Linked by Thom Holwerda on Thu 3rd Nov 2011 19:34 UTC, submitted by lucas_maximus
Hardware, Embedded Systems A big issue right now in the world of operating systems - especially Linux - is Microsoft's requirement that all Windows 8 machines ship with UEFI's secure boot enabled, with no requirement that OEMs implement it so users can turn it off. This has caused some concern in the Linux world, and considering Microsoft's past and current business practices and the incompetence of OEMs, that's not unwarranted. CNet's Ed Bott decided to pose the issue to OEMs. Dell stated is has plans to include the option to turn secure boot off, while HP was a bit more vague about the issue.
Thread beginning with comment 496066
To read all comments associated with this story, please click here.
Ok, let's be fair
by twitterfire on Sat 5th Nov 2011 18:58 UTC
twitterfire
Member since:
2008-09-11

#1 Microsoft doesn't require secure boot to be enabled by default
#2 Microsoft doesn't require OEMs to not provide a way to disable secure boot
#3 Microsoft is spreading FUD: they don't want secure boot because they care about user's security, they want secure boot because they wrongfully think it will stop piracy
#4 Even with secure bot, crackers will find a way to circumvent it, in no more than a few days after Windows 8 release
#5 If OEMs doesn't implement a way to disable secure boot, it is their fault, not Microsoft's

I don't buy hardware from Apple, HP, Dell or whatever. I buy cpu, motherboard, video card, hdd, case, psu and I assemble it myself. I always consider the best bang for the buck and if I assemble a PC myself. I end up with a much better machine for the same amount of money. Even with laptops, I will buy a lowend and tinker with it. Add memory, a better cpu, a larger hdd.

Also, if one of my friends needs a new computer, I will research benchmarks, search for parts and assemble it myself. It takes less than half an hour. And you'll have the best price/performance ratio.

All linux/BSD users are more technical then plain Os X/Windows users.

If you don't like Dell, HP or other OEM, you can always do it yourself and vote with your money.

I even recommended that two of the linux staff guys to be fired, at one of my ex-workplaces. They demanded over-expensive HP servers and subscription to Red Hat. I proved to the CEO (he wasn't a technical guy and the company wasn't into IT) that we can build ourselves much better servers at a fraction of price and use CentOS, or Scientific Linux, or even FreeBSD. I did win and they got fired.

Reply Score: 1

RE: Ok, let's be fair
by Alfman on Sat 5th Nov 2011 19:45 in reply to "Ok, let's be fair"
Alfman Member since:
2011-01-28

twitterfire,

"#1 Microsoft doesn't require secure boot to be enabled by default"

Do you have citation for that? Maybe it's changed, but this isn't what's been reported. Also, we don't know if windows will run without restrictions if it's disabled.

http://mjg59.dreamwidth.org/5850.html?thread=142554
"Microsoft requires that machines conforming to the Windows 8 logo program and running a client version of Windows 8 ship with secure boot enabled."


"#2 Microsoft doesn't require OEMs to not provide a way to disable secure boot"

Ok.

"#3 Microsoft is spreading FUD: they don't want secure boot because they care about user's security, they want secure boot because they wrongfully think it will stop piracy"

It's possible microsoft is using it to sell media companies on DRM.


"#4 Even with secure bot, crackers will find a way to circumvent it, in no more than a few days after Windows 8 release"

The secure boot spec itself won't be cracked, just individual implementations. And even then secure boot has far fewer attack vectors than a modern multiuser operating system. It won't necessarily be crackable in software.

I think you agree that secure boot or no, the weakest link in the chain is still windows itself. Secure boot won't fix any of the OS or application level security problems.

"#5 If OEMs doesn't implement a way to disable secure boot, it is their fault, not Microsoft's"

Partly true, but this ignores the potential for dual boot issues, which is entirely in microsoft's hands now. Also remember that Microsoft had involvement in writing the spec which has no regard for keeping owners in control.

Additionally, many of us are uncomfortable with a security feature which will sometimes be locked to windows, and that will be difficult to impossible for users to enable for independent operating systems. This is apparently the biproduct of either a glaring oversight by an incompetent engineering team, or a hidden corporate agenda.

Edited 2011-11-05 19:59 UTC

Reply Parent Score: 2

RE[2]: Ok, let's be fair
by ilovebeer on Sun 6th Nov 2011 03:00 in reply to "RE: Ok, let's be fair"
ilovebeer Member since:
2011-08-08

Additionally, many of us are uncomfortable with a security feature which will sometimes be locked to windows, and that will be difficult to impossible for users to enable for independent operating systems.

If buying a prebuilt system locked to a specific OS is a problem for you, do not buy a prebuilt system locked to a specific OS. You have several alternatives so be smart about your purchase and buy something that suits your needs rather than something that doesn't and then complain about it.

Rocket science? No. Common sense? Yes, and that's what people should be spreading right now,... not unjustified fear based on assumptioned about secure boot.

Edited 2011-11-06 03:02 UTC

Reply Parent Score: 0

RE: Ok, let's be fair
by Mellin on Sun 6th Nov 2011 09:02 in reply to "Ok, let's be fair"
Mellin Member since:
2005-07-06

How do you build a laptop ?

Reply Parent Score: 4