which this UEFI Secure Boot feature can be disabled, but also taking into account certain Intel CPUs that Intel say are for Windows only) maintained by Linux users for Linux users. If there isn't, then you should start one- it would be a more helpful approach then hunting for scraps from mainstream tech sites.

        Under the Distance Selling regulations, you can try a laptop for yourself, and sand it back for a refund if it doesn't do what you want it to.

      2. itzman

        Re: Acer: could be better

        since linux effectively doesn't use the BIOS once it has booted, what's the problem with a 'legacy bios'?

        Gone are the days when yo ran an OS on top of a bios that actually did something useful.

        Its now just a way to boot..

        1. boltar
          Unhappy

          Re: Acer: could be better

          "Its now just a way to boot.."

          Unfortunately a lot of people are of the mind that the BIOS should be a mini OS. I have no idea why - if I want to use the computer I'll load the real OS thanks. The same thinking seems to be inherent in the design of grub. Lilo was nice , small and did what it said in the tin - booted Linux - and not much more. Grub on the other hand is on its way to becoming a small OS in its own right and all that does is make it more complicated for 99.9% of users.

    4. tom dial Silver badge

      Fail

      If I read the Microsoft documentation correctly (and it has not been revised), Windows 8 certified x86 compatible systems must allow the owner to disable secure boot. I am no fan of Microsoft in this matter, but the blame in such cases should be directed to the hardware manufacturers.

      And yes, please out those manufacturers providing unsuitably locked-down boards.

      1. Neil Barnes Silver badge

        Re: Fail

        @Tom Dial - requiring the ability to allow the owner to disable secure boot would not, I think, preclude the only method of doing that to be, for example, a windows-only application.

        For the record: the Acer V3-771 allows the secure function to be turned off, and Mint 14.1 works nicely with it.

        1. Anonymous Coward
          Anonymous Coward

          Re: Fail

          @Neil Barnes - The whole point of UEFI secure boot is that it can't be enabled or disabled by the OS, that would mean that some dodgy software would be able to switch off secure boot and install a bootloader, defeating the whole point.

  2. Anonymous Coward
    Anonymous Coward

    gummiboot at last

    This is good news.

    It makes it possible to secureboot with gummiboot directly to linux.

    And the door is open to manipulating the PK obviating 3rd party revocation lists.

    On my Lenovo laptop there seems to be the option of installing ones own PK. Understandably I haven't had to courage to go there yet, especially because of the difficulty I had just to get UEFI booting the damn thing. There were quite some CMS/UEFI settings mismatches.

    What would be great news would be an qemu uefi sandbox for playing these configuration games.

  3. Anonymous Coward
    Anonymous Coward

    Wouldn't it be so much easier just to switch to a non-GPL'd bootloader to allow one to actually sign your own software? It's toxic anyway.

  4. ElReg!comments!Pierre Silver badge

    Re: sign your own software

    Oh, you can sign your own software allright. The thing is, it needs to be signed _by Microsoft_ to work with Secure Boot UEFI. That's not a GPL issue.

    1. Oninoshiko

      Re: sign your own software

      strange...

      The latest machine I got seems to have the ability to install new keys... like a key I generate myself... and I use to sign a bootloader...

      Not that I had to use that feature to boot linux on the thing (just disabled SecureBoot). I'll admit I haven't played with that feature yet, but if it works as described, I'll consider it a win.

    2. Anonymous Coward
      Anonymous Coward

      Re: sign your own software

      Signed by Verisign you mean, do keep up.

    3. Anonymous Coward
      Anonymous Coward

      Re: sign your own software

      No, it's a GPL issue. Anyone can add keys, assuming you're not buying from one of the aforementioned OEMs who lock down UEFI's Secure Boot options (which is actually a breach of the Windows certification - the options have to be left open, allowing both custom mode [adding your own keys] and turning it off entirely).

