Microsoft criticised for Windows 8 Linux lockout
By Stewart Mitchell
Posted on 26 Sep 2011 at 16:17
There are growing concerns that a new boot system planned for Windows 8 could make it difficult to run Linux and other operating systems on Microsoft-certified systems.
The issue has been rumbling since a Cambridge academic spotted problems with the way Windows 8 implemented the Unified Extensible Firmware Interface (UEFI) that replaces the older BIOS boot-up process.
EUFI secure boot is intended to prevent boot loader attacks, but the improved security could leave some operating systems locked out of computers running Windows 8.
Professor Ross Anderson of Cambridge University claimed the way the system required signed keys in Windows 8's "secure boot" process would make it impossible to run certain "unauthorised" OSes because they would not have a "signing key" that would allow them to boot.
Vendors who choose not to follow the certification requirements will be at a disadvantage in the marketplace
That could put paid to the practice of having dual-boot systems, affecting both Linux, and, potentially, older versions of Windows, but Microsoft has played down its UEFI tactics, claiming key provision was an issue for OEMs as to what software they allowed on their machines.
However, a Red Hat developer has hit back at Microsoft, claiming OEMs were unlikely to build tools that enabled other operating systems to run on their systems.
Competitive advantage
Not for the first time, Microsoft has been accused of using its dominant position to bend the market in its favour.
“Competition in that market is tough, and vendors will take every break they can get. That includes the Windows logo program, in which Microsoft gives incentives to vendors to sell hardware that meets their certification requirements,” Red Hat engineer Matthew Garrett said in a blog post. “Vendors who choose not to follow the certification requirements will be at a disadvantage in the marketplace.”
Not meeting the certification requirements would cost vendors sales, Garrett said, and because other OSes didn't have the same bargaining power they could be locked out.
“Microsoft can require that hardware vendors include their keys. Its competition can't,” he said. “A system that ships with Microsoft's signing keys and no others will be unable to perform secure boot of any operating system other than Microsoft's.
“No other vendor has the same position of power over the hardware vendors.”
From around the web
"their" machines?
"key provision was an issue for OEMs as to what software they allowed on their machines"
Erm, whose machines? I believe it belongs to me after I've bought it.
By halsteadk on 26 Sep 2011 
If you can install and run Linux...
Surely you're capable of building, or at the least specifying, your own system(s)?
By greemble on 26 Sep 2011
for years I've wondered why windows based systems were still booting off a BIOS. It's a relic of a technology. The much better EFI has been around for years.
To me this seems daft Microsoft finally making a move away from BIOS booting is being seen as an attack on Linux. It isn't, it's just a sign of Microsoft moving with the times.
As for EFI and Linux, I'm pretty sure I've seen articles on the web where people have dual booted their Apple Macs (which also use EFI) with Linux
By hjlupton on 27 Sep 2011
Not Microsoft...
The UEFI secure boot is not new and has been around for a while. Windows 8 will be the first version of Windows to support the Secure Boot feature of the UEFI architecture.
To gain Windows 8 certification, the UEFI needs to support Secure Boot and the keys for Windows 8 need to be included in the UEFI. It should also be turned on by default with new Windows 8 PCs.
None of this pre-cludes the OEM from including keys for Linux (if the distros provide them) or having a switch in the UEFI configuration to turn off the feature.
I don't think many manufacturers will release hardware without an off switch, because of the number of people who downgrade (especially corporates) to XP. If they want to keep their corporate customers, they'll also support Linux, by default.
The RedHat engineer has said that some hardware manufacturers are not planning on a switch. Surely as a) UEFI and Secure Boot has nothing to do with Microsoft, b) Microsoft don't stop the manufacturers including an off switch and c) it is the hardware manufacturers who are saying they might not include an off switch, WHY is this a story about Microsoft?
BTW Android handsets have been using the same feature for a while now. Throwing Microsoft's in here is a red herring, that is guaranteed to get big press.
The RedHat engineer should be naming and shaming the hardware manufacturers, who say they will not bother with an off switch... On the hother hand, that will probably mean that they won't get the same level of support for integrating new hardware into Linux in the future, if they name and shame the hardware companies...
By big_D on 27 Sep 2011
Build your own kit?
@Greemble
How many 'Build your own laptop' kits or parts have you seen for sale?
I am curious to see how this will pan out after release. Yes, I would like to purchase a laptop later and put on Linux but I will not cry wolf until it has been released and shown it can't be done.
By Drenlin on 27 Sep 2011
Multiple Boot?
I have five o/s on one of my computers including Windows 8,7,XP,Vista and Ubuntu. You can set up the Win7 Bootloader OK and that gives you the choice of which o/s to use. But if you boot into Win8 and then close the computer down, when you next boot up, the Win 8 bootloader takes over from Win 7 and excludes XP and Ubuntu as choices. However, you can also choose to boot into your default o/s and if you set that as Ubuntu, then you get passed on to the Ubuntu bootloader which then gives you the option of using the Win 7 bootloader which gives you all your o/s options.
By jmiii on 27 Sep 2011
Interesting phraseology PCPRO....
"Microsoft has played down its UEFI tactics,"
So implementing a more modern, more flexible, more secure bootime system is an example of "tactics". There was silly old me assuming it was:
a) Inevitable, like the switch from hand crank to electric start cars
b) A better system.
I'm sure that "keys" will become available to allow people to downgrade to OSX or LINUX if they want, thogh of course Apple might have something to say about that....
By wittgenfrog on 27 Sep 2011
"Build your own laptop"
@Drenlin
If you want a laptop for running Linux, would you not check the hardware spec before buying?
By greemble on 28 Sep 2011
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Is Microsoft mismanaging Windows on ARM?
- Dealing with spam surrogates
- Why 3G broadband can be better and cheaper than ADSL
- Is Twitter bad for business?
- Publishing your email address isn't a security disaster
- Why you'll need a fax machine to develop iOS apps
- Learning to adapt to the mobile web
- Why you shouldn't use WPS on your Wi-Fi network
- Disabled users suffer when software breaks the rules
advertisement
