Slashdot Mirror
Microsoft Taking Aggressive Steps Against Linux On ARM
New submitter Microlith writes "Microsoft has updated their WHQL certification requirements for Windows 8, and placed specific restrictions on ARM platforms that will make it impossible to install non-Microsoft operating systems on ARM devices, and make it impossible to turn off or customize such security. Choice quotes from the certification include from page 116, section 20: 'On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enabled' — which prevents users from customizing their security, and in section 21: 'Disabling Secure MUST NOT be possible on ARM systems' to prevent you from booting any other OSes."
As much as i hate to say it, time to get the Feds involved, again.
Forget piddly sanctions, or even a "breakup". Shut them down once and for all.
---- Booth was a patriot ----
The trick to being a good shill is to not have your diatribe prewritten to post as soon as the story goes from red to green.
It's a little too blatant otherwise.
And why not bitch at Apple for locking down OS X and iPhone's too?
But... WE DO BITCH AT APPLE FOR LOCKING DOWN OS X AND IPHONE TOO.
Seems these criminals have forgotten the last lesson in not behaving anti-competitively already. Time to fine them a few billions to make them remember.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Sir, you are either paid propagandist, or you have no idea what you are talking about.
The security we (Linux users) always wanted was supposed to be on software level, not on hardware level.
Doing anything like this on hardware level is definately anti-competitive.
Making it impossible to dual-boot your ARM device. Security for the boot sector is one thing, making it impossible to install another OS by choice is something else.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
You are forgetting one of the 10 commandments of propaganda: If you repeat it enough times, people will believe it is true.
And, as a bonus, you'll slowly drive anyone that actually has some grasp of the truth slowly bat-shit crazy thanks to the gas lighting effect; which makes them, and therefor their position, unattractive.
Any sufficiently advanced influence is indistinguishable from control.
The boot sector can be locked down by allowing the user to add keys manually. There is no need at all to tie it to a specific OS. Rather obvious and already in the spec.
Go away, nobody believes you.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
>> if you buy a Windows device
What is a windows device exactly? Microsoft marketing dept have invented this concept that Windows is somehow hardware. Its not. Windows is an OS. No more.
I buy computers (not Windows devices, or apple devices). I need them to do the things I want. Its my property. I can and should be able to do what I like with it.
They are in despair. They are too late in mobile market. They start to understand that, but they still have this strong hand mentality. They tried it with Windows Mobile - nope, didn't worked. They are tried with lot of different concepts - also wasted. Now the same with ARM notebooks/tablets.
They don't understand that it is too late. People has seen tomorrow without Microsoft. Tablet competition is very strong out there. What is your killer feature? Office? Who needs that? Email, web - it's all there, it's everywhere.
user@ubuntubox:~$ stfu This server is going down for shutdown NOW!
Not playing nice with MS means that they get bum deals on licenses for Windows machines, which major OEMs are selling.
This is my signature. There are many like it, but this one is mine.
This has nothing to do with preventing the user from adding another OS key to their device. That is the thinly-veiled anti-competitive truth behind this. Also note that on x86, the user _is_ allowed to add another OS key. How is that?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Well, it worked for his first shill post in the other MS story, it was basically first post and still at +4, it was added up pretty instantly so I assume they also have a bunch of shill accounts to mod it up.
Live today, because you never know what tomorrow brings
Plain and simple, bullshit. It's a smoke screen. When malware manages to infect boot sector or equivalent, the attack comes from within the OS. Microsoft has every capability of treating writes to the boot area and EFI configuration as special and performing their own security checks to prevent 'unauthorized' writes to that area (going even beyond their permissions to also require signed code). It still regretably break things like Ubuntu's in-windows installer, but I would accept that wasn't their goal and I think the tradeoff is more defensible. Malware because the computer boots off removeable media 'accidentally' is pretty unlikely in EFI case (where OS forces the firmware to skip all that and go straight to boot loader unless user takes action). Attacks where someone maliciously mangles a system they have complete control of is not even a blip on the radar of malware (it may happen, but certainly nothing worth breaking an entire industry over). Incidentally, 'boot sector' type infections are relatively rare in the scheme of MS malware, most malware doesn't bother to infect the boot area, and still they are all over MS platforms.
Also keep in mind, MS is the *only* party who gets to control those keys. The users are not allowed to add new trusted keys. The hardware vendors are not allowed to put another vendor's keys instead of Microsoft's. The vendor *must* use MS key or no one's at all, they are forbidden from using the facility to the benefit of someone like Red Hat for example. The vendor gets in trouble with MS if they use the facility in a way that would prevent MS code from running. How the *hell* is that possibly considered right in the context of 'just improving their security'?
XML is like violence. If it doesn't solve the problem, use more.
