Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Taking Aggressive Steps Against Linux On ARM

Posted by timothy on from the justice-department-be-damned dept.

New submitter Microlith writes "Microsoft has updated their WHQL certification requirements for Windows 8, and placed specific restrictions on ARM platforms that will make it impossible to install non-Microsoft operating systems on ARM devices, and make it impossible to turn off or customize such security. Choice quotes from the certification include from page 116, section 20: 'On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enabled' — which prevents users from customizing their security, and in section 21: 'Disabling Secure MUST NOT be possible on ARM systems' to prevent you from booting any other OSes."

8 of 675 comments (clear)

  1. Re:Well... by nurb432 · · Score: 5, Informative

    Don't you mean iOS? My mac isn't locked down in the least, and in fact is more open than windows.

    --
    ---- Booth was a patriot ----
  2. Re:MS Taking Aggressive Steps Against MALWARE On A by TheRaven64 · · Score: 5, Informative

    OS X doesn't stop you installing other operating systems. OS X even comes with a tool that will resize your existing partition, provide space for another OS, and Apple computers have a graphical boot menu out of the box for selecting the OS to boot.

    I'm not sure about iOS devices. The older iPods didn't actively stop you from installing other operating systems (they just didn't support it, which is fair enough). If the new iPods / iPhones do lock the bootloader and prevent you from installing something else, then that would be something worth complaining about, although there are enough other reasons for wanting to avoid Apple's locked-down consumer product lines that it's probably quite low on the list.

    --
    I am TheRaven on Soylent News
  3. Re:MS Taking Aggressive Steps Against MALWARE On A by EdZ · · Score: 5, Informative

    If the new iPods / iPhones do lock the bootloader and prevent you from installing something else, then that would be something worth complaining about

    They do. As do many (probably even the majority) of Android devices. And Symbian devices. And bloody well anything that runs on ARM! The number of locked ARM devices vastly outnumbers the number that are unlocked, or even have the ability to be officially unlocked. Should unlocked ARM devices be the norm? Yes. Is Microsoft's position the norm among every device and OS manufacturer? Also yes.

    Also interesting to note is that the updated document specifically requires that UEFI Secure Boot settings can be modified by the end user, contrary to previous hooh-hah.

  4. Re:MS Taking Aggressive Steps Against MALWARE On A by TheRaven64 · · Score: 5, Informative

    Bullshit. When OS X first came out, it only ran on PowerPC. It came with OpenFirmware, and which provided a graphical multiboot bootloader. When it was ported to Intel, Boot Camp was a separate download, now it's integrated.

    --
    I am TheRaven on Soylent News
  5. Re:MS Taking Aggressive Steps Against MALWARE On A by Chas · · Score: 5, Informative

    That's just it shill-boy.

    They're not "simply going to another market".

    They're adding stipulations to their credentialing process that REQUIRE hardware vendors to essentially lock out all forms of user choice for alternate OSes on their platform.

    So if WidgetCo wants to sell their ARM-Widget 6000 with Windows on there, they have to lock the platform to the point where you CAN'T load the ARM-Widget 6000 with Android or another OS.

    Essentially they're forcing hardware vendors to make an irrevocable choice about which market they're going to service instead of allowing them to service any/all of them.

    That's quite clearly abuse.

    --


    Chas - The one, the only.
    THANK GOD!!!
  6. Re:MS Taking Aggressive Steps Against MALWARE On A by Kjella · · Score: 5, Informative

    Also interesting to note is that the updated document specifically requires that UEFI Secure Boot settings can be modified by the end user, contrary to previous hooh-hah.

    What updated document? This is the text:

    MANDATORY: Enable/Disable Secure Boot.

    On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup. A physically present user must be allowed to disable Secure Boot via firmware setup without possession of Pkpriv. Programmatic disabling of Secure Boot either during Boot Services or after exiting EFI Boot Services MUST NOT be possible. Disabling Secure MUST NOT be possible on ARM systems.

    Nothing else applies to ARM system. It. Must. Not. Be. Possible. Ever. In any way.

    --
    Live today, because you never know what tomorrow brings
  7. Re:MS Taking Aggressive Steps Against MALWARE On A by Anonymous Coward · · Score: 5, Informative

    His premise is entirely wrong. There are a number of ways to ensure the security of the boot sector from the software layer, locking it to one OS doesn't increase security beyond the fact that only one OS's flaws will be exploitable.

    It's really a ridiculous attempt at justifying locking in a subset of arm chips to MS only.

  8. Re:MS Taking Aggressive Steps Against MALWARE On A by Anonymous Coward · · Score: 5, Informative
    They're not incompetent, and they're not MS. They're sockpuppets of a Waggener Edstrom rapid response team employed by MS.

    What they do is not secret: http://waggeneredstrom.com/about/approach

    Monitoring conversations, including those that take place with social media, is part of our daily routine; our products can be used as early warning systems, helping clients with rapid response and crisis management.

    Microsoft are No 3 on their client list
    http://waggeneredstrom.com/clients

    DavidSell ByOhTek antitithenai, Bonch, Dtech and others are psuedonyms/sockpuppets used by the team to "guide" discussions.