Slashdot Mirror
How Microsoft Can Lock Linux Off Windows 8 PCs
Julie188 writes "Windows 8 PCs will use the next-generation booting specification known as Unified Extensible Firmware Interface (UEFI). In fact, Windows 8 logo devices will be required to use the secure boot portion of the new spec. Secure UEFI is intended to thwart rootkit infections by using PKI authentication before allowing executables or drivers to be loaded onto the device. Problem is, unless the device manufacturer gives a key to the device owner, it can also be used to keep the PC's owner from wiping out the current OS and installing another option, such as Linux."
So it isn't really Microsoft that can lock you out, it's device manufacturer. Likewise they could lock you out of Windows if Linux was the OS that came with computer. Why don't we see a headline like "How Linux Can Lock Windows Off PCs"? Oh right, this is slashdot. We're here to bash Microsoft.
Boot rootkits are a real problem. Microsoft is improving security here. In fact, Linux has had the capability to use (U)EFI for years. Now Microsoft is just making it default in their system, because quite frankly most people aren't that intelligent with computers and the OS needs to decide some security for them. It's funny how in other news Microsoft gets bashed for bad security, and then in other news they get bashed for implementing those security features.
If you don't get the key when buying your computer, complain to your manufacturer. It's their fault. I don't know why you're buying a computer with Windows to begin with if you're going to install Linux anyway, you're just throwing away money. And nowadays there's lots of computers available without Windows, or you can just build it yourself.
Wait.. wouldn't this also stop people from upgrading to a new Windows release. Why would MS want to do that?
Buyer Beware.
-- I ignore anonymous replies to my comments and postings.
I'm sure that's really going to stop linux nerds from doing what they do... which is installing linux on anything and everything.
This will be cured by a boot disk, ala iBoot.
In my opinion neither the title nor the article are overly sensational as claimed by you. While it is technically true that the device vendor does the lock out, this is nothing more than a smoke grenade tampering with the truth.
The fact is that Microsoft will require the manufacturers to support this technology if they want to sell devices on which windows will run. Even more the fact is, that this means that they will have to include keys by Microsoft which will prevent the device from running unsigned code like Linux.
And while it is still a rumor it can probably be taken as a fact that disabling this feature (if made possible by the manufacturers) will likely cause Windows to not start because this is what malicious software would do as well and allowing this would circumvent the security improvement.
So cut the crap. Yes, it will be the device manufacturers who will effectively bring this restriction into life. But it will be Microsoft who forces them to do so.
Because it is anti-competitive. Unless the device manufacturers want their PCs and mainboards to be barred from being sold in the EU, they better find a way to make Linux installation possible.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
If the hardware manufacturers don't give the key out, then it's their fault, not Microsofts. Needlessly inflammatory article IMO.
From one of TFAs
This reminds me of the way keys are used to protect DVDs and we all remember what happened.
Ten years ago, "Trusted Computing", or whatever it was, was sort of news. And it was not unexpected back then either.
But PKI isn't going to be enough, really. They're going to have to find some people to make examples of and sic the lawyers on 'em.
Of course, real security, in the form of a physical switch, is too simple, and too easy for the owner to, well, switch.
Wow the masses, cow the masses.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
Yet *another* reason to abandon Windows.
Sorry I can't find any references but I remember a few years ago the RIAA said they wanted something like this. They used their usual dishonest wording and said something like "equipment should not allow the installation of any systems that allow the circumvention of DRM".
If I wanted to be a disempowered consumer, instead of an empowered user, I'd buy a Mac.
If you don't fully control it, then you're just renting it, even if you don't pay by the month.
...to enable or disable this. If you buy a name brand machine, then yes, you might expect it to be locked down, so if that is the case, then the Linux crowd will simply stick to machines they build themselves, or have built for them that are not locked down. Simple solution really.
Maybe they can stop dual-booting, but what VMs?
Now that we can buy 8gb of ram for about $40; just run win8 in a VM.
It's not like you can easily install Android on an iPad either. You people bash Microsoft for what Apple has already been doing.
It's illegal here in the US also. The main difference is, the political climate here is a lot more friendly to anti-competitive behavior, and microsoft in particular, than it is over in Europe.
Ten years ago this might have been a viable threat to Linux. Today, however, Linux is worth too much money to too many people for this to be used to wipe it out. At worst, it will mean that cheap hardware will be locked down.
Dont show your general american political ignorance on random places on the internet. the world socialism does not mean anything near 'fascism', which was what you were trying to express in your pathetic attempt to link concepts 'tax' and 'government'.
... or alternatively, you can just take up some reading on what socialism, capitalism, fascism, social democracy, corporatism and so on means. its just a google search away.
if it was ANYTHING like socialism there, your ass would be secured in regard to employment, wage, social security and you wouldnt be even giving two shits about whether you were being taxed or not.
what you are going through is the early stages of fascism that comes after capitalism. there is NO kind of income equalization and redistribution happening. if it happened, you wouldnt be needing to save your own ass.
http://en.wikipedia.org/wiki/Human_Development_Index
the above index shows how better europeans are living with that socialism. your so very beautiful capitalist country has not ever topped that index, ever. and it always ranks 10 or lower.
just shut the fuck up and dont talk with what you heard from fox news or other right wing pieces of shit, will you
Read radical news here
Besides Windows locking out OtherOS (eg. Linux). Has anyone considered the possibility that malicious software (virus, trojan) might use the very same system to lock out ALL OSes (besides possibly, itself)? This would be a small upgrade from a bios/mbr virus. Malicious software (ab)using security tokens is not unheard of. Obtaining legitimate security tokens is not impossible either (DigiNotar anyone?)
I foresee very, very long queues in front of computer repair shops with computers that no longer boot.
If history teaches us anything, this is exactly like the trusted computing paranoia of years ago. You can still install Linux on today's computer, right?
Microsoft said they're trying to figure out how to allow users to dual-boot. In the //build/ video discussing the new Windows 8 boot process, the presenter said they were trying to figure out how to keep boot secure but still allow users to boot into Windows 7, since Windows 7 doesn't support this.
And if it works for Windows 7, it'll probably work for Linux.
MS wants to take advantage of UEFI, which has obvious benefits. Chromebooks work the same way, but we don't read any heated /. articles about it because Google is charmed and MS is "evil".
It is up to the device manufacturers to figure out a way to let the end-user ultimately take control of their own PCs. They could do that Chromebooks style -- a hardware switch -- or by distributing the key in a secure manner, such as mailing it to the owner's registered home address. Consumers who care about this issue should look for this feature in whatever device they purchase. What's all the fuss?
"We receive as friendly that which agrees with, we resist with dislike that which opposes us" - Faraday
Windows will be very hard to pirate properly now.
Why is this great news?
Because now people who can't pirate will switch to Linux instead! :D
systemd is not an init system. It's a GNU replacement.
An individual lacks the time to investigate "the truth of the statements of the logic of the conclusions" fully for all statements ever made by all other individuals. So some people employ a heuristic based on previous statements that another individual has made. Those who do not apply heuristics such as ad hominem are vulnerable to ad nauseam.
Certainly the big proprietary OS guys could choose a path which will lock out the rest for their advantage. However I'm positive I will be able to choose my PC components and my OS in the future same way as now. We're not afraid of where we're going We're just afraid of where we've been
"When all you have is a hammer, everything starts looking like a nail."
Just like in the real world, security is a very convenient excuse for trampling over people's freedoms. While I don't doubt that eventually there will be some technical ways to circumvent this, it will be yet another barrier for "normal" people to try Linux. How many people would bother if you can't even boot a Linux live CD without having to flip a setting in the BIOS which will likely have some very scary security warnings about not doing so?
