Reply to post: Re: You cannot install another OS on the Surface Pro

Surface Book nightmare: Microsoft won't fix 'Sleep of Death' bug

James O'Shea

Re: You cannot install another OS on the Surface Pro

"Surface Pro's come with UEFI enabled making it impossible to install another OS on them. If you buy a Surface Pro, you are stuck with Windows."

Stop talking rot. All Apple desktops and laptops have shipped with UEFI since 2006. By definition they don't ship with Windows, and it is perfectly possible to put non-Apple OSes, including Windows and all current Linux distros, on them. In addition, I have a desktop machine with an ASUS motherboard which shipped with UEFI. It's running BSD at the moment. I am not alone in running assorted non-MS OSes on systems which shipped with UEFI. I suspect that you have a problem with Secure Boot, not UEFI. See further http://www.uefi.org/sites/default/files/resources/UEFI_Secure_Boot_in_Modern_Computer_Security_Solutions_2013.pdf

In particular, note the following, quoted from the above:

"Secure Boot is an optional feature of the UEFI specification. The choice of whether to implement the feature and the details of its implementation (from an end-user standpoint) are business decisions made by Original Equipment Manufacturers (OEMs)."

Note also:

"Users may disable Secure Boot entirely, using a system setup screen enabled at boot time. Each manufacturer has its own interface for this option. In all cases, end user must be physically present to establish proof of possession (POP) associated with the changes. With the Secure Boot feature disabled, the system can boot legacy operating systems, as well as systems that do not support Secure Boot. However, when Secure Boot is disabled, the feature is no longer protecting the system, leaving it vulnerable to rootkit and bootkit attacks.

UEFI Secure Boot also provides an interface that allows a system owner to take control of the system’s security credentials. This interface may or may not be available, depending on the system and its manufacturer. In circumstances where it is available, system owners can clear and reinstall the Secure Boot database and register their own keys and signatures. This can either supplement or completely replace the factory set. If a particular system supports the clearing of Secure Boot databases, the option will be displayed in the firmware menus."

I don't own a Surface anything, and, given their cost and the problem noted in the article, am unlikely to buy one, so I don't know how MS implemented Secure Boot.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon