Linked by Thom Holwerda on Thu 18th Jul 2013 22:12 UTC
Microsoft The Verge, reporting that Microsoft lost almost a billion dollars with Surface RT, in this quarter alone. "At the end of the day, though, it looks like Microsoft just made too many Surface RT tablets - we heard late last year that Microsoft was building three to five million Surface RT tablets in the fourth quarter, and we also heard that Microsoft had only sold about one million of those tablets in March." That's catastrophically bad.
Permalink for comment 567428
To read all comments associated with this story, please click here.
RE[4]: Wow
by ssokolow on Fri 19th Jul 2013 06:56 UTC in reply to "RE[3]: Wow"
ssokolow
Member since:
2010-01-21

Secure boot is a good thing, despite your protests to the otherwise.

MBR malware has been on the rise for years.


That depends on how you compare the pros and cons.

As implemented, I think Secure Boot is terrible for competition and I think that's intentional. I'd have no problem if that weren't the case.

For example, if there were a simple, cross-vendor standardized (and tested) way to grant an unsigned bootloader permission to run and register its own keys.

Perhaps something like this to make it hard to trick ignorant users into it:

1. If the user didn't call up the manual boot device chooser menu by holding F8 while booting, fail hard if the bootloader's signature can't be verified.

2. If the user did manually select a boot device and the bootloader is unsigned, display a big, scary but ultra-concise warning with the user being required to type "I Understand" to pass.

(Something like "You are trying to start an operating system provided or modified by an unrecognized vendor. This usually means that your computer has become infected. Unless you are are absolutely sure you know what you are doing, please turn off your computer and contact a technician. Otherwise, please type "I Understand" and press Enter.")

3. Somewhere in the process, there would be a checkbox with an equally clear message which would grant the OS some kind of one-time authentication token to allow it to register a new signing key in the bootloader.

Hell, even the Chromebook developer switch model has some advantages over UEFI Secure Boot.

Edited 2013-07-19 06:57 UTC

Reply Parent Score: 9