A big issue right now in the world of operating systems – especially Linux – is Microsoft’s requirement that all Windows 8 machines ship with UEFI’s secure boot enabled, with no requirement that OEMs implement it so users can turn it off. This has caused some concern in the Linux world, and considering Microsoft’s past and current business practices and the incompetence of OEMs, that’s not unwarranted. CNet’s Ed Bott decided to pose the issue to OEMs. Dell stated is has plans to include the option to turn secure boot off, while HP was a bit more vague about the issue.
Ed Bott contacted HP and Dell, and while his report is a bit abrasive, the gist of the matter is this. Dell confirmed that they have plans to ship Windows 8 machines with the ability to turn secure boot off in UEFI, while HP had no idea what was going on. BIOS maker AMI, meanwhile, has said it will advise OEMs to not remove the option, but adds that they can’t mandate as such.
A Dell spokesperson told Bott that “Dell has plans to make SecureBoot an enable/disable option in BIOS setup”. Dell plans to move to UEFI with secure boot in the Windows 8 time frame. Unlike how Bott presents it, ‘having plans’ is of course far from a definitive promise – but at least it’s somewhat reassuring.
HP, sadly, was less clear. “HP will continue to offer its customers a choice of operating systems,” HP told Bott, “We are working with industry partners to evaluate the options that will best serve our customers.” Nobody at HP was apparently even aware of the issue, which means this is a general PR statement with zero actual value.
Lastly, BIOS maker AMI stated that it “will advise OEMs to provide a default configuration that allows users to enable/disable secure boot, but it remains the choice of the OEM to do (or not do) so”. This is entirely reasonable – AMI just provides a software package, it doesn’t control what OEMs remove and include.
None of this is the reassuring words Bott makes them out to be. There are no promises, no assurances, nothing. My biggest fear is that like with BIOS today, every computer – even revisions within the same model – will have its own unique UEFI implementation, some of them broken and/or limited, without any means of telling which features are supported and implemented and which aren’t. Heck, I’ve encountered countless BIOS implementations over the years which only allowed you to change the boot drive order, and nothing else.
All in all, this issue is far from over, and what Bott has presented us with so far is by no means the smoking gun. Considering Microsoft’s history of anti-competitive practices, its current patent troll behaviour, and the general incompetence of OEMs, it’s entirely reasonable and smart for us geeks to be on our toes.