Some Windows Apps Make GRUB 2 Unbootable

KwahAG writes "Colin Watson, one of the Ubuntu developers, published in his blog information about Windows applications making GRUB 2 unbootable. Users of dual-boot Windows/Linux installations may face the problem, which boils down to particular Windows applications (Colin does not name them, but users point at least to HP ProtectTools, PC Angel, Adobe Flexnet) blindly overwriting hard disk content between the MBR and the first partition destroying information already stored there, in this particular case — the 'core image' of GRUB 2 (GRand Unified Bootloader) making the system unbootable."

HP ProtectTools

[Nemyst]

Protecting your laptop from open source commies. And maybe viruses.

Re:I thought nothing was supposed to be there

[mysidia]

Nothing is supposed to be there except the user-installed system boot code, boot data, and hard drive parameters.

Third party software certainly has no business messing with Sector 0 or the boot blocks unless it gets explicit permission, advises users of the risks in messing with the boot block, prompts the user to back anything up that's there right now, and writes its bits only to the portion of the boot block that is provided for its required purpose.

It may detect bootloaders, and update their configuration, if the user accepts that, but bootloader configuration is generally stored on the boot volume not the boot block

Re:Solution:

[mysidia]

This is not a problem for the most important Linux systems which are not dual boot.

Most systems that are dual boot are workstations, not servers. Meaning the person who uses the system every day is most likely using Linux.

I think the solution is for the Linux installer to create Windows icons and a Start menu item group with two things.... A "boot Linux" icon (for launching loadlin)

And a "fix grub" icon, for fixing grub, no matter what some dastardly windows program has done to it.

Re:WTF is the "embedding area"?!

[Spazmania]

It makes sense for a bootloader to place data and code outside of partitioned space. It makes more sense to place the code inside a partition, even if it's a one-track partition dedicated to the bootloader. If they collided with components of Windows' bootloader or FreeBSD's bootloader, or some pre-boot hard disk encryption software I'd have little sympathy for them.

On the other hand, user-level apps storing data on the hard disk outside of partitioned space is very bad mojo. They should not be doing that. Ever. Period.

Re:WTF is the "embedding area"?!

[FuckingNickName]

Bingo. It is absolutely wrong to put data outside of partitioned space, and it is insane to blame something else for your own bug. Indeed, one security measure when installing a new system might be to zero out all unpartitioned space and then make sure nothing is ever written to it - Grub makes this impossible.

Grub should use an existing partition to store all the bits which don't fit inside the MBR, following the lead of EFI system partitions if necessary but supporting various common filesystems otherwise. Instead they use an atrocious hack to try to make things look neat.

LILO is immune to this.

[John+Hasler]

And yes, LILO is still supported and under development. LILO 23

Re:Move along

[osu-neko]

Does grub have any more reason to be there these other companies?

It does if I put it there. Nothing should be automatically written into partitioned space. Partitioning defines what areas of the disk I want to be automatically written to using whatever scheme I define by setting the partition type. Anything outside that, I'm free to manage any way I please. I can put a block-oriented FORTH program there if I like, individually managing "screen" loads and saves in the FORTH code. Or whatever. The point is, they're my blocks to do with as a like, and nothing should be written there except what I explicitly write there.

Among other things, it does mean that if I choose to write GRUB data there, it should be perfectly safe there. If it isn't, that's a serious bug in whatever program overwrote the unpartitioned block(s).

FLEXnet, Adobe's rootkit

[Animats]

The big headache is FLEXnet, Adobe's "license manager". It's a specialized rootkit that gives the remote licensing system access to the machine at a low level. Which is why it tends to break things a Windows application shouldn't be able to break. On Windows, it runs a background service and contacts a remote server frequently, sending undocumented information to the remote server and accepting update commands to change software already on the computer.

