The Free Software Foundation (FSF) has initiated a campaign against the Secure Boot feature in Windows 8.
FSF Campaigns Against Windows 8's Secure Boot : Read more
FSF Campaigns Against Windows 8's Secure Boot : Read more
- Status
spiketheaardvark
Distinguished
- Apr 14, 2009
- 134
- 14
- 18,715
There's an option in BIOS/UEFI to disable this, no? Maybe the main the worry is that some manufacturers will take out that ability. Other than that... how is this more secure? I'm tempted to believe that this is like the key thing with Blu-Ray. It'll only be a matter of time before someone gets a valid key.
[citation][nom]spiketheaardvark[/nom]For fear of antitrust Microsoft might be shamed out of this but I could see Apple using this.[/citation]
Apple does this already. It's a combination of requiring UEFI (which most PCs don't have) and Intel's TPM chip. I think.
Apple does this already. It's a combination of requiring UEFI (which most PCs don't have) and Intel's TPM chip. I think.
runswindows95
Distinguished
- Dec 24, 2005
- 2,715
- 0
- 21,160
Depends on the motherboard, xenol. I can see the OEM's (HP, Dell, etc) not allowing this to be disabled on their motherboards. However, if motherboard manufactures prevents this from being disabled on enthusiasts motherboards, it will make me think twice before installing Windows ever again.
this very uncool. microsoft(and manufacturers) should let users choose which os to boot from.
this aint secure boot. this is no linux on this pc cuz i r ballmer boot.
if apple does this already with their pcs then they should sue microsoft for patent infringement and get it disabled/removed, in which case linux/fsf wins.
on the other hand, apple might be happy since this will make building hackintosh with a windows 8.0 pc harder.
this aint secure boot. this is no linux on this pc cuz i r ballmer boot.
if apple does this already with their pcs then they should sue microsoft for patent infringement and get it disabled/removed, in which case linux/fsf wins.
on the other hand, apple might be happy since this will make building hackintosh with a windows 8.0 pc harder.
I thought MS already came out and stated that you will be able to turn off Secure Boot in the bios. Furthermore what does MS even have to do with it, they do not make motherboards. So why would say Asus and Msi and Gigabyte want to limit the OS their customers can use on the hardware they sell?
nordlead
Distinguished
- Aug 3, 2011
- 692
- 0
- 19,060
Actually, there is a very simple solution for this. Add a physical jumper on the motherboard. If the connection is made, then it runs secure boot, if the connection is not made it boots like any current PC. Since it is a physical switch it wouldn't be susceptible to malicious attacks.
70camaross396
Distinguished
- Apr 26, 2010
- 48
- 0
- 18,530
I dont see think this will be a problem with hardware makers like asus or gigabyte. they will certianly have an option to turn this off. but i can see OEM's like Dell, HP, or Lenovo using this. in fact they may go even further and use it to even prevent OS upgrades. when i worked for an OEM tech support department early in my career, there policy was we only support the orignal OS that shipped on the system. so if you upgraded from 98 to 2k or XP you were SOL. no more support if things went wrong. I can see OEMs using this to restrict upgrades as well.
amk-aka-Phantom
Distinguished
- Mar 10, 2011
- 3,004
- 0
- 20,860
GTFO, Linux fanboys... you don't NEED new hardware. You can play around with your toys on a Core 2 Duo. In fact, 11.04 boots on a Core 2 Duo faster than it does than on my Core i7, and it doesn't support Turbo Boost and glitches with my GPU even though the proprietary drivers are there.
I think that Linux users are tech-savvy enough to NOT buy prebuilt PCs, and on non-prebuilt there will be an option to disable this.
Keep protesting. I'll laugh just like I laughed when Linux users "demanded" Steam. They don't really need any of it, they just want to pretend that someone actually gives a $h!t about them.
I think that Linux users are tech-savvy enough to NOT buy prebuilt PCs, and on non-prebuilt there will be an option to disable this.
Keep protesting. I'll laugh just like I laughed when Linux users "demanded" Steam. They don't really need any of it, they just want to pretend that someone actually gives a $h!t about them.
Vladislaus
Distinguished
- Jul 29, 2010
- 1,290
- 0
- 19,280
[citation][nom]xenol[/nom]Apple does this already. It's a combination of requiring UEFI (which most PCs don't have) and Intel's TPM chip. I think.[/citation]
The differenc is that it's to prevent the Mac OS from being installed in other non-mac computers. I can still install other OSes on mac computers.
The differenc is that it's to prevent the Mac OS from being installed in other non-mac computers. I can still install other OSes on mac computers.