Alex, I'll take keybindings not used by Emacs for $400....
What about laptops?
I think that case happens really rarely.
Rarely > never. Once all home PCs come with this lockdown, companies like System76 that specialize in selling PCs specifically certified for compatibility with Linux will start to run out of compatible PCs to rebadge.
"How manufacturers/retailers Can Lock non-stock-OSs Off PCs, that are sold with UEFI" But because this is /., this is OBVIOUSLEH!!!11 Microsofts fault, because they're requiring UEFI, thereby driving forward actual use of it, because at the moment, the majority of PCs still has a BIOS.
But god beware, if TEH EVIL MS actually supports something new! How could they?! They're Microsoft, so there has to be something evil about it, even if you've got to pull your reasoning straight out of your buttocks.
Why not have a GNU key which Windows will never trust as part of the firmware?
III.IIVIVIXIIVIVIIIVVIIIIXVIIIXIIIIIIIIVIIIIVVIII
...call my PC my trusted companion cube.
I fail to see how this new tech will become a problem. The hardware makers want to sell hardware. Given their already thin margins, it would be stupid of them to agree to limit their boards to any one particular OS.
That said, maybe Dell might try that in the name of security, but that is an end-product seller decision. There will always OTHER makers. You can buy new motherboards from the likes of Intel and Asus, build your own systems.
IF this conspiracy theory did come true, the number of lawsuits and investigations into unfair business practices would drown a the targeted company into oblivion. I guess that is one benefit to be such a litigious country now.
Bearded Dragon
This would be very unfortunate for Ubuntu which plans to increase their user base immensely or any new operating system attempting to make a splash in the market. I suspect the reason for this is that it is the easy way. Linux and Unix don't require this to run securely, yet are still secure.
Couldn't you just use Windows to boot into Linux?
Then they get a device that doesn't require it. It's an OPTIONAL security addition
The article I read claimed that Microsoft might require this lockdown on all machines preloaded with Windows 8. The Network World article cites a Microsoft presentation with a slide stating that UEFI Secure Boot will be "Required for Windows 8 client".
99% of all desktop users don't give a crap about Linux running on their hardware. They want Windows and, if they want Mac OS X, they will buy Apple's hardware. But I heard this year is the year of Linux on the desktop, right? Right.
none
Does this mean that you wont be able to install another version of Windows either?
The iPad is not Turing complete. A machine that is Turing complete can run programs that calculate things that Apple prohibits programs submitted to the App Store to calculate.
It's still far greater good to kill the boot time rootkits.
So a OEM can stop doing bios updates and that will = no more windows updates? or end up blocking updates that change the boot loader? So you will need a new system to upgrade to windows 9?
What about video card will you be locked in a small line of them? Just wait for dell to lock it down so you can pay $100+ the price of a video card on other on line stores from dell. What that new card that just came out BUY a new base system.
Will downgrading be locked out as well? IN enterprise use places are still on XP and are moving to windows 7 now.
Will you be locked in to the OEM windows ver loaded with pre instilled junk? And be locked out of doing a clean install from a windows install disk?
What about enterprise use where they don't want all that dell, IBM, HP crap on there systems?
What about booting to a imaging system? a boot cd / USB for recovering data?
I bought a Samsung RV520 laptop recently and not a single Linux-based 'live cd' would work. Install DVD's? No go. Then I noticed this UEFI thingy in the BIOS screen and turned it off. So then I was able to remove every trace of Windows.
Pardon me as I ramble.
As a guy in the phone support trenches for a certain OEM, I just have trouble seeing this work well for everyone.
I see often enough that businesses will buy a brand new machine with Windows 7 pre-installed, then blow away the OS load to immediately try to install Windows XP.
I have a hard enough time trying to teach these people that they NEED to include the Intel RST driver bundle in their image so that they stop getting STOP: 0x7B on their attempt to install or boot.
I have a hard enough time trying to teach these people that they need to make sure their image is aligned on the new Advanced Format hard drives that are going in some of the smaller form factor machines (usually it's a 2.5" drive), since they want to install XP on the damn thing, then complain a week later that the machine is very slow and almost unusable.
I don't speak to customers too often that aren't running some flavor of Windows, but the few I do run into seem happy when they get someone who understands the issue they've got, and will help them despite this OEM's general policy of not assisting with an OS that the OEM did not ship. These calls are usually large corporations that run Red Hat or SUSE or something else in their corporate environment, and prefer to pay for hardware support from the OEM I work for, just so they can have coverage for all of their users in nearly any country they visit.
Keeping that last bit in mind: An OEM that implements a lockout 'feature' that prevents an operating system other than Windows 8 from being installed had better have a backup plan that keeps businesses happy, or else they've just committed suicide. It's business sales, more so than consumer sales that keep OEMs going, because businesses buy big damn contracts. Piss off the big damn contracts, and you piss off your paycheck.
One of these days, I am going to flip out. When I flip out, I'll be back in five minutes.
Sure - make the key available
Good luck with that. If the key is available, malware installers can trick the end user into entering it as a prerequisite to see dancing bunnies.
They could always switch to Chinese MIPS stuff or something...
Alternately, maybe server hardware that's sold for Linux applications, stuck into a PC case.
Help me understand... all this does is provide keys and such... does it actually prevent anything from happening? My understanding of the tech is that it simply provides keys that allow the OS to know that it was booted cleanly and from the secure environment and also allows it to tell if the devices it's connecting to are really the devices they say they are and not rogue DLLs. Even if this system is in place, what's to stop Linux (or any other OS) from booting on the device and just ignoring the keys? Does the system itself actually prevent startup?
One thing that hasn't been mentioned is the fact that current PC's running Windows 7 or earlier don't have the UEFI bios and therefore can not be upgraded to Windows 8, assuming that M$ has made this an iron clad requirement. So unless the maker of your old PC offers a bios upgrade you are stuck with Win 7 or will have to buy a new PC.
Can you give a precise definition of "boot time rootkit" that does not include a competing operating system, along with a way for a computer to distinguish between the two? If I boot Linux and then run Windows in VirtualBox, is that a "boot time rootkit"?
You are telling me that this new instrument will stop from allowing anyone to install any other os other then MS at this time, because of new technology we are bringing out into the pc world? Is it related to the BIOS, because what I know about installations is that if you boot from a location (cdrom or usbkey) you can then install anything....so unless they are saying that the BIOS will not allow boots from other places other then the c drive and that they check with the os on the c drive first if you are allowed to reinstall, then I would have to say nay to this technology!
This is the general consensus on slashdot: lock in by Microsoft in order to combat malware = BAD, but lock in by Apple in order to combat malware = GOOD?
Man, it's amazing how much some people will vilify one company while championing another when both do the exact same shit.
I wonder how many of the people bitching the loudest here support Apple's patent warfare? This is just another tool to limit competition. This is what capitalism is all about, is it not?
Alternately, maybe server hardware that's sold for Linux applications, stuck into a PC case.
Good luck fitting server hardware into a laptop case. Or do you envision a future where desktops have x86 server boards and laptops are Loongson (sino-MIPS), and makers of non-free software can't provide a single binary that runs on both?
Maybe I'm reading it wrong, but this seems to imply that windows 8 will Only be available as purchased with new equipment. It seems far fetched to me that m$ would give up any sales as upgrades.