FLEXnet is the successor to FlexLM, a licensing system from the 1980s. It started as a UNIX product. It's been owned at various times by Highland, Globetrotter, Macrovision, and Thoma Cressey Bravo. It was unreliable in the 1990s, and the passage of time does not seem to have improved things.

In general, it's best to avoid buying Adobe products which install the FLEXnet license server.

"built his house upon the sand"

[alizard]

The whole point behind VMs is to make the host as reliable and stable as possible and put the flakier OS and software in a VM so when it crashes and burns, all one has to do is start the VM, not try to rebuild file structures and apps from scratch. Your post suggests you're not quite clear on the concept.

Unless you honestly believe that "Son of Vista" is more reliable and stable than Linux. In which case, I recommend you get help from a competent mental health professional.

Re:"built his house upon the sand"

[Jerry]

That's because Linux is 100% as vulnerable to ... Linux uses security by "obscurity"...

You really have things backwards. Linux source code is GPL freely available for anyone to inspect. Windows source is proprietary and secret, which Gates testified before Congress was necessary because it was a national resource that should be kept secret for security reasons ... until Gates gave the Chinese copies of the XP source because it was their price for Microsoft to do business in China. So, it is Microsoft that practices "security by obscurity".

Actual security? The 1,000,000 + zombies that are appearing on the giant bot farms discovered every so often are compromised Windows boxes, not Linux or Mac OS X boxes. Ballmer himself put the Linux desktop market share at around 10% and called Linux a greater competitive threat than Apple. With that percentage and, according to you Linux is equally as vulnerable, then why isn't 100,000 of those zombies Linux boxes?

And, if Linux is so easy to compromise then why did professional hackers spend more than 6 months last year just to capture only 700 Linux boxes using brute force password cracking when, according to you, all they had to do was spend a day or two to lure a few hundred thousand Linux users to their porn site honey pot?

Morons are those who drink Microsoft's Kool-aide and become brainless human zombies chanting MS Technical Evangelists astroturf postings as if they are fact.

Re:WTF is the "embedding area"?!

[vadim_t]

I wasn't imagining that I was forced to manually type out a list of blocks occupied by the file. But I was concerned by exactly what you say. Dear God, why do it like that?

It's the same thing LILO did, which is why most people use Grub now.

And the reason why is because the MBR is tiny, and has no room for code that reads say, ext4.

The MBR did the boot menu and loaded the boot sector from any given partition. That boot sector would do as you say. You don't need to "bet" - it's pretty much what I said :-).

The MBR has no menu. The basic stuff is "find active partition, load first sector, jump to it". With Grub it's more like "load code from embedding area, run it". Which contains enough to read things like ext4 to load the rest.

Really? So why does GRUB need any extra-partition space?

Because there's no room for filesystem reading code in the MBR. Especially not for reading all the formats Linux supports at once (what if you want to boot from FAT, ext3 and zfs?)

If you're thinking grub should load the code from some fixed space in the Linux partition, then every single FS would have to agree to reserve that space. Including the ones like JFS that come from elsewhere.

Why wouldn't you be able to retrieve the boot sector of an extended partition? Obviously some operating systems (Windows) will assume they're booting off a primary partition and break unless their boot sector is tweaked, but this isn't inevitable.

In my understanding, a partition having a boot sector is a DOS convention, that other filesystems don't necessarily follow. I think 512 bytes at the start may be mostly guaranteed, but again, you're not going to read things like reiserfs in that little space, so you're back to having the same problem.

Which is why it should load a second stage from a system or other partition.

It can't read it from "other partition" because if there is a filesystem there, it has to understand it, and 446 bytes is not enough.

If you mean a special, reserved partition, then that reduces the number of primary partitions for other purposes to 3, which creates compatibility issues. And if there are 4 primary ones already, you're screwed.

Resuming: the way x86 computers boot sucks, and boot loaders have to be written with those constraints in mind. The whole "embedding area" is a horrible hack, but the alternatives have significant issues as well.

Re:Solution:

What about Gimp as a Photoshop replacement?