Linked by Thom Holwerda on Fri 23rd Sep 2011 22:22 UTC, submitted by kragil
Windows The story about how secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog - but didn't take any of the worries away. In fact, Red Hat's Matthew Garrett, who originally broke this story, has some more information - worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
Thread beginning with comment 490669
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: What to do about this...
by Soulbender on Sat 24th Sep 2011 23:17 UTC in reply to "RE: What to do about this..."
Soulbender
Member since:
2005-08-18

You might be able to complain about the OEM but not Microsoft.


You can complain about Microsoft using it's domainant position to indirectly force a change that is bad for consumers.

Reply Parent Score: 6

modmans2ndcoming Member since:
2005-11-09

right... because secure boot is an attempt to stifle Linux in the market place rather than Microsoft offering customers the ability to lock their systems down at a hardware level so device drivers cannot be used ti infiltrate a network.

Reply Parent Score: 1

Alfman Member since:
2011-01-28

modmans2ndcoming,

"right... because secure boot is an attempt to stifle Linux in the market place rather than Microsoft offering customers the ability to lock their systems down at a hardware level so device drivers cannot be used ti infiltrate a network."

This is possible but it's not what I believe to be the intent of secure boot. I believe the secure boot design points to an intent of keeping owners from being able to jailbreak the walled garden that MS is about to introduce with win8.

Microsoft has not really answered the question of whether win8 will be restricted or at all bootable without secure boot enabled. Maybe I am wrong and MS isn't going to use this for DRM. But until they come out and indicate otherwise, I think DRM is the whole motivation for pushing secure boot. This is why secure boot is designed to keep keys out of the hands of computer owners (which logically we would have if DRM were not the intent).


The linux/otheros dual booting issues (if they turn out to be well founded as Garrett claims) will just be a convenient side effect for microsoft. They will claim that OEMs are responsible for approving alternative operating systems for secure boot, which is true. However MS are not dumb, they fully understand that few if any of the many thousands of OSS developers will manage to get their compiled binaries signed by all OEM keys, and this will result in linux becoming less reliable on the desktop.

Edited 2011-09-25 22:45 UTC

Reply Parent Score: 3

Soulbender Member since:
2005-08-18

device drivers cannot be used ti infiltrate a network.


Because that happen a lot. Or not. Unless you mean like Sony's rootkit but that would not have been stopeed since Sony would have a signed driver...
While we're protecting ourselves from far-fetched and unlikely threats I'd like my computer to survive nuclear winter.

Reply Parent Score: 2

segedunum Member since:
2005-07-06

Microsoft offering customers the ability to lock their systems down at a hardware level so device drivers cannot be used ti infiltrate a network.

I'm sure you'd love this to be true and I'm sure Microsoft really want to wide behind the cloak of security but unfortunately it's.....bollocks.

This option can be provided where the user can still have control of their system and install the operating systems and software they want. However, if you'd done some reading then you'd realise that this won't be given to users.

Reply Parent Score: 2