Posted on 09/23/2011 10:00:55 AM PDT by SeekAndFind
Microsoft has become locked in a dispute over whether the boot process in Windows 8 will block Linux from running on hardware designed for the next version of its flagship platform.
Windows 8 secure boot uses pre-OS boot checks, as well as third-party software checks, to ensure that users PCs remain healthy. Photo credit: Microsoft
Matthew Garrett, a power management and mobile Linux developer at Red Hat, raised questions in a blog post on Tuesday about dual-booting of Linux in Windows 8. He argued the use of Public Key Infrastructure (PKI)-based secure boot means either Windows 8 will be signed with a Microsoft key, with the public part of the key included on the system; or the hardware maker could use their own key and sign the pre-installed Windows.
"The second approach would make it impossible to run boxed copies of Windows on Windows logo hardware, and also impossible to install new versions of Windows unless your OEM [original equipment manufacturer] provided a new signed copy. The former seems more likely," Garrett said.
"A system that ships with only OEM and Microsoft keys will not boot a generic copy of Linux," he concluded.
On Thursday, Tony Mangefeste, a member of the Windows Ecosystem team, responded to the suggestions in a blog post that detailed what the secure boot system means for running alternative operating systems.
Microsoft's move removes control from the end user and places it in the hands of Microsoft and the hardware vendors.
– Matthew Garrett
Unlike Windows 7, Windows 8 uses the Unified Extensible Firmware Interface (UEFI) secure boot protocol. This allows manufacturers to set up a security policy for the hardware that prevents people from running loaders for operating systems and software it does not recognise. Ultimately, the protocol is designed to make the computer safer from pre-OS boot attacks or malware.
The approach being taken by Microsoft is to provide the "best experience" first, Mangefeste said, by setting things up initially so most people will be protected against boot-loader attacks. After that, people can change the setting, if hardware makers give them the choice.
"At the end of the day, the customer is in control of their PC... For the enthusiast who wants to run older operating systems, the option is there to allow you to make that decision," Mangefeste said.
Secure boot is a UEFI protocol and not a Windows-specific feature, and hardware makers have the option of customising their firmware to specify the level of certificate and policy management, Mangefeste said. This means that the final decision will lie with them on whether to allow or disallow the disabling of secure boot.
"Secure boot doesn't 'lock out' operating system loaders, but is a policy that allows firmware to validate authenticity of components," Mangefeste said.
"Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows," he added.
However, in a subsequent blog post on Friday, Garrett claimed that Microsoft had not contradicted any of the points he had made, and that the situation he had described remained the same.
"Microsoft's rebuttal is entirely factually accurate. But it's also misleading," Garrett said. "The truth is that Microsoft's move removes control from the end user and places it in the hands of Microsoft and the hardware vendors. The truth is that it makes it more difficult to run anything other than Windows."
I doubt that MS would not include a mechanism in Win8 to allow future releases to be installed. What WOULD happen, however, is if you decided that Win8 sucked and wanted to go back to Win7 or XP, you are screwed.
Riiiiight. And M$ is *not* noted for bending the arm of hardware manufacturers... /s
I plan to install Win8 Developer Preview release this weekend ... assuming I can free up a PC. Win8 Dev is available to everyone who wants it.
Well then.. couldn’t “grandma” just “roll her own”?
:-)
I disagree completely. My Windows Phone 7 interface is fast, uncluttered, and intuitive. I (and my son) prefer the UI to on my WP7 phone over his iPhone's IOS interface. My wife is looking forward to upgrading from her Blackberry to a WP7 phone next year. My son is stuck with his iPhone a bit longer.
More Metro goodness on the way: WP7.5 "Mango" revision is due out in 2 weeks.
Also, if you really don't like the Metro UI, you'll need to scrap your Xbox360 and Live as that is moving to a Metro-like UI this Fall.
However, on a laptop running Win8, you don't actually have to use the Metro UI. You have the option of switching to the more traditional "Win7-looking" (explorer) interface.
He doesn't want your perfect experience to be threatened by viruses and worms such as Linux. /sarc
I disagree completely.
OMG, My first Metro fanboi.
My Windows Phone 7 interface is fast, uncluttered, and intuitive. I (and my son) prefer the UI to on my WP7 phone over his iPhone's IOS interface. My wife is looking forward to upgrading from her Blackberry to a WP7 phone next year. My son is stuck with his iPhone a bit longer.
Hint: It's a friggin phone.
More Metro goodness on the way: WP7.5 "Mango" revision is due out in 2 weeks.
Wheeee!
Also, if you really don't like the Metro UI, you'll need to scrap your Xbox360 and Live as that is moving to a Metro-like UI this Fall.