Also, scary is the prospect of depending on your device manufacturer to "bless" your OS upgrade (replacement/etc ). Does this remind anyone of the current mobile phone market ? I wonder if PC sellers wish they had the replacement every year or two the cell phone industry has. I can see it now... "I have to buy new computer because the new OS I want isn't signed for this old hardware"
I certainly wouldn't knowingly buy hardware with this restriction on it. (I'd accept it with published disable method )
MS is thinking of REQUERING any device maker that wants to use the windows logo on their product to secure the boot process so no other system can interfere with it, it is MS making these demands, not the device makers. No device maker cares about what you do with their product but MS cares about people installing another OS on hardware.
And if you think everyone who runs their own software can afford to buy a key from a registar, you are just a dumb fuck Windows user trading security for freedom.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
We are not talking about mobile phones, this is about PC's and PC makers have traditionally not given a royal fuck what you install once bought their PC. MS cares, Dell doesn't. But if Dell wants to use the Windows logo, MS will make them care.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I run linux in a VM, till now happy with the performace. Why mess around with dual boot, grub,lilo etc?
It seems to me that the major Android manufacturers have been introducing unlocked bootloaders lately.
Don't thank God, thank a doctor!
Sure, proprietary OS vendors will take advantage of it, Apple not excluded; but, the BIOS has to go. The BIOS has gone from a great idea to a problem. It is unnecessary, slow, and an attack vector.
Having to work for a living is the root of all evil.
This is getting ridiculous. First the game consoles are locked down, then the phones, then the tablets and not they are ready to lock down the PCs too. How long did it take open source (Linux) to make headway? It never would have happened if this was in place.
I say, if this goes down, then a big "open sit-in" at Redmond is in order. It would be great, like a OSS conference/protest all wrapped into one. And it would send a a nice message to the rest of industry too!
:T:R:A:N:S:
In the DVD case, the mechanism was *intended* so that DVDs could only be played by authorized players. Cryptographically speaking, this is a daunting task. At least for CSS keys.
This is more like getting a PS3 to execute a disc that you authored/burned yourself. There have been vulnerabilities, but it's no where near as trivial as DVD CSS and, afaik, a PS3 with current firmware is still considered unbroken. Having a device protect it's own firmware and next-hop code is relatively easy.
Oh, for FUCK's sake, will you give it a FUCKING rest with the anti-swearing BULLSHIT. Don't like it? Leave. And spare us the FUCKING WHINING.
"make a good business plan or come up with an idea" right ..... i guess all the 85% of american people, including the ones who graduated from colleges, are morons to not be able to come up with such ideas ... its you, the first person to be ever able to think about that.
....
and the already established players in whatever field are just going to let you come up with your business or idea and topple them, because they are morons too
not.
reality doesnt work like it is told in make-believe econ 101 and econ 102 books.
Read radical news here
Any serious user would install linux on a separate hd or ssd to benefit from the native file system. ..you could always add
I expect grub or lilo would handle the multiple boot even on Windows 8. If not
a boot loader via usb stick or cd.
Ok, I am not familiar with the Secure UEFI spec.. But what if you replace the hard drive, and install your OS on that?
And that could be a problem. More info:
http://www.itworld.com/it-managementstrategy/205255/windows-8-oem-specs-may-block-linux-booting?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+blogspot%2Fitworldvoices+%28Voices%29
Lets not forget that when the IBM PC first launched, the BIOS was the only proprietary component in there.
Only with the reverse engineering and clean room implementation from Compaq did we see the commodity home computer we now know and "love".
comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
Read Also, pre boxed computers. The margins on pre boxed computers are so small that 10 minutes paying someone to remove the OS is going to eat almost, or all, all the profits off that computer. And this time could add up, if just 1 out of 1000 computer users asked it to be done it would still add up to days of payroll time, where writing a memo to blow smoke up the proverbial *** of the consumer takes 10 minutes and no one but the corporate goons would know it is blowing smoke.
Kosh: "Understanding is a 3 edged sword, your side, their side, the Truth."
I don't know about the rest of you, but we're getting closer and closer to the day that a desktop PC is considered a relic. For the vast majority of people, "mobile" is where it's at. I'm quickly realizing that for what I spend most of my day interfacing with a "computer", I can just as easily do it with an iPad, assuming I have the bluetooth keyboard.
Admittedly, for development, a PC is a requirement, but, these days, a lot of development can happen under linux, on a server that you ssh into, and again, I'm back at the iPad/keyboard as a "on my desk" solution.
More and more, I'm using my mobile devices as my primary connection to the internet, and less and less, the power-hungry, noisy, slow, crash-prone clunker sitting on my desktop.
If telephones are outlawed, then only outlaws will have telephones.
Un-expeced Finger Isertion ?
I guess I was trolled before. Hope you have a nice day in your squeaky clean world.
Problem is, unless the device manufacturer gives a key to the device owner, it can also be used to keep the PC's owner from wiping out the current OS and installing another option, such as Linux.
I have a hard time believing that a PC manufacturer will not give an unlock key to a savvy tech user (which is the type that installs Linux). Unless I'm missing something here, this would not be different from me calling t-mobile to give me the unlock my Android phone and change SIM cards whenever I go to Japan (or anywhere else outside the US.)
Now, consider the typical Linux usage out there. There are plenty of trusty workhorses out there build with PCs and with Linux on them doing their job in different business settings (yes, not every Enterprisey Linux install runs on a mega-quad X-number core Dell box.) It would be very unlikely (I didn't say impossible, just unlikely) for OEM's to actually carry out a complete lock out of new hardware without providing any means beyond a phone call and a fill-form for a hardware owner to get an unlock key.
It would be another piece of red tape, an inconvenience of course. But I highly doubt that this will be a complete stopping roadblock to for installing a non-MS operating system in new hardware.
Yes, there will be a few computers sold this way BUT BUT BUT it will because the owner(business) has asked for the option.
The owner wants to be secure and won't put Linux or other OS's on their box.
This won't happen because the anti-trust groups would prevent it from happening. It would give a strangle hold on PCs to MS which just won't happen.
Then if the seller/manufacturer doesn't include the key, don't buy from them, and always remember to ask before buying... or build your own. :p
I'm not conceited, conceit is a fault and I have no faults.
This won't even stop rootkits -- rootkits will merely switch to messing with parts of OS that are not signed. What in Windows would be all of it except for a tiny bootloader, because they will have to allow third-party drivers, services and countless subsystems updates.
Contrary to the popular belief, there indeed is no God.
Actually, I think this might be a cool and useful feature - and I as the consumer and owner of the device should be able to set it to boot ANYTHING signed with the keys for that machine!
I see notes that if I enable the switch on the chrome book, it only boots "google-signed" images. It should boot "signed images" of which I should be able to make one for that machine! (or load user-specified keys into the firmware that could be used.).
Obviously, the "key loading" procedure is suspect -- but a hardware switch as part of the load process would prevent rootkit type abuse.
I have always thought that BIOS was fairly easy to use if you just read an article about it. I understand that microsoft is concerned about the "safety" of the computer, but i don't think that it should come at the cost of not being able to change the os
that's funny, because i found that when supplying people with GNU/Linux systems, they destroyed the O.S. and installed Windows XP on it. ok, they _tried_ to install Windows XP, but it turned out that there was something strange about the filesystem partitioning carried out by fdisk. the end-result was that these idiots ended up with absolutely no O.S. on their machines, because they'd destroyed what i'd delivered to them, and Windows XP would just sit there trying to do a "disk analysis", with the hard drive light spinning permanently. the solution turned out to be that they needed to completely wipe the front of the disk, to destroy the partition table. whoops...