Vladislaus
Distinguished
- Jul 29, 2010
- 1,290
- 0
- 19,280
[citation][nom]amk-aka-phantom[/nom]GTFO, Linux fanboys... you don't NEED new hardware. You can play around with your toys on a Core 2 Duo. In fact, 11.04 boots on a Core 2 Duo faster than it does than on my Core i7, and it doesn't support Turbo Boost and glitches with my GPU even though the proprietary drivers are there.I think that Linux users are tech-savvy enough to NOT buy prebuilt PCs, and on non-prebuilt there will be an option to disable this.Keep protesting. I'll laugh just like I laughed when Linux users "demanded" Steam. They don't really need any of it, they just want to pretend that someone actually gives a $h!t about them.[/citation]
What about laptops?
What about laptops?
[citation][nom]amk-aka-phantom[/nom]GTFO, Linux fanboys... you don't NEED new hardware. You can play around with your toys on a Core 2 Duo. In fact, 11.04 boots on a Core 2 Duo faster than it does than on my Core i7, and it doesn't support Turbo Boost and glitches with my GPU even though the proprietary drivers are there.I think that Linux users are tech-savvy enough to NOT buy prebuilt PCs, and on non-prebuilt there will be an option to disable this.Keep protesting. I'll laugh just like I laughed when Linux users "demanded" Steam. They don't really need any of it, they just want to pretend that someone actually gives a $h!t about them.[/citation]
I know this is trollbait and all, but I just want everyone else reading this comment thread to know the reason the FSF is protesting this is that it basically does what Apple does with mac hardware, where the bios doesn't allow for any OS except OSX (in this case, windows) to boot, and since M$ is pushing EUFI in Windows 8, and most hardware manufacturers are swapping to it, all it takes is a little illicit pocket change from M$ to get asus msi etc to just take the secure boot toggle out of their BIOSes on preinstalled windows boxes.
Every linux user now would not care the difference, we could flash the bios and do whatever we wanted, and we wouldn't get a system with Windows preinstalled. But for every Joe Shmoe computer user, this basically removes the ability to OS switch completely. And when it comes to laptops, without a unified component standard like ATX is for desktop we cant custom build laptops so we have to go through 3rd party distributors that M$ can buy out to preinstall windows 8 with secure boot disasbled and it will be a pain to reflash the bios.
I know this is trollbait and all, but I just want everyone else reading this comment thread to know the reason the FSF is protesting this is that it basically does what Apple does with mac hardware, where the bios doesn't allow for any OS except OSX (in this case, windows) to boot, and since M$ is pushing EUFI in Windows 8, and most hardware manufacturers are swapping to it, all it takes is a little illicit pocket change from M$ to get asus msi etc to just take the secure boot toggle out of their BIOSes on preinstalled windows boxes.
Every linux user now would not care the difference, we could flash the bios and do whatever we wanted, and we wouldn't get a system with Windows preinstalled. But for every Joe Shmoe computer user, this basically removes the ability to OS switch completely. And when it comes to laptops, without a unified component standard like ATX is for desktop we cant custom build laptops so we have to go through 3rd party distributors that M$ can buy out to preinstall windows 8 with secure boot disasbled and it will be a pain to reflash the bios.
nordlead
Distinguished
- Aug 3, 2011
- 692
- 0
- 19,060
I re-purpose discarded computers and laptops (mostly from DELL) for people who can't afford new PCs, but need a word processor and an internet connection. In 10 years I'll be doing it with i7's and whatever else is bleeding edge now. I am savvy enough to not buy prebuilt but I still use them.
EDIT: I'll also say that as much as I love Windows, Microsoft needs to fix the problem of malicious code running in Windows before they fix a problem that doesn't even exist.
- Jul 16, 2009
- 4,821
- 0
- 22,780
[citation][nom]spiketheaardvark[/nom]For fear of antitrust Microsoft might be shamed out of this but I could see Apple using this.[/citation]
Apple already does do this.
It crushed Psystar to death.
If Linux wants to be able to install on any hardware, how about it ponys up some cash for a change instead of thinking that free software also means free IT industry.
Apple already does do this.
It crushed Psystar to death.
If Linux wants to be able to install on any hardware, how about it ponys up some cash for a change instead of thinking that free software also means free IT industry.
mykem
Distinguished
- Sep 8, 2008
- 26
- 0
- 18,530
Here are the facts:
There is currently no way to prevent a rootkit from loading before an OS. Since Windows is the most popular OS, most rootkits are written to target it. Since a rootkit loads before the OS, it is free to modify OS files and is able to run in such a way as to remain undetectable.
To remedy this, the new UEFI bios supports a secure certificate service. This service checks to ensure the OS boot files have not been tampered with before handing the system over to the boot loaders on the hard drive.
