Slashdot Mirror
Microsoft 'Patch' Blocks Linux Installs On Locked-Down Windows RT Computers (fossbytes.com)
An anonymous Slashdot reader quotes a report from fossBytes:
Microsoft has released a security update that has patched a backdoor in Windows RT operating system [that] allowed users to install non-Redmond approved operating systems like Linux and Android on Windows RT tablets.
This vulnerability in ARM-powered, locked-down Windows devices was left by Redmond programmers during the development process. Exploiting this flaw, one was able to boot operating systems of his/her choice, including Android or GNU/Linux.
The Register points out that since Windows RT is "a dead-end operating system" which Microsoft has announced they'll stop developing, "mainstream support for Surface RT tablets runs out in 2017 and Windows RT 8.1 in 2018. This is why a means to bypass its boot mechanisms is highly sought."
The Register points out that since Windows RT is "a dead-end operating system" which Microsoft has announced they'll stop developing, "mainstream support for Surface RT tablets runs out in 2017 and Windows RT 8.1 in 2018. This is why a means to bypass its boot mechanisms is highly sought."
... today I applied a patch to my credit card that blocks buying any locked down hardware from Microsoft. What a coincidence!
Why would anyone that knows how to install Linux on a tablet EVER buy a Microsoft tablet?
It's this kind of infantile misunderstanding of security that will eventually be the undoing of technology. Purchasing of hardware is independent of security - if I own a device I have every right to do with it what I choose, even if that means installing DOS. The manufacturer is not obliged to PROVIDE that support, but every block they put in my WAY should be CRIMINAL. If you purchase a house, you have every right to remove whatever locks and security measures are placed there "for your security", and your physical devices should be no different.
Don't be so quick to give up your rights before you understand what it means, AC.
An exploit was being used for the install. They patched the exploit. If this is annoying to you, don't buy a system that you need to crack in order to install your chosen O/S.
Real lawyers write in C++
A secure but useless tablet is not something that most people want, especially when they (at least, in theory) own the hardware and (very rightfully) want to control it.
If they cared about their customers being able to do what they want to and being able to control the device, they would provide mechanisms to do just that independent of the exploit. Instead, they treat the hardware like they own it, and refuse you administrative access. This trend is very disturbing, since it essentially means they own the machine, not you. As this is the case, users are left with little option other than to either abandon the device as the company wants (turning their property into a paperweight simply because corporate wants you to rent functionality), or use an exploit, in order to take back the control that is rightfully theirs.
You don't actually NEED the company to basically own the device and deny you control in order to be secure. However, the trend of acting as though only a continuous series of patches will keep your device from melting down and that only the company should truly control the computer seems to be catching on. That's pretty fundamentally disturbing. I'm rather surprised you don't realize that, or don't care.
While Microsoft may actually be doing the correct thing overall, the really correct thing would be to provide a mechanism where this is not necessary. Overall, as I value owning my hardware, I'd rather take my chances with the exploit staying there, and I seriously doubt that I'm alone. There are many reasons to avoid patches and updates, and malicious intent on the part of the companies is rapidly becoming the most prominent one, if it isn't already there.
Been looking for a solution for this for quite a while. Got two of these from work when they determined that they were dead end devices that we were not going to use. Now that I know it is there I can't seem to find the exploit. Search goes on.
-- David inquired...
It's just Microsoft being Microsoft, doing a typical dick move for no genuinely good reason.
"Oh dear, someone might be able to do something cool or useful with a product we're killing off? Fuck them."
Microsoft just can't help being dicks about stuff, no matter what it is.
Imagine the goodwill they could generate by just not being dicks at every goddamn opportunity, but nooooooo, we can't have that.
Just cruising through this digital world at 33 1/3 rpm...
They do that all the time. Even with pC's every once and a whiletjey try to prevent dualboot. Each OS since probably 7 tries to prevent it. Yet here I am, running Linux on everything.
What about Windows 10 tablets? Are they also locked?
... with their "boot other" retroactively removed. Only, redmond never promised they'd offer. On the other hand, removing a way to blow new life into dead-end hardware still seems like kicking the customer when he's fallen and trying to get up. Next you know the same thing'll happen to peecees.
Tin foil hat time: Now we know why you can run "ubuntu apps" on windows. Once peecees are locked down the only way to run your fave linux software is if it's an "ubuntu app" and hey, you can run those under windows, right? No need to install anything else, see? Or something to that slimy tune.