      The problem is GRUB, as GPL software, cannot include baked-in keys. The GPL explicitly precludes one from distributing a binary-only version of the program with the secret key baked in. The only "proper" way to meet the requirements of the GPL and UEFI would be to provide a signed bootloader binary, while also providing the plaintext sourcecode, revealing the private key to all and sundry, of course making it utterly worthless. Were software authors using a more permissive license, they would be fully able to publish the bulk of the source code without a key, and provide a signed, official binary compatible with secure boot - even one signed with MS's keys to make the whole thing seamless for non-savvy users.

      And, strangely enough you'll find this is exactly the approach taken by both the shim method and Fedora's method. Neither are distributing their bootloaders' source code with the keys included.

      And you know what? At the end of the day, signed binaries are quite nice to have.

      1. Anonymous Coward
        Anonymous Coward

        Re: sign your own software

        Thank you for this. A perfect explanation of why the GPL is a dangerous license that directly attacks user security.

        1. Anonymous Coward
          Anonymous Coward

          Re: sign your own software

          Of course, in an alternate world controlled by Tivo, user freedom is hampered by key signing. Here, the GPL is effectively bypassed by distributing full source code, but not allowing a user to run any modified version of said software on a system by only allowing 'verified' signed software to run. Now my shiny box is impossible for me to hack on. I can't fix bugs in the software I am running, I can't add new features, I can't test new versions of the code and contribute them upstream. All of these freedoms are removed by the need for a key I can't get my hands on.

          Naturally, I can peruse the source code like a novel, enjoying the wit and competence of those who have written the original source and admiring the beauty of their indentation. But that is a very weak freedom compared to the freedom to hack.

          The GPL exists to grant freedom. The need for a private key you can't have is an obvious roadblock to this freedom. What security do you imagine is granted by a binary blob signed by someone you presume to trust that is not granted by a hashed source tree and a verified toolchain?

          I certainly fancy my chances more with the latter.

          1. Anonymous Coward
            Anonymous Coward

            Re: sign your own software

            @AC 09:54:

            I don't think you understand how UEFI Secure Boot works.

            1. Anonymous Coward
              Anonymous Coward

              Re: sign your own software

              @ac 12:26 - He's in the majority then, about 90% of the comments here suggest an utter lack of understanding of what UEFI is and why it's needed.

              Comments like: "Switch secure boot off in the BIOS" are far too common for a supposed technical web site.

        2. TiddlyPom
          FAIL

          Re: sign your own software

          GPL is *dangerous* - oh yes it certainly is (especially GPL V3 which protects against software patents) as it protects the open source community from self-serving corporations like Microsoft, Apple or Oracle who would like to subvert/destroy open source projects by embrace/extend/extinguish. The GPL protects the community and so ENHANCES user security! Anybody who relies of security by obscurity is asking for trouble - that is how public key encryption first came about - the more people know about the METHOD of security, the more that method can be checked for flaws by the community.

      2. dajames Silver badge
        Boffin

        Re: sign your own software

        The only "proper" way to meet the requirements of the GPL and UEFI would be to provide a signed bootloader binary, while also providing the plaintext sourcecode, revealing the private key to all and sundry, of course making it utterly worthless.

        I'm not an expert on the niceties of the GPL ... but the bootloader only needs access to the public key needed to check the signatures of the binaries that it loads. It may be possible to keep the private key private and remain GPL-compliant. I think it may depend whether the private key is regarded as a "derivative work" of the public key.

      3. boltar
        Facepalm

        Re: sign your own software

        "The problem is GRUB, as GPL software, cannot include baked-in keys. The GPL explicitly precludes one from distributing a binary-only version of the program with the secret key baked in. "

        Please stop using the trendy hipster journo phrase "baked-in". It makes you sound like an ass. In english we say built in or included with.

        Thanks.

    4. Anonymous Coward
      Anonymous Coward

      Re: sign your own software

      No, it doesn't need to be signed by MS, MS are offering a signing service for Linux, that's a remarkably different thing.