Because the UEFI bios is able to step in before the OS/rootkits are loaded, it can securely ensure the OS has not been tampered with.
The whole uproar is because Microsoft, as part of their logo requirements, is dictating that this feature be enabled by default on all PCs shipping with Windows 8.
Since the motherboard manufacturers are responsible for the BIOS implementation, it is up to them as to whether to allow a BIOS setting that enables/disables the secure boot service.
This is where the Linux folks and FSF take issue.
The reality is that no motherboard manufacturer in their right mind would leave out the option to disable secure boot, as this would restrict the computer to Windows 8. No previous version of Windows, no versions of Linux... nothing else could be used on that computer. The customer outcry would be deafening. There is no incentive to leave this option out of the BIOS.
I think the uproar is unwarranted for two reasons. One is that the market reality dictates that this should be a customer choice. The other reason is that if the open source movement were smart, they too would integrate secure boot into Linux, since any OS that doesn't support it is vulnerable to rootkits.
There is currently no way to prevent a rootkit from loading before an OS. Since Windows is the most popular OS, most rootkits are written to target it. Since a rootkit loads before the OS, it is free to modify OS files and is able to run in such a way as to remain undetectable.
To remedy this, the new UEFI bios supports a secure certificate service. This service checks to ensure the OS boot files have not been tampered with before handing the system over to the boot loaders on the hard drive.
Because the UEFI bios is able to step in before the OS/rootkits are loaded, it can securely ensure the OS has not been tampered with.
The whole uproar is because Microsoft, as part of their logo requirements, is dictating that this feature be enabled by default on all PCs shipping with Windows 8.
Since the motherboard manufacturers are responsible for the BIOS implementation, it is up to them as to whether to allow a BIOS setting that enables/disables the secure boot service.
This is where the Linux folks and FSF take issue.
The reality is that no motherboard manufacturer in their right mind would leave out the option to disable secure boot, as this would restrict the computer to Windows 8. No previous version of Windows, no versions of Linux... nothing else could be used on that computer. The customer outcry would be deafening. There is no incentive to leave this option out of the BIOS.
I think the uproar is unwarranted for two reasons. One is that the market reality dictates that this should be a customer choice. The other reason is that if the open source movement were smart, they too would integrate secure boot into Linux, since any OS that doesn't support it is vulnerable to rootkits.
[citation][nom]amk-aka-phantom[/nom]GTFO, Linux fanboys... you don't NEED new hardware. You can play around with your toys on a Core 2 Duo. In fact, 11.04 boots on a Core 2 Duo faster than it does than on my Core i7, and it doesn't support Turbo Boost and glitches with my GPU even though the proprietary drivers are there.I think that Linux users are tech-savvy enough to NOT buy prebuilt PCs, and on non-prebuilt there will be an option to disable this.Keep protesting. I'll laugh just like I laughed when Linux users "demanded" Steam. They don't really need any of it, they just want to pretend that someone actually gives a $h!t about them.[/citation]
So much hate for Linux... Yet most of the world's web servers alone run on some flavor of Linux. Basically, you hate the interwebz!
=P
On a more serious note, I use Linux because it's free, and because it's not bloated, and because it doesn't crash every few days. I do have a copy of Windows Server 2008 (saved from my MSDNAA days), and I still prefer running good ol' Ubuntu Server LTS instead. I prefer it over Windows server 2008, despite the fact that I'm a total Linux newb.
So much hate for Linux... Yet most of the world's web servers alone run on some flavor of Linux. Basically, you hate the interwebz!
=P
On a more serious note, I use Linux because it's free, and because it's not bloated, and because it doesn't crash every few days. I do have a copy of Windows Server 2008 (saved from my MSDNAA days), and I still prefer running good ol' Ubuntu Server LTS instead. I prefer it over Windows server 2008, despite the fact that I'm a total Linux newb.
pale paladin
Distinguished
- Jul 27, 2009
- 196
- 0
- 18,690
this feature will not limit the installation of GNU/Linux distributions. Microsoft is hardly worried about legitimate unix distributions and more concerned with hacked versions of their own software and Operating systems. Microsoft will keep things open. don't worry.
"It can be disabled" Not on all computers, if OEM manufactures remove the option to disable secure boot and I look for them not to have the option that way they can control certificates for drivers so people haft to buy replacement and upgrade parts from them.
[citation][nom]shafe88[/nom]"It can be disabled" Not on all computers, if OEM manufactures remove the option to disable secure boot and I look for them not to have the option that way they can control certificates for drivers so people haft to buy replacement and upgrade parts from them.[/citation]
If that's the case, then their customer base will drop significantly, at least in the desktop sector. However, I think the one sector that will play a major role is the corporate sector. Corporations are slow to adopt a new OS, thus, if the OEMs want the option to provide Windows 8, but need to provide the older OS (Windows 7, in this case) or even Linux, they would be stupid not to include this option and let the company's IT department fiddle with it.