We tried every trick on the planet to get a Mac Mini (current gen) to run linux and never could get it to boot. Which is too bad for them, because they lost sales. I had no trouble on previous Minis booting/running linux, and it was infuriating being locked out of the machine that way.
The real question is how people like Dell are going to handle it. And whether these machines can have multiple boot keys for multiple OS's.
I'm thinking about doing the same. What will happen with the music, or the hardware connected to the thin client, like pen drives?
Hosting 20G hd, 1Tb bw! ssh $7.95
I also dual boot Win7 and Fedora on this Thinkpad and Grub is the one in the MBR. However, I haven't succeeded in getting SP1 to download and install. Until now I just figured, "That's just Windows" and didn't care since I only boot it when I'm doing the 'well does this damned site even work on Win+IE?" test and that doesn't happen often anymore.
But I have been saying for a couple of years that while before Microsoft's future vision was to make the PC into an XBox that it changed recently. Now they are clearly back to chasing Apple's taillights and thus intend to make the PC into an iPhone/iPad. Windows 8 clearly has that goal, from the look, the walled garden, App Store, no Flash and now the chains. And these won't be cool designer chains that the elite can jailbreak anyway, these willl be nasty rusty and you will need shots after handling em. Just wait until the malware gets to take over and Norton won't have the keys to even run. No boot a Linux rescue disk to fix things or even try to save the data. Microsoft Hell(tm). If they could have pulled off this stunt with Vista they would have succeeded, but the OEMs just couldn't ensure delivery of TPMs and the corporate world rebelled at the.idea since Microsoft pushed it as a sop to the content industry to protect 'the precious' so they backed off. That was a mistake on their part, because their moment is past and I don't think they can get away with it now. There are things an 800 pound gorilla can get away with that a 700 pound one can't quite manage and Microsoft is now down just a smidge in monopoly power.
Democrat delenda est
>If you buy a name brand machine, then yes, you might expect it to be locked down, so if that is the case, then the Linux crowd will simply stick to machines they build themselves, or have built for them that are not locked down. Simple solution really.
Linux will never thrive in small businesses under these conditions - and that's where Linux is best suited to start, where people are very cost conscious but need flexibility and reliability.
Having to get specially built machines would be a chilling effect indeed.
don't be a spelling loser
Laptops.
The personal computer is no longer owned by a person. They might as well lease us the equipment if they want to keep it locked down so tight.
Another MS shill that actually still believes that Windows has better driver support than linux.
I applaud the Linux developers for managing to support so much outdated hardware. But among machines less than six months old, this is the case. A lot of things on laptops occasionally require the use of Google and then editing config files as root before they'll work on Ubuntu. Examples of features that don't "just work" on a fresh install from the past two laptops I've owned have included Wi-Fi (Eee PC 900: had to use a wired connection to download, compile, and install a driver), Bluetooth, webcam, suspend (Inspiron 1012: one version of Ubuntu froze coming out of suspend due to race conditions and whatnot), and hibernate (Eee PC 900: coming out of hibernate would cause X to crash a few minutes later).
Or has Ubuntu become the wrong answer for Linux users?
What will require MS force is making the manufacturers depend on secure boot to be allowed to be marketed as Windows Compatible.
What will require MS force is making OEM providers ensure that this secure boot cannot be removed at all.
Since MS have used tactics like this before until they were threatened with massive fines, why do you think that they won't do this now?
Excuse me?!? (and the rest of the world, while you're at it)
"why you're buying a computer with Windows to begin with if you're going to install Linux anyway, you're just throwing away money"
In most parts of the world, even if the shops are obliged to be able to sell you a computer without windows, they don't... and further more, a lot of people have dual-boot, so they can keep their work and leisure separated (ie windows for games, and *nix/*bsd/whateverOs for work).
If i want to buy a laptop and run linux or whatever on it, i should, and no F#ç!n company or other entity should stand in my way...
being able to secure your boot portion of the uefi is not the problem here, it's taking away the possibility to remove/disable this security (or to have an option to put it in read-only, wich is a much better solution), it's the fact that they're screwing us over, using a CA cert to verify your boot? so when it expires you'll be stuck with a working but disabled computer? this 'll only lead to more idiots trying to hack CA-authorities, wich they should not. I call this bad use of technology, and they're trying to lock out other os vendors, wich i believe is in contradiction with several international laws.
The sad fact is, that microsoft was the great innovator in this space. IBM, who came before them, didn't allow any os but their own to use any hardware they produced, nor did they allow any competition on the hardware side of things. They were like apple's iphone business.
Microsoft is the reason that you can install alternative operating systems in the first place. Everyone else managed to blow themselves up, despite having a really strong opportunity. DR-DOS, Concurrent PC-DOS, CP/M, FreeDOS, PTS-DOS, ROM-DOS, Novell DOS, OpenDOS and I'm not even providing a full list here. Geos, PC/Geos, GeoWorks, MAC/OS, OS/2, Amiga/OS, BeOS, Iris, NextStep, RISC OS, Visi On... Microsoft openly competed with all of them and won, mostly on technical merit. Apple was one of the companies that used the courts to prevent alternative operating systems from becoming possible, and has always been openly hostile to competition. Along with that, Microsoft created the market for hardware innovations (my apologies to any lisp/c64/... machine addicts, but ... even you know what I man). You should give them credit for that, even if that credit mostly belongs to Bill Gates, and little claim can be laid to it by the current microsoft crew.
Microsoft is the canonical example of a company that faced lots and lots of competition and won mostly on technical merits.
Besides, I'm kinda starting to hate this anti-microsoft bashing. It's been years since I've used any form of windows on my own machines, or at work. There is no anti-competition behavior microsoft might be doing of that apple isn't doing 10x worse. Compatibility with iWork ? Just try it. Yet apple is not just forgiven for being anti-freedom, but actually revered for it. "A curated experience is better" and so on. And on apple machines, you really can't install the software you want, because there are actual, technical control measures in place that actually try to prevent it.
In this case, people are afraid of what microsoft *might* at some point, try to do. Great. Microsoft, today, isn't the problem. Apple is the big enemy of software freedom today. Microsoft is mostly becoming less free by imitating apple.
So please, let's shelve this discussion until apple has been broken up into a hardware business entirely separate from the software business. Including on the iPhone front.
I haven't seen this mentioned yet, so forgive me if it has been...
I just see this as a way to extort more fees for pre-configured machines. Say you order something from Dell, IBM, whatever... $20 fee to include a piece of paper with your PKI key, so you can install your own OS. This not only protects Microsoft, but has a potential to pad the margin for manufacturers, all while sticking it to the consumer.
Something witty.
...to enable or disable this. If you buy a name brand machine, then yes, you might expect it to be locked down, so if that is the case, then the Linux crowd will simply stick to machines they build themselves, or have built for them that are not locked down. Simple solution really.
Not a big problem for desktop PCs and servers, but Linux laptops might be more difficult.
If this is something MS can do, of course they will do it! Why even ask? The only glimmer of hope is that they're scared by some kind of anti-trust thing.
to mitigate the realms in which open source software can compete, but this is a very valid method of convincing developers that Richard Stallman was indeed correct, and that GPLv3 is a logical if not necessary path. many have said system builders will turn back to places like newegg and continue to build from components, but in all actuality many motherboard and component manufacturers are required to adhere to the microsoft doctrinal standard including i suspect ACPI obfuscation in order to attain certification. lockout could be considered a part of this to curb enthusiasts and ensure compliance another component microsoft may not be fully aware of is just how much Microsoft benefits from the open source ecosystem. Platforms such as wine, cygwin and samba are seriously pleasant things for many windows administrators and enterprises to have. What microsoft is doing may very well press these players into the GPLv3 realm.
lastly, did Linus think this might happen? that one of the worlds largest players in the tech industry, who determines what netbook OS acer ships and what chipset asus puts on their motherboard, would decide to kill linux by the very limitation torvalds himself championed as a right?
things like GPLv2 and 1 as well as the BSD licenses rely on good faith and to some extent corporate benevolence when faced with tricky things like source code in order to help them grow as a project, as loathe as some are to admit this. If Stallmans blobbed android argument wasnt enough to convince you of the necessity for GPLv3, then perhaps microsoft will force our collective hand.
