Linked by Thom Holwerda on Thu 18th Jul 2013 22:12 UTC
Microsoft The Verge, reporting that Microsoft lost almost a billion dollars with Surface RT, in this quarter alone. "At the end of the day, though, it looks like Microsoft just made too many Surface RT tablets - we heard late last year that Microsoft was building three to five million Surface RT tablets in the fourth quarter, and we also heard that Microsoft had only sold about one million of those tablets in March." That's catastrophically bad.
Thread beginning with comment 567621
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[9]: Wow
by Nelson on Sun 21st Jul 2013 00:05 UTC in reply to "RE[8]: Wow"
Nelson
Member since:
2005-11-29

Hi,

I do definitely see your point, and I think we can find some common ground in agreeing that there is a need for some form of secure booting mechanism.

You think the knobs should be able to be turned on, and I (and this is something I've probably changed my mind on) would be inclined to agree after further investigation.

It would be of great benefit if the end user was ultimately in charge of which public keys (in addition to the default MSFT one) were stored on their machine.

From there they could accept signed images from their favorite distro and maintain the chain of trust all the way through.

Alternatively the secure mechanism should be switched out so the more technically inclined user could have their box the way they want it, security ramifications be damned. I definitely understand the culture in alternative OSes may even favor compilation over shipping signed binaries, at which point a secure booting mechanism is more of a hindrance.

I think the x86 implementation ticks all of these boxes (albeit with shoddy OEM implementations which scare me), but the ARM versions do not. This is something I think should change (and maybe we can agree here).

I probably came off as bitter initially for which I do apologize and I appreciate you taking the discussion in a productive direction.

Reply Parent Score: 3

RE[10]: Wow
by Alfman on Sun 21st Jul 2013 04:50 in reply to "RE[9]: Wow"
Alfman Member since:
2011-01-28

Nelson,

I'm trilled at finding common ground here, yes I agree secure boot on x86 fills the most important needs of both windows and alt-os users. Also it would be great for all ARM manufacturers to adopted a fully standard (of course unrestricted) UEFI stack rather than the arbitrary mess of proprietary solutions existing now.


I was thinking of ideas to improve secure boot further: something along the lines of being able to install a new OS on an empty or hosed system without any local media by typing in an HTTPS url and performing the installation online, letting UEFI install the keys automatically. This way any OS vendor could provide install images online and their users would require nothing more than a simple url to start installing the OS and configure secure boot from scratch. This could all be behind a password protected administrative account within UEFI, with maybe a default password and/or reset mechanism to get in.


This would be a boon to the modding community. As you pointed out, the modding procedures on typical ARM systems are difficult, non-standard, error prone, risky, brickable, etc. If this were a standard UEFI feature then the steps to return a device to a known state would be: Enter UEFI, Locate HTTPS (re)install feature, type desired installation URL (or accept OEM default), wait for install to complete, done.

Edited 2013-07-21 05:08 UTC

Reply Parent Score: 2