      1. dajames Silver badge
        Meh

        Re: sign your own software

        No, it doesn't need to be signed by MS

        It needs to be signed using the private key that corresponds to the public key embedded in a certificate that's stored on the board.

        There's been a lot of contradictory stuff written about this, but as I (now) understand it the norm is for UEFI PCs to be sold with a single certificate on the motherboard, and that certificate is for a key owned by Microsoft (the certificate is generated for them by Verisign, but it's not Verisign's key).

        MS are offering a signing service for Linux, that's a remarkably different thing.

        It's not that different a thing. If you want to run Linux from a signed bootloader on a bog-standard UEFI PC you either have to get Microsoft to sign your bootloader so that the signature can be verified using the manufacturer-distributed certificate or you have to add a certificate for another key to the motherboard (if the UEFI firmware will let you) so that you can use a bootloader signed using that key.

        Or you turn Secure Boot off, or you switch off UEFI mode ... assuming the firmware allows you to. Then you can use any bootloader you like whether it's been signed or not.

  5. ElReg!comments!Pierre Silver badge

    "PCs that shipped with Windows installed"

    That presumably excludes "servers that are managed remotely", so far so good for the Foundation's approach then.

    If you buy a windows-loaded, UEFI-Secure-Boot-locked PC to use it as a distantly managed Linux server, you're just looking for trouble. All the people I know who remotely administrate Linux servers either bought them with Linux pre-installed or bought them barebone and built them to their needs. I must admit that I don't know _everyone_ though, so that's remains anecdotic, but strongly supported by common sense.

    1. Crazy Operations Guy Silver badge

      Re: "PCs that shipped with Windows installed"

      Nearly all servers nowadays come with some sort of IPMI, BMC or LoM to allow you to do things like manipulate BIOS and UEFI settings.

  6. ortunk

    back to hacking hardware

    seems every few years I'm back to hacking hardware to make ıt do what I want... I love them manufacturers!

  7. JaitcH
    WTF?

    MS mimicking Apple: It might be your property, but we hold the key

    When is the right of ownership going to recognised and accepted by these damn American companies?

    The EU bureaucracy might appear to be under employed but they do have a hight success rate of kicking US commercial butts. Even the near God-like MS and Apple have bowed to their demands, before, albeit reluctantly.

    Perhaps the EU should mandate the MS walled garden feature must have a switch in the BIOS so the owners can decide their modus operandi. Not all PC users are Apple-subservient types.

    1. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: MS mimicking Apple: It might be your property, but we hold the key

      There is no BIOS. Do keep up.

      1. dajames Silver badge

        There is no BIOS

        @AC 09:20

        There is no BIOS. Do keep up.

        I know what you're saying ... but there is a BIOS -- it's the UEFI Firmware. What there isn't is an old-style real-mode IBM PC-compatible BIOS.

        The problem is that BIOS has lost its original meaning of Basic Input/Output System and come to mean specifically an implementation of the firmware API exposed by the BIOS of the original IBM PC (and subsequent developments thereon). The UEFI Firmware is a BIOS in the older, more general, sense (among other things).

        "BIOS" is a lot easier to write and to say and write than "UEFI Firmware", so I suspect we're stuck with it.

        UEFIF anyone?

    3. Dana W
      Trollface

      Re: MS mimicking Apple: It might be your property, but we hold the key

      Big difference is I can boot anything I want on my Mac. OSX of course, Windows if I want, and Linux no problem at all.

      Its the PCs that are locked down.

      1. Anonymous Coward
        Anonymous Coward

        Re: MS mimicking Apple: It might be your property, but we hold the key

        "Big difference is I can boot anything I want on my Mac. OSX of course, Windows if I want, and Linux no problem at all."

        Very nice too...just a shame you have to pay 3 times over the odds for the same parts when they break down, than the rest of us lowly PC crowd!