Good people go to bed earlier.
Does Secure UEFI make it so I can't upgrade my current box? From the sound of it, at a minimum I'd need a motherboard which supports UEFI and has M$'s key on it. New motherboard would dictate which CPUs, RAM, etc, are compatible.
Stopping dual boot or changing the OS by users would stop the market penetration by Linux. Maybe the knowledgeable Linux crowd might build their own computers but this is beyond the capacity of probably 99% of computer users. Market penetration by a competing OS would be stopped cold which is what MS wants. They want to stop the downward slide of Windows. Yes, Linux has a very small share of the OS market, but what about some new and different OS that is developed in the future. This would stop them from even starting. It's not just about Linux.
Every unit should have a unique, device-specific key installed as well as the vendor key. And this should be etched or printed on the back or bottom plate, much like Windows license keys are printed on laptops today. Perhaps as 2D barcode, since it will have quite a few bits in it. This would protect the device from rogue software without interfering with the rights of the owner.
Of course, the real objective of all this is not to protect the owner and his device, but to protect the vendor and their revenue stream. I expect they'll start using baked-in certificates which expire in a couple years, thereby bricking the device entirely once it is out of its support period.
Most likely there will be a single key from Microsoft that MS will use to root sign and validate Windows 8 and future versions of Windows as well as device drivers and things and any Windows version they release will function on any UEFI chain-of-trust-enforcing PC. Same with drivers, any driver that is properly signed for Windows 8 should run on any Windows 8 system without breaking the chain-of-trust (same way driver signing for Windows 7 x64 works now or how driver signing for the Windows 7 Protected Media Path works)
Also, boxed copies of Windows will not require the UEFI chain-of-trust because if they did Microsoft cant sell Windows 8 as an upgrade from XP/Vista/7. I see no reason why boxed copies wont RUN on a chain-of-trust-enforced machine though.
For disk imaging tools and rescue disks and recovery consoles and such things (including forensic tools used by law enforcement) the manufacturers of such tools will simply get their tools signed so that they are allowed to boot without breaking the chain-of-trust (and are therefore allowed to access resources protected by the chain-of-trust).
Corporate users will be given the tools they need to build the Windows+Office+Outlook+Norton+whatever images that they are building now and deploy those images to the PCs whilst maintaining the chain of trust.
Oh and Microsoft themselves have said they want a solution to allow dual booting Windows 8 alongside Windows 7 and if you can boot Windows 7, you can almost certainly boot Linux (I doubt Microsoft would retro-fit the secure boot stuff into Windows 7)
Unless the key comes on a sticker on the pcb, don't buy these motherboards. Let them rot on the shelves.
Don't kid yourself. It's the size of the regexp AND how you use it that counts.
I must say you are not getting the way of the future here. There won't be any machines you can build yourself. The best and newest mobos will not support anything but Windows. You've been outmaneuvered - they've been working on this for over ten years.
Just as you can't shut off GPS tracking on your phone, or the mic for that matter, you will not be able to bypass the switch on the mobo. Try to deactivate it, and the encrypted embedded software will prevent the board from booting, period.
And remember this: any encryption on that subsystem will enable Microsoft to invoke the Digital Millenium Copyright Act against anyone who "breaks" the encryption. You might have rights to mod the hardware, but you have *no* right to break the DMCA and decrypt the bootup blocking software. This is a trap sixteen years in the making. Welcome to the future we warned you about.
This is about as good an idea as car manufacturers welding the hood shut on all their card so only the factory can repair the engine. This is the kind of analogy that needs to be really PUBLICIZED to the Big Box computer shopper.
A "DON'T BUY UEFI" campaign should be started NOW !
I toyed with UEFI boot on my Asus E35M1-M Pro. It more than doubled boot time for Win7 compared to forcing plain BIOS. WTF?
Eloi are stupid, throw morlocks at them!
Laptops?
Intel is planning on putting shit like this on ALL their chips as well using tech from the McAfee purchase. Just as you lose Internet freedoms in the name of copyright and child protection, we'll lose PC freedom in the name of anti-virus and malware.
And in both cases, the real bad guys will walk right around it, while we stand there in the virtual TSA line with a rubber gloved hand up our ass.
I8-D
System 76.
This could make repair/recovery much more difficult.
The parent is the perfect example of why down-mods encourage group think.
The writer's argument is very well thought out and, to me, and a perfectly reasonable observation. Others who agreed modded the response to +5 Insightful at one point. But the post score went back down slowly to +1. ( By the time I finished writing it is at +0 Troll ).
This is destroying Slashdot's credibility and thus usefulness.
One suggestion I would recommend to fight Slashdot group-think is to remove down-mods like most comment systems nowadays.
Also, an alternative would be to only allow answers that haven't been up-voted to be down voted by the masses. Once a comment has been up-voted ( or maybe up-voted twice ), it would not be eligible to be down-voted ( except by an admin maybe ).
Detractors can always up-vote alternate viewpoints as they're suppose to be doing in the first place.
If an individual can't do those then why is he even posting?
If every poster were to spend the time and money to read the article and every source that the article cites, each Slashdot story would have about two comments. Say a story or comment relies on conclusions presented in an article in a scholarly journal, and the research wasn't funded by NIH or another organization that requires open access. Not all participants in Slashdot discussions are affiliated with a subscribing university, nor are they willing to pay $35 for pay-per-view access to the article. All they can do is guess, based on the news story, the abstract, and the sources of funding, at what was in the article.
Furthermore, you mention Xbox 360 and PlayStation 3 platforms. Video game console makers are known to use the genetic fallacy, which is effectively the same as ad hominem reasoning, when they assume that all video games developed by teams of individuals working at home are of such poor quality that they would tarnish the console's brand. Case in point: Nintendo's refusal to allow Bob's Game on its platform. This behavior has made me into a sort of home theater PC shill.
It seems bizarre that people think that MS would bother spending resources on trolling Slashdot
I don't think it's people acting on Microsoft's behalf as much as independent fans who at one time thought a Microsoft product was the best solution to a given problem and then decided to stick with "the devil you know".
Dont buy any computer with a Windows 8 logo.
Its not just linux that is blocked its also unsigned versions of windows.
Who makes all the generic motherboards we use?...China.
Who pirates software more than anyone else?...China
Do you honestly think the Chinese mobo makers are gonna make motherboards that wont run windows 7 (or pirated Windows 8)
No microsoft cant block their import... "No sir, these motherboards are made for running linux...not pirated windows!!!"
remember this term "Substantial non-infringing uses"
If this actually happens... I just won't be using Windows anymore. I don't need it anyway. Last time I logged into the Windows part of my laptop, was early July. That was just before I installed Ubuntu so I could have dual boot.
The fact you consider a simple word a 'swear' word is highly indicative of a poor education and a very weak mind.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
And since that corporate version of Windows is signed with the Windows key, just like the OEM preinstall, how will this mean that the hardware isn't locked to a Windows only OS?