If that's the case, then their customer base will drop significantly, at least in the desktop sector. However, I think the one sector that will play a major role is the corporate sector. Corporations are slow to adopt a new OS, thus, if the OEMs want the option to provide Windows 8, but need to provide the older OS (Windows 7, in this case) or even Linux, they would be stupid not to include this option and let the company's IT department fiddle with it.
amk-aka-Phantom
Distinguished
- Mar 10, 2011
- 3,004
- 0
- 20,860
[citation][nom]Zanny[/nom]I know this is trollbait and all, but I just want everyone else reading this comment thread to know the reason the FSF is protesting this is that it basically does what Apple does with mac hardware, where the bios doesn't allow for any OS except OSX (in this case, windows) to boot, and since M$ is pushing EUFI in Windows 8, and most hardware manufacturers are swapping to it, all it takes is a little illicit pocket change from M$ to get asus msi etc to just take the secure boot toggle out of their BIOSes on preinstalled windows boxes.Every linux user now would not care the difference, we could flash the bios and do whatever we wanted, and we wouldn't get a system with Windows preinstalled. But for every Joe Shmoe computer user, this basically removes the ability to OS switch completely. And when it comes to laptops, without a unified component standard like ATX is for desktop we cant custom build laptops so we have to go through 3rd party distributors that M$ can buy out to preinstall windows 8 with secure boot disasbled and it will be a pain to reflash the bios.[/citation]
Average consumer should stay the hell away from Linux. Got that?
[citation][nom]neon871[/nom]Lee just wants to be able to keep writing Viruses ( Free software ) to give/infect the Window user's. No virus for Linux because all the hack's use it. I'm not say all Linux user are hackers, but all hacker use Linux.[/citation]
Nonsense.
[citation][nom]pale paladin[/nom]this feature will not limit the installation of GNU/Linux distributions. Microsoft is hardly worried about legitimate unix distributions and more concerned with hacked versions of their own software and Operating systems. Microsoft will keep things open. don't worry.[/citation]
My point. Linux doesn't threaten MS at all on the consumer PCs.
Average consumer should stay the hell away from Linux. Got that?
[citation][nom]neon871[/nom]Lee just wants to be able to keep writing Viruses ( Free software ) to give/infect the Window user's. No virus for Linux because all the hack's use it. I'm not say all Linux user are hackers, but all hacker use Linux.[/citation]
Nonsense.
[citation][nom]pale paladin[/nom]this feature will not limit the installation of GNU/Linux distributions. Microsoft is hardly worried about legitimate unix distributions and more concerned with hacked versions of their own software and Operating systems. Microsoft will keep things open. don't worry.[/citation]
My point. Linux doesn't threaten MS at all on the consumer PCs.
- Jul 16, 2009
- 4,821
- 0
- 22,780
[citation][nom]Anomalyx[/nom]So much hate for Linux... Yet most of the world's web servers alone run on some flavor of Linux. Basically, you hate the interwebz!=POn a more serious note, I use Linux because it's free, and because it's not bloated, and because it doesn't crash every few days. I do have a copy of Windows Server 2008 (saved from my MSDNAA days), and I still prefer running good ol' Ubuntu Server LTS instead. I prefer it over Windows server 2008, despite the fact that I'm a total Linux newb.[/citation]
Why should a commercial organisation, such as a motherboard vendor, go out of their way to support an OS that does nothing to provide any capital input?
This is not Linux vs Windows.
When Linux pays money into the IT industry it can ask for whatever it wants, until then it can't complain because it has had a free ride so far.
Why should a commercial organisation, such as a motherboard vendor, go out of their way to support an OS that does nothing to provide any capital input?
This is not Linux vs Windows.
When Linux pays money into the IT industry it can ask for whatever it wants, until then it can't complain because it has had a free ride so far.
This benefits Microsoft too, cause they can issues secure boot updates that prevent the current OS from booting, and if people don't update their secure boot version, Microsoft can add a automatic update to windows it self to prevent it from running on earlier versions of secure. If they do this people will haft to upgrade their current version of windows or buy a new computer with the version of windows already installed.
- Status
TRENDING THREADS
-
Question Integer scaling missing - nvidia control panel
- Started by ohm-ish
- Replies: 1
-
Discussion What's your favourite video game you've been playing?- Started by amdfangirl
- Replies: 3K
-
Question Wireless mouse that takes AA or AAA battery?- Started by Countess_C
- Replies: 1
-
Facebook
Twitter
Instagram