Linked by Thom Holwerda on Thu 3rd Nov 2011 19:34 UTC, submitted by lucas_maximus
Hardware, Embedded Systems A big issue right now in the world of operating systems - especially Linux - is Microsoft's requirement that all Windows 8 machines ship with UEFI's secure boot enabled, with no requirement that OEMs implement it so users can turn it off. This has caused some concern in the Linux world, and considering Microsoft's past and current business practices and the incompetence of OEMs, that's not unwarranted. CNet's Ed Bott decided to pose the issue to OEMs. Dell stated is has plans to include the option to turn secure boot off, while HP was a bit more vague about the issue.
Thread beginning with comment 496072
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Ok, let's be fair
by Alfman on Sat 5th Nov 2011 19:45 UTC in reply to "Ok, let's be fair"
Alfman
Member since:
2011-01-28

twitterfire,

"#1 Microsoft doesn't require secure boot to be enabled by default"

Do you have citation for that? Maybe it's changed, but this isn't what's been reported. Also, we don't know if windows will run without restrictions if it's disabled.

http://mjg59.dreamwidth.org/5850.html?thread=142554
"Microsoft requires that machines conforming to the Windows 8 logo program and running a client version of Windows 8 ship with secure boot enabled."


"#2 Microsoft doesn't require OEMs to not provide a way to disable secure boot"

Ok.

"#3 Microsoft is spreading FUD: they don't want secure boot because they care about user's security, they want secure boot because they wrongfully think it will stop piracy"

It's possible microsoft is using it to sell media companies on DRM.


"#4 Even with secure bot, crackers will find a way to circumvent it, in no more than a few days after Windows 8 release"

The secure boot spec itself won't be cracked, just individual implementations. And even then secure boot has far fewer attack vectors than a modern multiuser operating system. It won't necessarily be crackable in software.

I think you agree that secure boot or no, the weakest link in the chain is still windows itself. Secure boot won't fix any of the OS or application level security problems.

"#5 If OEMs doesn't implement a way to disable secure boot, it is their fault, not Microsoft's"

Partly true, but this ignores the potential for dual boot issues, which is entirely in microsoft's hands now. Also remember that Microsoft had involvement in writing the spec which has no regard for keeping owners in control.

Additionally, many of us are uncomfortable with a security feature which will sometimes be locked to windows, and that will be difficult to impossible for users to enable for independent operating systems. This is apparently the biproduct of either a glaring oversight by an incompetent engineering team, or a hidden corporate agenda.

Edited 2011-11-05 19:59 UTC

Reply Parent Score: 2

RE[2]: Ok, let's be fair
by ilovebeer on Sun 6th Nov 2011 03:00 in reply to "RE: Ok, let's be fair"
ilovebeer Member since:
2011-08-08

Additionally, many of us are uncomfortable with a security feature which will sometimes be locked to windows, and that will be difficult to impossible for users to enable for independent operating systems.

If buying a prebuilt system locked to a specific OS is a problem for you, do not buy a prebuilt system locked to a specific OS. You have several alternatives so be smart about your purchase and buy something that suits your needs rather than something that doesn't and then complain about it.

Rocket science? No. Common sense? Yes, and that's what people should be spreading right now,... not unjustified fear based on assumptioned about secure boot.

Edited 2011-11-06 03:02 UTC

Reply Parent Score: 0

RE[3]: Ok, let's be fair
by Alfman on Sun 6th Nov 2011 04:41 in reply to "RE[2]: Ok, let's be fair"
Alfman Member since:
2011-01-28

ilovebeer,

"If buying a prebuilt system locked to a specific OS is a problem for you, do not buy a prebuilt system locked to a specific OS. You have several alternatives so be smart about your purchase and buy something that suits your needs rather than something that doesn't and then complain about it."


I'm sure I've answered this already, but here we go...

Existing knowledgeable linux users will suffer somewhat due to the worsening availability of equipment that works for us, new or used. Keep in mind many linux users also need to use windows, and we don't all care to build our own systems. We probably won't be able to get the scales of economy deals any longer because of these restrictions. I know you don't care about keeping our supplier options open, but that doesn't make the point any less valid, fragmentation will hurt us.

A bigger concern, IMO, is that the vendor locks on new windows machines will severely limit alternate OS adoption by newbies. The reasons for this should be obvious. Saying it's their fault for not knowing any better is ridiculous considering that there was no reason they should have been locked in the first place.


I've already pointed out issues with secure boot that affect windows users as well. I appreciate that you don't care about any of it's problems, and that's ok. But that's not a reason to dismiss the problems for everyone else, we have legitimate reasons to be concerned and seek answers.

Reply Parent Score: 3