Which works as long as you don't mind giving up your Linux laptop or are willing to lug a desktop around with you when you go on vacation.
If it's implemented in a way that prevents people from installing other OSes on a computer, you can be pretty sure that there's going to be at least a few antitrust violations involved.
just install grub to an alternate partition and create a 512 byte file (linux.bin) of the first section of that partition(containing the bootloader). Copy that file to your C: drive and add the to the list in your windows NTLDR. Then configure windows ntldr to automatically load the grub option. I am currently doing this with win XP and I don't see why it wouldn't still work...unless they have eliminated the NTLDR too. It is essentially a variation of this method http://www.gnulinuxclub.org/index.php?option=com_content&task=view&id=138&Itemid=31
With both Apple and Microsoft dumbing down their OSes, I was expecting either Linux or a future upstart would take over the power user/content creator space. However if computers start getting locked down, using an alternative OS is no longer practical. If Apple and MS succeed in killing the PC as we know it, what alternative will people that have a use for proper full-power open general purpose computers have?
Are these companies really so short-sighted that they'll kill the creation-boom fueled by the general purpose computer for the sake of short term profits?
Never mind. That's a stupid question.
So here's my challenge to the community: I can explain easily why "activation" is a horrible idea (and, I note, the military has been one of the prime drivers for versions of windows which don't require it) but what I'd like to be able to better draw the line about is not "how is xyz technical issue bad for the military" which I regularly do, but "how does abc legislation encourage manufacturers to use xyz technical solution which is bad for the military." If we can get a good answer to that, its the sort of thing that would go great in a letter to, say, republican legislators...
A lot of the open source community is not a fan of the military-industrial complex. I understand why that's so, and, despite my job, even agree. But I would argue that on the issue of DRM, in many ways the military industrial complex could be a serious ally. I can speak of countless situations where DRM related issues have cost the government time, money and opportunity, and while probably many of you will argue that they don't care, in fact a lot do, and it makes a much better and concrete argument relating to the national interest why these things may be bad.... so even if it doesn
Well, the chips are available, and Clevo does make "server-class" laptops.
Alternately, consumer and business laptops will be locked down to Windows, iOS, and Android, enthusiast laptops will be luggables.
I'm reading this as "boot sector protection on steroids" - a security feature that could be disabled in the bios...
so just disable the feature, dban the drive, then install the free OS of your choice - or just go back to building your own computer ...
It ain't what they call you. It's what you answer to. http://mylyceum.us/
I see that the discussion here seems to only deal with how to buy a machine and install something other than Windows 8 (linux, Windows XP, whatever). But in my experience, most linux boxes started life as a Windows-whatever machine that was "cast off" by the user, and given to someone else who installed linux. I have three machines in my office, one bought recently with Ubuntu installed, and the other two cast-off machine that my wife used to use to run Windows ("for work" of course; she's actually a Mac fan and hates MS ;-). One is over 10 years old, and is still doing its job as our gateway/firewall/router system just fine.
The obvious interpretation of this is that a "used" computer couldn't be retargeted to a different task by installing a different OS. Only an OS approved by the original vendor would boot. If this is wrong, and there's a practical way to retarget an old machine that has this "security" feature, it'd be useful to have it documented.
One interpretation is that it's may not be intended solely as a "linux killer"; its primary reason may be a desire to kill any use of old machines, and force everyone to buy a new machine if they want a different OS. After all, the hardware vendor would have a strong motive not to approve such retargeting, and force customers to buy new hardware instead. This would apply to old MS OSs as well as linux or minix or itron or whatever.
Again, if this is wrong, rather than an "OMG, we're fsck'd!!!" rant, it would be useful to explain exactly how one might take an old, cast-off machine, and rebuild it with a new OS (of any sort). If this can't be done easily, then it's time for a rant, lots of publicity, and maybe a few lawsuits.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
I like a challenge......a bit easy really.
...since people can still buy their own components, building their own machine, they have an option to install Linux.
Please tell me why I can't install iOS on my Blackberry or Android on my iPhone? Oh, wait...
Games are not the only thing computers are used for. I don't even consider games when I make a purchasing decision.
I've fallen off your lawn, and I can't get up.
http://www.phoronix.com/scan.php?page=news_item&px=OTQxNg
Right now, such a machine, as it is delivered to you today, can't run Linux. Well it can, really, using 1.8Gb of RAM.
This is happening, right now.
pX
While I think the actual risk of the nightmare scenario happening is pretty low (*), there is one way the problem is being described, which is terrible.
A UEFI machine without known keys doesn't lock out Linux, it locks out the owner of the machine. That the owner might happen to want the penguin is almost irrelevant. You're talking about a scenario where people are buying combination locks from a manufacturer who doesn't tell the combination to the buyer. This is a bigger issue than Linux and should be described as such. Tell people you're talking about everything turning into iPhones and Xboxes. Inability to install Linux isn't the problem, it's an example of the problem.
That all aside, Microsoft is not going to make contractual agreements with manufacturers to withhold keys from users. They can't do that with opening up a can of inevitable government whoop-ass.
(*) except in scenarios where people buy their equipment from industries kind of "off to the side" from the manufacturer, like how most people (in USA) buy handheld PCs from their ISPs right now. Or I can see it happening with computers built into cars, for example. Shit like that.
Unless I can manage the certificates that are in there. I'm sorry, you want to sell me someone from China that could include something I have no control of? Take your business elsewhere.
When was the last time you built a laptop from parts?
Gunna speculate its even longer than when I last used a desktop (long time ago!).
2011, the year of the end of the linux desktop?
I knew that; I was using a pedagogical simplification. When people say "Turing complete" of a physical computer, they really mean LBA-complete. Please allow me to rephrase:
The iPad is not LBA-complete. A machine that is LBA-complete can run programs that calculate things that Apple prohibits programs submitted to the App Store to calculate.
...and feed it to my Mac.
(waits a few)
Why, hello there, Linux OS.
Or, I can just double click on the Terminal icon and get a BASH shell.
Microsoft, why u no stop acting like a dick?
Guaranteed! This comment 100% Anthrax free!
Hmm... This is really disturbing... If it's true. Though like most of the other protection windows tries to put on their operating systems, I doubt this will be as strong as it's meant to be. I suspect it will be cracked a few months after coming out.
All the world's a CPU, and all the men and women merely AI agents
I don't think I will be able to convince the purchasing department at my work to buy bunch of bits and pieces and let me build my own laptop.
AccountKiller
Only in the US, that is. The rest of the world will happily hack, crack or otherwise disable this crap without second thought.
Besides, it only takes one (1) smart mobo manufacturer to realise they get all of the non-windows market when they don't include the pricey chips on their gear. They won't let that opportunity slip.
TL;DR version: DRM doesn't work. Never has, never will.
If you can toggle the thing on and off, that really defeats the whole purpose of it, now, doesn't it?
Unity? Screw that: XFCE. Slashdot Beta? Screw that: SoylentNews. Australis? Screw that: Pale Moon. UX developers DIAF
Wow, what a stupid move that would be, to lock out the device owner!
Great reason to build a rig and totally circumvent the big box brands!!!
Big data centers which buy thousands of machines at a time to run Linux will insist on being able to do so. We'll certainly see rackmount machines that will run Linux.
Does the same hold true if Linux comes preinstalled and for some ungodly reason we want to install windows?
We show geeks how to get their dream girl at EyesOfOdessa.com
Comment removed based on user account deletion
I really think this decision is so retarded that it will cause Joe Public en masse to finally wake up and wean themselves off of their Windows addiction.