        ( If you're a careful shopper you can build an x64 box that will boot OSX, Windows and Linux, have 4+ times the power for a third of the cost of the "Apple Hardware Smug Tax"! )

        1. Dana W
          Trollface

          Re: MS mimicking Apple: It might be your property, but we hold the key

          I guess you get what you pay for. if one ever breaks down I'll let you know.

  8. Connor

    From recent experience...

    Dell do include an option to switch off Secure Boot in UEFI, as well as allowing a legacy mode for booting stuff that is non UEFI, like CDs. I also experienced Ubuntu's UEFI when installing alongside Windows 8 and it was quick and easy, no hassle at all. That should be the way forward.

    Although I can see the intention with Secure Boot is itsn't without problems; when I did turn it back on, just for kicks, it wouldn't let me boot into either Windows or Ubuntu. So I think the OEMs should brace themselves for a raft of complaints and queries when the UEFI and/or Windows installations start becoming corrupted.

    1. Anonymous Coward
      Anonymous Coward

      Re: From recent experience...

      Indeed, Ubuntu and Kubuntu had no issues. Mint, OTOH, refused to install. It fell down.

      Strange days indeed.

      1. Neil Barnes Silver badge

        Re: From recent experience...

        Interesting - see my post upthread about Mint.

        The only issue I had was that Ubuntu and Mint both initially booted in UEFI mode with the backlight turned right off, and I only discovered this by chance...

  9. Anonymous Coward
    Anonymous Coward

    The best workaround...

    ...against UEFI is to get MS to bin the whole regime. Where's the regulators when you need them?

    1. Anonymous Coward
      Anonymous Coward

      Re: The best workaround...

      Go and have a look at the people involved in UEFI, it's all of the (former) BIOS manufacturers, many Linux manufacturers, Apple, IBM, Intel, all the motherboard and chipset manufacturers etc. etc. Oh, and MS.

  10. Herby Silver badge

    The answer to this:

    UFEI = Antitrust.

    The sooner a government accepts this, the better off we all will be.

    Now to reverse engineer the signing keys (maybe a screen saver application?).

    1. Anonymous Coward
      Anonymous Coward

      Re: The answer to this:

      Antitrust? Really? Despite the fact that MS mandates for Windows 8 that you must be able to disbale SecureBoot and you must be able to install you own keys?

      It's different on ARM as MS has no real presence there and it is normal practice to full lock-down ARM devices anyway. The market is used to that and accepts it.

      Yeah, let's see how far that suit gets you.

      1. John Sanders
        Linux

        This argument is becoming tiresome

        I'm talking about this:

        ""Antitrust? Really? Despite the fact that MS mandates for Windows 8 that you must be able to disbale SecureBoot and you must be able to install you own keys?""

        Yes despite, the explanation is simple: When something can be abused because the design allows it to be abused, it will be abused. And Microsoft built themselves a nice position to abuse it: "They are the ultimate holders of the keys to the kingdom".

        Would you like me having the keys to your house? or a master pin to your credit card? or your bank account details including your passwords? I promise I will not abuse it.

        The laws are full or crap to prevent politicians from committing crimes, like stealing, spying on you, or abusing their power. I repeat there are explicit mandates in the law to stop this. Do they succeed?

        NO, because when the system allows abuse those people in positions of power will abuse it.

        And Microsoft have a history way too full of abuses to overlook anything they do.

        1. mmeier

          Re: This argument is becoming tiresome

          Actually MS is not the ultimate holder. The motherboard makers can include more keys / other signing organizations. If MS tries to lock the door AND there is demand for unlocked hardware companies like Lenovo and HP will be the first to deliver boards with alternate key holders and reap in the money. UEFI and Secure Boot are NOT MS-Standards and all the big motherboard/pc makers are on the comitee.

          Neither has MS the master pin or the bank data. All they do is sign a bootloader, they are NOT getting access to the system. Totally different thing. Worst case they could (in theory) lock you out. Since secure boot can be switched off on all Win-certified boards even that is not possible.

