Linked by Thom Holwerda on Fri 23rd Sep 2011 22:22 UTC, submitted by kragil
Windows The story about how secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog - but didn't take any of the worries away. In fact, Red Hat's Matthew Garrett, who originally broke this story, has some more information - worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
Permalink for comment 490721
To read all comments associated with this story, please click here.
RE: sadly missing the point
by n4cer on Sun 25th Sep 2011 17:27 UTC in reply to "sadly missing the point"
Member since:


You are sadly missing the point. Microsoft is not doing this to make the system more secure. That technology already exists. Modern motherboards have two features which renders secure booting unnecessary. The first is a feature to watch the MBR for changes. This tells you if the MBR has been tampered with by a virus. The second is dual bioses. One bios is hardware based and unchangeable. This allows the system to recover from malicious activity or a bad flash of the second bios.

While I am sure that their will be OEMs who give you the option to turn it off, this is something that will be a pain in the butt for dual booting. In the end anyone wanting to boot off a live cd or anything else will have to disable it. At that point the option becomes useless. Microsoft could and should have had the foresight to work with other OS makers to design a secure system that is user controlled.

One question I have is: What will be the ramifications of running a Windows 8 system with out having the secure boot enabled? Will it even boot? Will there be things disabled?

It's not just about the BIOS being protected, but the chain of code between the BIOS and OS (e.g., preventing the boot loader from being replaced so the BIOS doesn't hand off to malware that inserts itself below the OS).

Windows 8 still supports BIOS-based systems and non-Secure Boot UEFI systems. The OS will boot normally. You simply lose the added security.

Reply Parent Score: 2