Hopefully enough people will vote with their wallets that Microsoft will be moved so far along their own path of self destruction that they will reach their goal early.
This story needs more aluminum foil and less content.
Oh, wait. No - it's already full of ridiculous paranoia and FUD. This is not going to happen, and you're retarded if you think it will.
I'm not real savvy with everything being mentioned here, but what if I buy a machine with Windows 8, and in a couple of years the better version of Windows 8 (which will be named Windows 9, right?) comes out and I wish to purchase Windows and upgrade my existing machine?
Will this not prevent, not only the installation of a Linux OS, but also ANY OS other than what comes pre-installed? And if so, wouldn't that work against Microsoft, since people are stupid enough to buy the next $200 version of Windows when it comes out, regardless of the quality, thus taking away a lot of revenue from Microsoft?
guys, this is just rediculous.
the article is plain wrong:
1) windows 8 will run fine on existing non-UEFI computers.
2) windows 8 does NOT require UEFI/PKI.
3) the only requirement here is for a new computer to get a 'built for windows 8' sticker on it, it must use the UEFI/PKI authentication.
it's about the sticker people, nothing else. if it has the sticker on it and you want to run something other than windows 8 on it, DON'T BUY IT!
Fixed the title for you. This has nothing to do with Microsoft, the power is entirely in the OEMs hands to implement a broken UEFI.
Wake up guys. Do you think the manufacturers will be in the hands of microsoft?
Will just put an option in the BIOS ( Windows | Linux | Others).
Issue 1:
The OS can be subverted by a rootkit:
The system is designed such that it is not possible to change the core of the OS, except by patches from the OS vendor. This could be used to pull off other dirty tricks, for example to install DRM that makes it impossible to output music in decent quality, unless the music player identifies itself with a key. One could imagine that this could also interfere with your ability to record your own music, e.g. a birthday song.
Issue 2:
Assume the OS core somehow IS subverted by a rootkit:
This could for example happen by someone getting at the master keys for signing OS updates. Or by a hardware vendor submitting a bad driver.
When it happens, you are completely fucked, a bit like you would be with already existing trojans that encrypt your data and ask you to send money for the decryption key. The reason that you are fucked is that most of your data will also be encrypted, so that it is impossible to recover by just placing the HD into a different PC. And in addition, it is harder to remove the rootkit, since it is now part of the protected OS core.
Finally, to sum it up, what is wrong with DRM is that it places control over the device you just bought with the OS vendor, not with you. So you just bought a device that doesn't really belong to you, but to the state and the music industry.
Hey don't blame me, IANAB
Any big corporations buying Windows 8 PCs en masse will have a solution baked into the contract. I used to work IT for a large Aerospace company, and we would always blow away the factory-installed OS and put our in-house image on the machine.
This concept will be accommodated and big business will keep on keeping on.
On a smaller scale, any individual who wants to install Linux on their computers will find a way to do so.
For the other 99% of the non-business population who just want a windows box for their home that doesn't crash and runs well... this change will be completely transparent.
Fuck you cunt.
That is all.
Yes, IBM's enterprise machines, up until recently, let you run no alternative OS. But the IBM PC has been open from day one. You've always been allowed to run alternate OS'es on your PC. You thought Microsoft "let" you run alternate OS'es? They did not then, and do not now, own the PC HW architecture. It was IBM's openness that let you do this, not Microsoft's.
(IBM did try to keep some of the particulars of the BIOS secret to prevent PC clones, but it was swiftly reverse-engineered and IBM did not stop it, despite the long-demonstrated ability to have their lawyers crush the opposition.)
Look, it's just a hard drive. They're so !@#$ing cheap now. Take the damn thing out of the computer and SMASH on it sharp rock (yeah, when I bash Micro$oft I really BASH 'em!) Install new drive...cost $50. If you're not tech savey enough to put in a new drive...another $50 to the local tech shop.
Every Linux box I've ever had has started life as a Windows PC. My first was my older Windows box that I had already replaced, and loaded Linux on as a lark. Later, I got castoff but still good machines from work to use as file servers, etc, around the house. This is a really common use case.
What's the problem... just use VMWare or similar to run Linux under Windows 8 :-)
Why is there no HARDWARE BASED OVERRIDE to turn off this behavior? No software or root kit could EVER change a jumper or DIP switch on the motherboard. So wouldn't it be reasonable to have some [not terribly easy] hardware based way to disable or reset the locking when a customer doesn't want it or needs to be able to install something else?
Plus- how are people going to feel when their brand new computer right now can't upgrade to MS-Windows 8, simply because it doesn't have the lockdown feature?
Some motherboards will have a switch in the bios settings where you simply turn the UEFI stuff off. And some will have a jumper for disabling it. Because some manufacturers are in the "enthusiast" market, selling to people who use motherboards in strange ways.
And for the rest - you can flash a different BIOS, there are providers of alternative BIOSes. Or wait till someone inevitably leak (or reverse-engineer) the key used for signing. Some manufacturers may be light on key security if it helps sales.
I got a netbook with a solid state drive. It was running XP, which was constantly thrashing the drive. I installed kubuntu and it runs awesome now. I have also used various linux installs hundreds of times to fix broken windows systems. So Win8 and later if the system is broken it has to go back? What a fvckin money makin scheme. /rant
If Microsoft went ahead with this, it wouldn't be long before the technology was broken. Then it'd take a bit longer to figure out how to incorporate that hack elegantly into a Linux install process. I don't think there's much to worry about as a Linux user, provided you believe that the open-source community is collectively able to outsmart Microsoft.
RS
windows 8 will run fine on my homebrew PC
Which homebrew laptop motherboards and cases do you recommend?
How about requiring physical interaction? This would resolve the security issues without harming our right to modify our own hardware.
At first, I thought about some kind of "while rebooting, press and hold Scroll Lock to allow the install", but the keyboard is driven by low-level I/O firmware, so that's out.
Then I thought that a physical button would be good, but the scammers could fool Grandma into pushing it "to protect your PC!"
How about a jumper that, while open, does a one-time skip of the UEFI enforcement, and prompts you to sign the new UEFI yourself?
This solution fits the problem -- without unduly interfering with our ownership rights. It's a pain for a newbie to crack the case, but maybe that would be educational, too.
Now I'll have to virtualize Windows inside of Linux when I feel like running it....Oh wait, I all ready do that.
That's a whole lot of assertions based on precisely no evidence. No statements from Microsoft. No actions by Microsoft, other than their intention to use UEFI. In fact, if one can disable UEFI in hardware after boot, that would render the issue moot. Is MS also going to strongarm manufacturers to exclude that feautre?
The Ars article was a lot less 'chicken little':
And while it is still a rumor it can probably be taken as a fact that disabling this feature (if made possible by the manufacturers) will likely cause Windows to not star
According to this post on msdn.com, that would appear to not be true. MS claims to support legacy BIOS as well as allow dual booting. They don't specifically mention Linux, but I don't think that was an intentional slight.
Not to mention which, since the last round of DOJ suits, MS has seemed to stay away from blatantly anticompetitive tactics. And this would probably be the most blatant they've ever done, if they were to do it.
Basically, while I like to bash MS as much as the next guy (as long as you're not the next guy, apparently), do you have absolutely ANYTHING to back up some rather bold claims?
if they make it so you can't just turn off the security feature and install linux the European union will smash the shit out of them.
This is a joke. I am joking. Joke joke joke.