          Now if MS does lock the door and nobody cares than Linux might have a problem. This might happen on the desktop (where Linux is below 2 percent and will be schrinking in x86 land with the x86 tablets getting more common). On the server side it will only happen if Oracle changes the Solaris/x86 licence to "come and get it". Sadly that will not happen...

  11. kbb
    WTF?

    Why can't I sign my own stuff?

    Why should Microsoft, or any company, have the keys to the kingdom here? Why wasn't this stuff designed so that me, the actual owner and user of the hardware, can perform some process to install my own master certificate (or whatever) so I can sign whatever bootloader I want? If I want to leave Microsoft with that power then I can. If I want to do it myself then I can.

    1. Tom 7 Silver badge

      Re: Why can't I sign my own stuff?

      You may think that, I couldn’t possibly comment.

      1. billse10

        Re: Why can't I sign my own stuff?

        welcome back, Mr Urquhart. (Who's that American guy stealing your lines, by the way?)

    2. Anonymous Coward
      Anonymous Coward

      Re: Why can't I sign my own stuff?

      MS does not control what you can or cannot install. If you don't like the limitations of a pre-packaged solution, go get something different. If you do decide to buy a pre-packed solution, then that is your choice.

      MS has done much more to ensure their Windows 8 system are more open than Google has done with their Chromebooks. Win8 devices are also more open than Apple ones, but I don't see you moaning about that.

      MS is not the bad boy here, they are responsible corporate.

    3. Anonymous Coward
      Anonymous Coward

      Re: Why can't I sign my own stuff?

      You can sign your own bootloaders and you can install your own keys into your machine's UEFI.

  12. itzman

    a thought occurs..

    most people who use Linux are running servers. Or quite advanced desktops.

    Most noddy users are abandoning desktops in favour of slabs.

    Ergo Linux is a force in the pc motherboard arena. So any manufacturer who can ONLY boot windows is going to lose business.

    And how long before a reprogrammed BIOS is available as a download to allows booting from anything?

    To put it simply., MS is a waning force on desktops, a spent force on servers and only in laptops - which are waning in favour of slabs - is it still de facto.

    Just as I wont buy stuff that doesn't work with linux, because I want to use linux, so I wouldn't buy a motherboard that wouldn't boot linux.

    Linux is RESPECTABLE. Linux has market clout. You cant ignore linux and hope it will go away.

    1. Anonymous Coward
      Anonymous Coward

      Re: a thought occurs..

      "Linux is RESPECTABLE. Linux has market clout."

      Ah-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha! You funny.

      Linux is nowhere on the desktop. It just doesn't exist.

      Even if we include the not-Linux Linux Android, you barely break 4%.

      To put it simply, Linux is an experiment that has crashed and burned hard. It's expensive to implement, hard to maintain, requires massive retraining and the working application to be re-written from the ground up. It's of no interest to any decision makers, just hobbyists.

      1. John Robson Silver badge
        WTF?

        Re: a thought occurs..

        @AC 08:56

        This isn't about the desktop (which is being abandoned in favour of slabs), it's about the severs (which do actually use motherboards) - and that is where *nix dominates (particularly in remote servers).

        Linux has anything but failed.

        1. El Andy

          Re: a thought occurs..

          @John Robson: "This isn't about the desktop (which is being abandoned in favour of slabs), it's about the severs (which do actually use motherboards) - and that is where *nix dominates (particularly in remote servers)."

          Except that's just not reality. Linux has mostly carved it's share of the server market by eating away at proprietary *nix flavours such as Solaris, AIX, HP UX etc. The market share for Windows Server has also come from proprietary *nix vendors too and is increasing, not decreasing.

      2. Anonymous Coward
        Anonymous Coward

        Re: a thought occurs..

        "Ah-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha! You funny."