Ah, the argumentation flowchart is revealed:
1. This is necessary for security
--> direct lie
2. MS does not have a monopoly on ARM
--> not relevant
3. Everybody else is doing it.
--> not relevant and not true
What next? MS really should have paid for some professionals here, not you clowns.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
They do. As do many (probably even the majority) of Android devices. And Symbian devices. And bloody well anything that runs on ARM! The number of locked ARM devices vastly outnumbers the number that are unlocked, or even have the ability to be officially unlocked. Should unlocked ARM devices be the norm? Yes. Is Microsoft's position the norm among every device and OS manufacturer? Also yes.
Number one Android devices manufacturer is Samsung, which didn't ever bother to lock their bootloaders. Quite the opposite, they contribute to CyanogenMod and ever hired its top developer. Maybe it's one of the reasons they are number one?
Your argument is bogus. We are talking UEFI here. Why would something be acceptable or even desired on x86, yet on ARM it suddenly is necessary to do the same thing differently? Right, for business reasons, i.e. locking out the competition! And that is exactly what MS is trying to do here. Again.
Face it, you prepared "argumentation" strategy for spinning this is not working.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
IIS has an 18% market share and something like 90% of successful breakins to web servers are done against IIS servers. Roughly 80% of the webserver market is running linux.
When's the last time you saw google get hacked? They run a custom OS built on top of linux. Facebook runs linux on their servers. All of the top supercomputers in the world run linux, 80% of the top 500 run linux. I don't remember the last time anyone ever said a supercomputer was hacked, do you?
If you want to point out these rootkits and exploits, feel free to show me them. I would be amazed that any major exploit for a linux OS would not have been patched quickly.
The only real way of breaking into a linux system that I know of is to have physical access to the computer or to have a bad sysadmin.
I really hate to side with the Mac user, but he's right... his Mac *is* far more open than Windows, and has *far* more support from Apple in installing an alternative OS than Microsoft ever gives.
That, however, is because Apple is a hardware vendor, and they throw the OS in on the side. Microsoft is an OS vendor. It's not in Microsoft's interest to allow you to install something different, but it *is* in Apple's interest to give you that option.
iOS != OSX. They have a similar core, and come from the same people, but they serve entirely different purposes.
even Android manufacturers lock down their devices with similar technologies because it makes the devices secure. Why is[SIC] Microsoft allowed to do the same
That's the difference right there. Phone manufacturers lock down their devices. Android doesn't require it. Microsoft is dictating to the manufacturer that they must lock it down. They probably would anyway, so I don't why Microsoft feels compelled to tell them what to do. Hopefully, they will just backlash and not bother with MS.
/. bitches about Windows security and then when MS does something they bitch about that. No Linux fan ever said MS should lock down hardware, they say MS should control what the software that runs under MS OS should be able to do, not lock down the hardware. A shill is not to be taken at face value.
And it's not a valid comment. The OP posits that
Lol, no, they won't. They'll try linux once, get a set of instructions that tell them to open a terminal $sudo, stop reading, and go back to Windows. On the desktop anyway.
But we're talking about phones, and 'gadgets' slates etc. Have you ever used WP7? It's nifty. It's definitely different than the iOS clone that Android is. I don't have a WP7 device of my own, but I can certainly see the appeal, I've played with a few of them and they feel very different than anything else, and they are pretty neat, live tiles is a good concept, as would be the xbox integration if I ever used my xBox. I'm not sure 'better' or 'worse' applies, but the market is new enough there's room for designed differently, which it is, and people who like this design rather than the iOS style will like it.
Believe it or not, people outside the /. bubble hate linux. Well that's not quite true, they actually hate things that break, and windows and linux both break for mostly the same reasons: bad drivers, bad hardware, and software problems users know nothing about. But they at least know more about Windows, and have better free support for windows from friends than there is for Linux, and instructions for how to solve problems on window are written for idiots.
People like to bitch about windows because it's fashionable, and because it tends to produce obfuscated error messages. But every piece of software does that, including Linux. Windows on ARM is for gadgets, not desktops, so you're buying all new software from somewhere, if you want it for your gadget. Now, are you going to buy software you know, that's a recompile from the x86, or software you don't?
Couple 'o Points:
1.- After seeing how badly Google has been getting pwned with Android malware the LAST thing MSFT wants is to be the easily pwned OS in this new market, and 2.- the REAL reason I'm willing to bet my last buck they are doing this....ready? PIRACY.
1. Android's malware woes weren't all (or even mostly) tied to the boot sector, so this makes no sense.
2. Err, how on Earth is locking the boot sector going to stop piracy? I may be missing something here, but seriously? Not seeing it.
As for the rest, I largely agree, except for one bit:
There is ONE nice thing though, after this shit bombs we'll be getting Win 8 pads at Touchpad prices and if you end up with a $500 winPad for the firesale prices the touchpad went for are you REALLY gonna give a shit what it runs?
The fact that Android on the HP TouchPad was hurriedly pushed out and then widely broadcast says otherwise. The reason? An unsupported OS/arch means no new applications, no updates for existing ones (after awhile), and you;re basically stuck with something that becomes obsolete faster. Seems like a total waste of hardware after awhile.
Quo usque tandem abutere, Nimbus, patientia nostra?