I wouldn't own a game station if it was given to me. But hint: More than the friggin phone, it's a friggin game station.
However, on a laptop running Win8, you don't actually have to use the Metro UI. You have the option of switching to the more traditional "Win7-looking" (explorer) interface.
I know that. But the intention is telegraphed - like the Program Manager, once upon a time, the Desktop is on the way out - And we are left with a glorified, overly simplified phone interface. I PUT UP WITH my phone's interface, because it is functional without a mouse and keyboard. In no way do I DESIRE that interface. The same goes for my tablet - And both of those platforms (and the game station too), while handy, are very limited in their scope BECAUSE of portability and each their basic nature...
The computer, be it laptop or desktop, does not have a basic nature, and I can guarantee that anyone who uses their computer seriously will not be happy with 'Metro', a simplistic (I am being polite, as I mean retarded) and basically useless interface.
L337 spelling rulz. U r teh bomb Metro hateboi.
Hint: It's a friggin phone.
Actually, it's a LOT more than a phone. It is now my primary still camera (yes, 5mp is enough for me for now), my only video camera, personal and car music player, GPS navigation device, voice recorder, calendar, and contacts list. I can (but rarely) stream Netflix on it and play occasional chess/logic/puzzle games on it.
But hint: More than the friggin phone, it's a friggin game station.
Most would call it a game 'console' but 'station' works too. Akin to my WP7 phone's multifunction capabilities, my 360 is a LOT more than a game 'station'. It is my primary DVD player, Netflix streaming device, and my wife occasionally uses it as a Media Extender to play our MP3s through the TV connected sound system.
I can guarantee that anyone who uses their computer seriously will not be happy with 'Metro', a simplistic (I am being polite, as I mean retarded) and basically useless interface.
Can I get that guarantee in writing please? By 'computer' I assume you mean a traditional desktop or laptop. Neither of these are the main target for the Metro UI as that is touch-oriented. As for "useless", probably a true statement for most traditional PCs as they don't have capacitive touch screens. Tablet and hybrid laptop-tablet users will accept and probably love the Metro UI.
But what would I know? I'm just an IT guy by trade - I know nothing about GUIs or those new-fangled computer thinggies. Seriously, it's up to the user ... like it; use it - hate it; don't.
LOL!
Actually, it's a LOT more than a phone. [...]
meh. It's a phone.
Akin to my WP7 phone's multifunction capabilities, my 360 is a LOT more than a game 'station'.
Meh sommore. I do all that with a computer serving as a media center..streaming from the server in the basement.. or from the web.
Can I get that guarantee in writing please?
You already have it in writing.
By 'computer' I assume you mean a traditional desktop or laptop.
Sure. That is what a 'computer' is. The rest of it is gadgetry.
Tablet and hybrid laptop-tablet users will accept and probably love the Metro UI.
Probably true... but now you are back in gadgets.
But what would I know? I'm just an IT guy by trade
Yeah. Me too... and a programmer to boot.
Seriously, it's up to the user ... like it; use it - hate it; don't.
True enough... Other than the endless calls from my clients trying to figger out where everything went.
So other than your "meh" comments because you don't like my phone or 360 ... we agree. Awesome!
I have to ask though ... why is a programmer getting direct calls from clients? You need a helpdesk/incident management team. Of course you might be doing that too. If so, good luck ... clients can be a whiney bunch.
I don't mind your phone, or your 360. They are no worse or better than they are. I DO mind changing something as ubiquitous as the desktop into something as limited as a phone/tablet interface.
I have to ask though ... why is a programmer getting direct calls from clients? You need a helpdesk/incident management team. Of course you might be doing that too. If so, good luck ... clients can be a whiney bunch.
Most of my programming is based around utilities for techs, and they are a direct expression of necessities in the field - I am first a tech, lest I lose my muse. :)
So yes, I am the help desk as well (probably primarily)... serving SOHO and Residential, and writing in my 'spare' time.
The impact of this new interface (on joe-user) is far more than you know, if one doesn't have the benefit of an educational staff and help desk. Throw in the fact that any software under the sun may be present, and the result is that you and I are on different planets... maybe even different planes of existence.
Believe me, this 'Metro' is doom to me - I can see it coming. There won't be a flurry of calls - it will be a blizzard.
Reminder, you can always switch the users laptops/desktops back to the more familiar 'explorer' look. However, the growing pains of changing interfaces didn't slow down Apple on their iPhone or iPad. Users WILL adjust to a new UI.
Well then.. couldn’t “grandma” just “roll her own”?
:-)
She could, but with this new "protection" she wouldn't be able to boot it.
;-)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.