        Ah-ha-ha-ha-ha-ha-ha-ha-ha-ha-ha! You RICHTO/TheVogon

        By hobbyists I assume you mean Google, Amazon, etc, Boeing, lots of pharma, academics, CERN. and more and more. Oh and Munich !

        1. Anonymous Coward
          Anonymous Coward

          Re: a thought occurs..

          Munich? Yeah, and we all know the massive over-spend their dalliance has caused. There's a reason the other departments switch back after seeing how much Linux failed.

          1. Anonymous Coward
            Anonymous Coward

            Re: a thought occurs..

            "Munich? Yeah, and we all know the massive over-spend their dalliance has caused."

            <RICHTO_mode>

            Actually it's a FACT that the actual change to Linux actually saved a huge amount of actual money. Actually MS said it didn't but who'd actually believe them and they didn't actually offer any actual proof.

            </RICHTO_mode>

  13. Anonymous Coward
    Anonymous Coward

    Want to run Leenawks?

    Then buy from a Leenawks vendor.

    If isn't the responsibility of a Windows PCvendor if you want to run some cobbled together, amateur OS on your computers.

    If you put tires on your car that were made by your pal ion a shed and the handling went all to hell; is that Ford's responsibility? No.

    Same deal here.

    Oh wait, what's that you say? There are no Leenawks vendors? Well maybe there's a very good reason for that.

    1. hplasm Silver badge
      FAIL

      Re: Want to run Leenawks?

      That is the saddest shit for a long time. Go away.

      1. Anonymous Coward
        Anonymous Coward

        Re: Want to run Leenawks?

        The truth hurts.

    2. Anonymous Coward
      Anonymous Coward

      Re: Want to run Leenawks?

      "If you put tires on your car that were made by your pal ion a shed and the handling went all to hell; is that Ford's responsibility? No."

      If you couldn't put tyres on your car because Ford wouldn't let you, is that Ford's fault?. Yes.

      There. Fixed it for you.

      1. Anonymous Coward
        Anonymous Coward

        Re: Want to run Leenawks?

        "If you couldn't put tyres on your car because Ford wouldn't let you, is that Ford's fault?. Yes."

        And where is MS stopping you installing what you like on your Windows 8 unit? Oh, they're not. Analogy fail.

        Don't let the facts get in the way.

    3. dajames Silver badge
      FAIL

      Re: Want to run Leenawks?

      If you put tires on your car that were made by your pal ion a shed and the handling went all to hell; is that Ford's responsibility? No.

      If you wanted to use the same brand of free tyres that were used by most of the major operators of fleets of commercial vehicles all over the world, but you couldn't fit them because Ford kept the keys for the wheel nuts; would that be Ford's responsibility.

      Well, yes. I think it would.

      1. Anonymous Coward
        Anonymous Coward

        Re: Want to run Leenawks?

        Even if they tires weren't free, even if they were made by a big name brand; if they are the wrong tire your handling will go all to hell. This is *NOT* the fault of Ford! It's your fault for not following the specs.

        Luckily though that isn't the case and MS has even gone as far as *forcing* OEMs to keep the system open. Just don't expect them to support you cottage industry OS. They didn't pre-install it for a reason.

  14. Dare to Think
    IT Angle

    Not sure what UEFI is actually for...and why Windows is preinstalled

    When I buy a new car, I have the choice between petrol, diesel and hybrid engines, and nobody is forcing me to buy the fuel from this or that oil company.

    When I buy a new laptop, I usually have the choice between a 13, 15 or 17inch screen and between a 320GB or a 2TB disk. But Windows comes preinstalled, and I have to pay for it, although I don't want it.

    Once Windows has booted up, I'm reminded incessantly that my laptop is suddenly very much at risk unless I pay for the full license of this pre-installed anti-malware software. Except I don't want that particular anti-malware software and my firewall is on my router already. I am also reminded to take out this Small Business Advantage (whatever that is), that online backup services (dunno what is backed up to where), and pay for the full MS Office license.

