Linux developer Matthew Garrett, who works for Red Hat, first talked about this issue on his blog today. He has done work on EFI, so he knows what he's talking about. The issue is that the secure boot technology that's part of EFI and which is mandatory for Windows 8's logo program, requires signing keys integrated into the firmware.
It goes further than merely installing an operating system, though. One or more signing keys can be installed into the firmware; executables and drivers need to be signed by these keys, or else they won't load. On top of that, another set of keys (Pkek) takes care of the communication between operating system and firmware. The operating system can then add signing keys to a blacklist and a whitelist. Since there's no central authority which issues these keys, OEMs will have to sign stuff themselves if a key is installed.
"This impacts both software and hardware vendors," Garrett explains, "An OS vendor cannot boot their software on a system unless it's signed with a key that's included in the system firmware. A hardware vendor cannot run their hardware inside the EFI environment unless their drivers are signed with a key that's included in the system firmware. If you install a new graphics card that either has unsigned drivers, or drivers that are signed with a key that's not in your system firmware, you'll get no graphics support in the firmware."
Microsoft requires OEMs that want to be part of the logo program for Windows 8 to have secure boot enabled. According to Garrett, there are two ways for Microsoft to handle this. "The two alternatives here are for Windows to be signed with a Microsoft key and for the public part of that key to be included with all systems, or alternatively for each OEM to include their own key and sign the pre-installed versions of Windows," Garrett states, "The second approach would make it impossible to run boxed copies of Windows on Windows logo hardware, and also impossible to install new versions of Windows unless your OEM provided a new signed copy. The former seems more likely."
This means Linux, or any other unsigned operating system, will not run on your computer. There are several problems here when it comes to Linux. First, we'd need a non-GPL bootloader (Lilo perhaps?). Second, Garrett indicates that the Linux world is moving towards using the Linux kernel itself as a bootloader. This means kernels will have to be signed, making it virtually impossible to compile your own kernel. Self-signing would still require each key to be included by all OEMs.
For now, it's hard to tell if this secure boot thing will be an option we can turn off, or if OEMs will - like they do with BIOS features all the damn time - disable the option of turning it off. In any case, I must say that I'm very, very worried that the horrible, anti-user situation of smartphones will permeate into the world of desktop and laptop computers.
The problem here is that governments the world over will be filled with glee over the fact that we would no longer be able to run the software of our choosing - at least, not easily. This means more control, something the, for instance, entertainment industry will love to death. I mean, someone has to think of the children.
I have a hard time believing the combined power of Apple and Microsoft - both strong supporters of these kinds of anti-user features - will not be able to convince and buy governments the world over into not doing anything about this.
It would appear that despite his extremist views over the years, Richard Stallman is more and more starting to look like a true visionary. The fact that he had the foresight to think about hypothetical issues like this decades ago is pretty remarkable.
For now, I am worried, although not yet freaking out. In the end, this would also pose major headaches to other hardware and software vendors, and I'm hoping Microsoft and its OEMs will not antagonise them too much. For all it's worth, though, be sure to check the UEFI implementations of the motherboards and laptops you buy for an option to turn secure boot off.