Slashdot Mirror
Australian Users Petitioning Against Windows 8 Secure Boot
In his first accepted submission, lukemartinez sends in an excerpt from a ZDNet article on continuing developments about Microsoft's UEFI secure boot requirements: "The Linux Australia community began petitioning the ACCC this week after Microsoft aired plans to mandate the enabling of Unified Extensible Firmware Interface's secure boot feature for devices bearing the 'Designed for Windows 8' logo. This means that any software or hardware that is to run on the firmware will need to be signed by Microsoft or the original equipment manufacturer (OEM) to be able to execute. This would make it impossible to install alternative operating systems like Linux..."
Delimeter has further information on the petititions, and Matthew Garret recently posted a follow-up to Microsoft's response to the concerns about secure boot, calling them out on their misinformation.
Found it buried beneath several links. http://www.accc.gov.au/content/maintain/create/index.phtml?contentTypeItemId=9133&informationSpaceItemId=268347&inPop=1&returnUrl=.&type=Other
I write professional videogame reviews! http://www.digitallydownloaded.net/
Anyone who wants to repurpose an OEM computer. Anyone who doesn't want to pay extra for jailbroken motherboards. Anyone who thinks people should own their property, instead of being beholden to the manufacturer.
That's who.
Give me Classic Slashdot or give me death!
Really though...who buys a vendor PC then slaps Linux on it? We build our PC's..
I did just that with my laptop
This isn't designed to stop viruses (though theoretically it could help a little), this is part of Microsoft's anti-piracy push. Current methods of pirating Windows involve loading up something before the kernel to trick Windows into thinking it is installed on a machine with an OEM license. Obviously if the BIOS won't hand off to unsigned code then this becomes impossible and this method of piracy (which has been in use since Vista's time) is no longer viable.
Hence why the don't want OEMs to give you the option to disable this feature or to load up your own keys. If they did then it would solely be a security feature and do nothing for piracy. Given that, it explains why Linux people are so worried, because Microsoft is pushing for exactly this and Linux is about to get caught in the crossfire.
Circumventing a protection system? I'm glad nobody passed a law boneheaded enough to make that illegal even if you're not breaching any copyright .
http://news.slashdot.org/story/11/09/27/2130245/canadian-government-says-drm-circumvention-not-related-to-copyright
Slowly the pieces are coming together...
'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'
Which is a great dodge. Then they can apply quiet, behind the scenes pressure to remove the option. Some vendors omit options regardless (like disabling VT-x.)
Yep, we're heading into THOSE days where only a select handful of operating systems are allowed to boot. If we're lucky, we'll be able to boot Fedora and Ubuntu. Gentoo users? Fuck you.
Do you seriously think that users can pressure OEMs harder than MS can? MS can kill their business overnight, and I don't doubt they've learned a LOT about how to act in unethical manner even under the eye of the DoJ. No, this is MS pursuing something and, much like Apple, hoping the inertia of the masses who don't care can overwhelm the complaints of the minority that understand why such unilateral, non-disablable lock down is bad.
People are fighting so aggressively to defend MS, but in a few years we may wish for the day when we didn't have to violate the DMCA and ACTA to run whatever OS we choose on our systems.
Which is why I say we should pressure OEMs. This decision has nothing to do with Microsoft so people are ignoring it, despite the fact that it is still an issue that people should be concerned with.
No, we're not. The thing to keep in mind is that there's a distinction between simply booting and secure booting. Right now, no operating system can secure boot (as far as I'm aware, anyway - if there is hardware+software out there that can utilise this, please let me know) and Microsoft wants to push it for Windows 8. It would be nice if we can also utilise this for other operating systems as well (or rather, other boot loaders, like GRUB), however that task lies with the OEMs and their willingness to let us add our own keys. Like I said before - this is the OEM decision, not Microsoft's.
And there it is again! The assumption that you won't be able to disable secure boot. This assumption lies squarely with OEMs and not Microsoft.
Consumers don't need to pressure OEMs more than Microsoft, they just need to pressure them. Microsoft is pushing to enable secure boot by default, while us users should be pressuring OEMs to give us control over secure boot. They are two entirely different things.
Even if Microsoft changed their mind on the secure boot by default thing, we should still pressure OEMs to give us this control as it's a very useful security feature to have.
Now, of course there's that idea that Microsoft might be in the background pressuring OEMs to remove the option to disable it, but so far this is based entirely on conjecture and speculation. If Microsoft does try it, they'll be liable for a massive class-action lawsuit, something that would cost them a lot more than the 1-2% of the marketshare they could possibly gain by blocking Linux. Until that happens, it's a non-issue. Rather than moaning at Microsoft, we should be moaning at the OEMs because they're the ones that will be taking these options from us.
In the technology world, we shouldn't let the "maybes" get in the way of innovation. Secure boot would outrightly kill a lot of malware attacks, something that plagues windows a lot more than it does Linux.
+1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill
In other news, users petition to have Firewalls disabled, Microsoft force all users to have admin privs, and the removal of passwords.
These things can be controlled for obvious reasons. What's being discussed here is what you can actually run on your computer from the start. An entirely different ball game.
When interviewing these users they had these things to say: "I love malware, someone has to"
Right.............
"Pressing F12 at boot and disabling secure boot is too much work
If you'd done some reading then you'd know that this F12 option will not always be there, nor is there any guarantee that it won't be removed.
If you want to stand up for the rights of malware and rootkit creators everywhere, please help support this cause. Because.. "Someone has to love them"
This will not help prevent malware or rootkits in any way over and above what is already done. Stop hiding behind the security reasoning, because it's crap. It still won't prevent vulnerabilities in the OS once it is running, which is where it is all happening anyway.
Certs can be managed if your OEM doesn't suck.
They will all suck. The EFI spec does not currently allow you to add your own keys. It's Microsoft or the OEM.
Win8 doesn't require secure boot to work
Future versions will once the hardware is widespread. This argument always makes me chuckle.
Secure boot can be disabled, again assuming your OEM doesn't suck
They will suck. See above.
IT would have a shit storm if they couldn't manage this
They will accept what they've been given, as always.
Server admins would have a shit storm if they couldn't manage this
See above.
Someone would lose a job at Dell/HP/Gateway/etc if the end user couldn't manage this
Utter crap.
This effectively makes it impossible, with current malware, to ever take over a PC
No, that is not the case because there will still be vulnerabilities in the OS. However, in order to do that we want it to make sure you cannot install anything but Windows? Interesting. We haven't even got into the ramifications for virtualisation, or how this might work in terms of individual hardware working on a motherboard in the future.......... It's a right mess.
This got modded insightful? Jesus.............