    Depending on the browser I use I am reminded to use Google or Bing as my default search engine.

    I then try to relax a bit by browsing on Youtube, where I am bombarded with advertisements for beer, some must have video game, and the latest bloke flick. During those videos suddenly half the screen is replaced with an advertisement rectangle because YouTube has warmly found out that I'm looking for love and I should join Mature Dating, because Russian women are waiting for me already.

    Wow....this really beats any diesel engine in a car....

    1. mmeier

      Re: Not sure what UEFI is actually for...and why Windows is preinstalled

      If you are forced to buy Windows - you are shopping at the wrong place!

      Yes, the big PC manufacturers deliver their boxes with Windows pre-installed. Because 90+ percent of the end-users want it that way. That is what you find in the big outlets and in the online shops. Simply to keep the choices resonably few (online) or the variety of systems on stock resonably small (brick&mortar). Add in that in some EU countries computers sold to end users must have a OS installed and Windows is the best choice. And for OEMs Windows is cheap!

      If you want something different - pick a company that caters to business customers and PHONE! them. Dell, Lenovo, HP have all been willing to deliver "bare bone" units without an operating system (and 20-50€ less) in the past. Since many companies have volume licences this is essential.

      As for the rest:

      + You can unistall software on Windows. It is easy

      + There are free AV programs that can for end/home users do the job just fine (Win8 has one included)

      + You can actually use stuff like GIMP or Outdated Office on Windows. It works just fine if you can live with the limits

      1. Dare to Think
        IT Angle

        Re: Not sure what UEFI is actually for...and why Windows is preinstalled

        Thanks, mmeier, but don't get me wrong, I try not to buy the PC in one piece. For the last PC (which became a server) I bought the components and slapped Debian on it, only to replace the disks, then add memory, then replace processor and motherboard, then SSD disks are faster, and RAID6 is a good thing, and KVM virtualization is really cool, and I always wanted to have my own webmail server....

        It's different with laptops, you can't really buy them in components, unless you pretend that you have a broken model and go on eBay to get spare parts, etc.

        You have more freedom in burning new firmware on your router (dd-wrt) than in replacing the BIOS on your motherboard.

        1. Anonymous Coward
          Anonymous Coward

          Re: Not sure what UEFI is actually for...and why Windows is preinstalled

          @Dare To Think: Why are you complaining about it then?

          1. Dare to Think
            IT Angle

            Re: Not sure what UEFI is actually for...and why Windows is preinstalled

            I'm complaining about Windows being preinstalled on laptops and UEFI on motherboards, even if you buy the motherboard separately, as a component....I think ASRock, ASUSTeK, Gigabyte and MSI started in 2011 with that.

  15. Anonymous Coward
    Facepalm

    "Intertwined with an operating system"

    Sheesh, that sounds painful. Almost as bad as interleaving with the internet, which I read somewhere once.

    (OK, it was here)

  16. Bent Outta Shape

    You don't *have* to get Windows

    ...if you don't want to. Novatech, at least, will flog you laptops with no OS installed. I've no idea how cool / solid / shiny the Novatech laptops are, just pointing out there's at least one supplier available.

    http://www.novatech.co.uk/laptop/

    1. mmeier

      Re: You don't *have* to get Windows

      Dell and Lenovo also deliver notebooks without an OS installed if you order by phone. It is just their online shop that does not. Since we have a volume license and prebuild images my employer orders them blank. My guess is HP and Fujitsu will do the same. Only companies that do not or not primarily cater to companies might not offer the option.

      If you buy in a store the unit must come with a OS thanks to the EU and that is what reliably works on all x86 hardware and is demanded by Joe Average- Windows

      1. Anonymous Coward
        Anonymous Coward

        Re: You don't *have* to get Windows

        "If you buy in a store the unit must come with a OS thanks to the EU " - what specific piece of EU law requires a laptop/notebook to be sold with a Microsoft operating system installed?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019