Don't buy locked-down anything, people. On principle. Tell your friends and family too.
A class action lawsuit, forcing MS to buy back these dead devices, all of them, at full retail. This would be the American way.
This is probably the legal situation in Europe. Unfortunately, we in the UK, have voted to be shoved right up the arse of the USA.
Sent from my ASR33 using ASCII
I am not used to tablet OS, but I am assuming that they have an EPROM for the "current" OS and a ROM for the original one. I could be wrong. If it is the case cannot you simply reset back to factory build with factory OS and still exploit the vulnerability ? If it is the case why is there outrage ?
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
That is bullshit which has long since been discredited. In the real world, the only thing a locked-down boot-loader like this accomplishes is to restrict what the user can do, it does not protect against malware as there are numerous other vectors.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Does Windows RT have The Windows Subsystem for Linux (WSL)?
If so (and I assume not, but haven't looked) then you can run native Debian binaries right from CMD.EXE
Specialist Mac support for creative pros, Melbourne
actually. they were a highly socialist party.
part of the confusion in calling parties left/right wing.
is the us and uk use left/right wing to indicate how much a party targets its policies to looking after the lower classes (left) and upper classes (right).
and europe uses left/right wing to indicate how authoritarian parties are in implementing policies for the lower classes, since they mostly executed all the upper classes over the years.
Why do you think the Nazi party wasn't socialist?
When using exploits becomes the only way to actually use a device that you paid for, something's really wrong. Mostly with your choice of devices.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Not sure why Microsoft would even care at this point? Why block owners of these RT devices trying to install a OS that is still supported? I give Microsoft the benefit of doubt here and its possible the patch just had the side effect of doing this. Nobody should really expect a device to support anything people want to install on it. You want Android buy a Android device, you want Linux on something it's hit or miss if the device can support it. Kind of like installing a Chevy engine in a Ford. Neither company was thinking at the time about making sure this would work.
And the answer is not buying a phone (or tablet) without root access.
Obviously that requires some research before buying, with questions such as:
-Does the device have a locked boot loader?
-If yes, can the customer unlock it? By an "officially" supported method?
C - the footgun of programming languages
As I recall, there's a sort of positive 'dead man's switch' in Qt, for example. The KDE project is heavily dependent on it and once Digia decided to sell the Qt project onwards, a clause to release all code under a FOSS license was included in the sale should the new owner go bankrupt or otherwise end the project. This gave the communities and companies currently using Qt a peace of mind.
Although it might sound a bit outlandish to suggest something like this to hardware, it might not be a bad idea at all! I can imagine they would likely try to circumvent laws like that by utilizing some sort of lease/subscription arrangements and similar, though. I mean, that's what Microsoft has been striving for with Windows, after all. Even back in the day, Microsoft officially considered the bought operating system discs to be "subscriptions" to their product (as described in the EULA). This didn't really hold up in the courts though, at least not in Europe.
-SR
Why do you think the Nazi party wasn't socialist?
The Nazi Party was an interesting mix. It had the word socialist in it's name, and no doubt. However it was actually fascist in nature. As opposed to the government owning business, it relied on corporatism. This is a very important distinction. The only people that do not believe that it was a far right wing movement are those that see the word "Socialist" ,and think Rush told me that socialists are liberal, so the Nasties were a liberal group."
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
âoeThis is an enormously important decision for Microsoft, allowing it to offer its well-known and trusted database to an expanded set of customersâ, said Al Gillen, group vice president, enterprise infrastructure, at IDC. âoeBy taking this key product to Linux Microsoft is proving its commitment to being a cross platform solution provider. This gives customers choice and reduces the concerns for lock-in. We would expect this will also accelerate the overall adoption of SQL Server.â
http://blogs.microsoft.com/blo...
So, who is in charge of propaganda at MS these days?
JoeR
Say an OS publisher wants to add a feature to make installation of a boot-time rootkit, which runs the host OS in a virtual machine, obvious to a PC's user. How should this be achieved without appearing anticompetitive?
From about 2009 through mid-2012, 10" Linux laptops were available. But in late 2012, manufacturers discontinued 10" laptops. The commonly suggested workaround was to buy a tablet and a clip-on keyboard. At the time, the Surface Pro was three times the price of the 10" laptops it replaced.