Seriously, every time he opens his mouth he sounds like a conspiracy nut but he is so fucking on the ball that almost everything he says eventually comes true. His 1997 article The Right to Read may have seemed ridiculous fourteen years ago, but reading it now it seems masterfully prophetic:
And what about the hardware companies that pop up to fill the unencrypted niche market?
http://www.performantsystems.com/GM.html
Did you not understand the sentence? Do you not understand that every PC made by OEMs that have Windows 8 installed WILL HAVE the Windows 8 logo, so THEY WILL be locked down? Grandma doesn't build her homebrew PC. She buys it from the OEMs. I guess it's ok for her to get screwed though, because *You* still have your own homebrew PC. Screw the community why don't you.
Nobody sells anything without Windows around here that's anywhere close when it comes to low price; about five electronics etc. chains have the market cornered and locked into a low intensity price war.
When I can buy a damn good cheap computer for what amounts to a week or two of food by taking a trip to a local store I'm not going to bother getting one from abroad (and particularly not from the US, that would be madness).
My major concern is re-purposing computers which have Windows currently. I don't consider myself to be a computer manufacturer, so I buy refurbished PCs (cheaper) and install Linux. I've done this with several towers and a few laptops. This won't affect me personally, as it will take a while for this new lock-in to filter down to the refurb market and by that time I may be doddering away in a retirement home anyway, saying things like "By cracky" and "In my day" and reminiscing about core memory.
Boo hoo!! Its fine by me to knock Microsoft. Both at work and home I have paid for so many buggy MS operating systems over the years since MS Dos, and usually the only solution is to buy the next version, which is equally buggy.
Heavy is the head that wears the tinfoil hat.
So to put things simply, manufacturers want more money, and they are probably going to achieve this by locking their hardware to specific software, so if we want to upgrade or change software, we have to change hardware. Clever!
No big deal, I'm sure people will still be able to reverse engineer the bios to allow any software to be installed.
If you're worried about GPS tracking on your phone then you should look into buying a Windows Phone. On them you can globally disable all location services.
Microsoft did not have anything to do with the PC being open or giving you the ability to install a different OS. You can credit IBM with that. Microsoft went out of their way to make sure you were stuck with them. Remember the OS/2 subterfuge? Remember the DR DOS lawsuit and subsequent settlement. Did you forget the DOJ antitrust lawsuit and subsequent consent decree? If "technical merits" are the magic that picks the winner, you would be running some variant of BEOS or OS/2 right now.
Wonder why you can't get more than 2GB on a netbook? Blame that one on MS. It was their policy to cripple the low cost netbook market that was giving Linux a foothold. If you want a 4GB Linux netbook, tough shit. MS won't allow it to run Windows and manufacturers won't make a separate one for the smaller Linux market.
Microsoft has a long history of anti-competitive activities. IBM made the PC architecture open and began the PC revolution. MS has been closed and anti-competitive since day one. The Windows 8 logo crap is just another example of MS trying to force everyone to stick with Windows in the face of a changing environment. I think it's fantastic that a deep pocketed Google is backing Android for tablets and smartphones to finally break the stranglehold MS has had on the computing market for far too long. Metro and the logo crap are the blowback of MS panicking at seeing the game change right in front of their eyes.
It's about time.
Yes there is no reason why they wouldn't just provide the option to turn it off in BIOS, or to enable other OS certificates to be installed.
It would be an option right next to the boot device order.
Its just a secure boot area, go into BIOS and unlock it to install/upgrade your alternate OS, then lock it again when finished to protect yourself from rootkits.
Hardware manufacturers have no reason to want to restrict their product to Windows 8 only, they know there is a market for other OS's, including Win XP.
PC's are a different case to the locked down devices such as iPad, games consoles, Chromebook. The OS is part of those products, Windows on the other hand is third party software which you can buy separately in a box.
Unless Microsoft release their own branded tablet/laptop (for example an xbox360 packaged as a laptop, which is entirely possible) then they have no hope of getting away with locking PC's to Windows.
Could you imagine the ass whooping they would get for trying? Look at their history, such as the trouble in EU over Internet Explorer bundling.
From my understanding of the technology this simply places a lightweight OS between the traditional bootloader and the BIOS. The BIOS doesn't have much space to store malware in, and since its different on different motherboards, why even try when you'll probably break the system anyway. Doesn't providing a lightweight OS that has access to far more storage and all the hardware in the machine that starts before your OS boots present a new era for virus writers?
To offset political mods, replace Flamebait with Insightful.
couldn't you just get rid of windows by chucking the hdd in another (linux booted) pc as slave/non-boot disk and use gparted etc to delete partitions? if you're booting linux with the windows disk tagging along for the ride (ie no microsoft code has a chance to execute), how can it protect itself? the only way they could really stop you is if they struck a deal with hdd/cpu/bios manufacturers etc to lock out anything but windows.
even easier... just stick the hdd in a usb enclosure and gparted it (don't even have to reboot your linux box)
Holy balls, people! Yes, the headline is alarmist, and the summary a little sensational, but really, what is really a valid topic has been MS astroturf-bombed into oblivion. I don't want to blame soulskill (or whatever the fuck "julie188" is), but this entire thread is nearly 100% carefully crafted Microsoft astroturfing bullshit. The hardware vendors are MS's bitches - pardon my French, but it is true - and the lockdown is a total wolf in sheep's clothing. Demonstrable benefit to locking down the BIOS? Absolutely. Immeasurable harm to newbie hobbyists and experimenters (which is where we ALL started)? Beyond question, and vastly more harmful to the free software environment than the alleged security benefits. This makes me ill. Taco is gone for what, a week or two, and we are already subsidizing MS propaganda? Sorry, but this post may be the bellwether of Slashdot's untimely death. Goodbye.
...linux enthusiasts should just avoid windows logo boxes. you can get more bang for your buck if you build a machine yourself anyway (been there, done it). buy the components individually and you won't have to worry about having to try to crack any stupid oem keys. if anything it will probably put a small dent in microsofts market share because linux enthusiasts may have paid the microsoft tax just to avoid building a system. now they'll pay a computer shop $25 to build it for them without going through oems (better for local economies and all that).
Microsoft OEM's are not required to sell their computers preloaded with any operating system, nor are they required to restrict their computers to only allow one operating system to be loaded and used. You can buy computers with no OS from pretty much any OEM, and all of the big ones like Dell, Toshiba, HP, IBM(lenovo) etc... Plus, for desktops, you can still build your own and load whatever you want. Now, is there any indication that Microsoft is changing their OEM license to force their OEM's to only sell devices preloaded with Windows? Even if there is, do the big OEM's care? Haven't they outgrown their dependence on Microsoft enough to be able to push back?
Even in the worst case I am confident that the open source community will find a way, we always do. You can load linux on just about any device whether it is locked down, like smart phones etc.. or not, thanks to hackers. Computers will be no different. If the machines are locked down the system will be cracked before it is released.
Welcome to the future we warned you about.
Save your breath. Most of the folks here can't even *remember* those warnings - they were still in high school/college. To them, this is just a way of life.
Technically breaking bootcode encryption and other such software is illegal, and technically it isn't. Once you've purchased the computer, everything on it is yours AS A LICENSE. If you do not wish to use the bootcode, simply revoke the license to use the software, decrypt it, and voila! DMCA no longer applies because you revoked the license terms. Now, this won't work if Microsoft actually makes the hardware, or restricts manufacturers.. which I doubt will happen as all the custom PC builders out there would go ballistic.
At the very least, there is a flaw in the DMCA that has existed for years now - Section 1202, subsection "(f) REVERSE ENGINEERING" or ‘‘(g) ENCRYPTION RESEARCH" :D