(Nowadays the workaround is to buy a Chromebook, put it in developer mode, and make sure nobody else touches it so that it doesn't get accidentally factory restored.)
Microsoft no longer owns the Most Socialist Network on Basic Cable. It sold MSNBC TV to NBC in 2005 and MSNBC.com to NBC in 2012.
A friend of mine bought a Surface Pro because it was the most suitable for art work, with the pressure-sensitive screen. This is slightly interesting because Apple has traditionally been the choice of graphic artists, and Apple is strong in tablets. But not tablets for graphic artists.
And the answer is not buying a phone (or tablet) without root access.
Netbooks had root access because they were capable of running desktop operating systems. Netbooks disappeared in 2012, around the time Surface came out. Coincidence?
Not really, since they sold hardware locked-down that they've already announced to no longer be supporting soonish. Meaning that they now are also slamming the door on third-party improvements and will, once support stops, leave you with an unfixable security risk.
This is exactly the argument that is persuasive to me, at least.
As it is, this smacks of what happened to all the PlaysForSure (not!) devices and vendors when MS abandoned THAT platform. Everyone was left with a bunch of USELESS tech, which was SUPPOSED to force those people into the (later also abandoned) Zune "ecosystem".
And we all know the end of THAT story...
Didn't Sony just lose a lawsuit over the same thing? Why would Microsoft think it could get away with it? Whether the "flaw" was intentional or not, if people purchased an RT tablet with that feature enabled so that they could install another OS, then removing that feature cripples it from the intended purpose. Furthermore, since support from Microsoft on the devices is about to expire, what would be the reason to do this other than to force consumers to upgrade to a new device? While that might be a valid business reason, it should only apply to devices purchased going forward, not retroactively.
Can anyone say class action suit?
So, who is in charge of propaganda at MS these days?
Goebbels, of course.
Unity is meant as a game engine.
The cost of disposing of e-waste distracts the public from PURCHASING and CONSUMING.
It had the word socialist in it's name... However it was actually fascist in nature
Using the color of socialism to implement policies that secure power for a select few privileged individuals while dismantling the freedom of the rest of the population is not actually all that dissimilar to the actions of modern socialists...
So 21st century American corporatism is socialism? Who knew?
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
> It protects against a very specific form of malware
If the "malware" is considered to be "unsigned software accessing anything without permission by an upstream paid key holder", then yes. It becomes clear that the entire Trusted Computing stack is designed for DRM. Security against a few forms of attack is a consequence, not the purpose of the software.
>
Political parties change over time.
Exactly, some of the worst racists in America were Democrats. These were people in the south who were still incensed over the great war of Northern Aggression. Known collectively as the "Dixiecrats", they held sway over many matters in the south, including racial segregation.
However, in the 60's, after the northern liberals desegregated the country, they were really pissed. Taking people who believe that the bible justifies slavery, and forcing them to share space with what they consider only 3/5ths of a human per Black person, and you can understand their angst, if even you consider there vies repugnant and immoral.
It's difficult to pick a specific breaking point, but two might suffice. The first was the openly racist campaign of Alabama Governor George Wallace in 1968. Which failed overall, but was well received by Southern Democrats. The second was the Southern Strategy of the 70's and 80's, when the Republican party began to adopt the goals and ideals of the Dixiecrats, and the Dixiecrats left the Democratic Party in droves, and Republicans now have adopted the Dixiecrats values as core Republican principles.
Oddly enough, it was Democrats who shaped modern Republican ideals, and ostracised traditional conservatives like Barry Goldwater.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Not really, since they sold hardware locked-down that they've already announced to no longer be supporting soonish. Meaning that they now are also slamming the door on third-party improvements and will, once support stops, leave you with an unfixable security risk.
Which is industry-standard these days. I'm not saying that's a good thing but it's exactly what you get from any iPhone or iPad that is out of support or any bootloader-locked Android device that is out of support or devices like the HP TouchPad or Palm Pre.
In the US, all tyranny is leftist; the govt' has control, and the people lose freedom..
I find by that definition, that the present day American Right wing is more leftist than the present day American left wing.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
I am pissed and I am done with this $500 brick. I bought a Surface RT when they first appeared thinking Microsoft would support it for a long period of time. I suppose they have, so this news means grab a hammer! I am literally going to do this. Good-bye Surface, you have been a pain in the arse!