Forgot your password?
typodupeerror
Linux

Linux Foundation Releases Document On UEFI Secure Boot 318

Posted by Soulskill
from the keep-it-fair dept.
mvar writes "The Linux Foundation today released technical guidance to PC makers on how to implement secure UEFI without locking Linux or other free software off of new Windows 8 machines. The guidance included a subtle tisk-tisk at Microsoft's Steven Sinofsky for suggesting that PC owners won't want to mess with control of their hardware and would happily concede it to operating system makers and hardware manufacturers." Canonical and Red Hat have also published a white paper (PDF) suggesting that all OEMs "allow secure boot to be easily disabled and enabled through a firmware configuration interface," among other things.
This discussion has been archived. No new comments can be posted.

Linux Foundation Releases Document On UEFI Secure Boot

Comments Filter:
  • by Petersko (564140) on Friday October 28, 2011 @11:53AM (#37869622)
    "...PC owners won't want to mess with control of their hardware and would happily concede that to operating system makers and hardware manufacturers."

    Put the word "most" in front of that and I'm on board. The PC as appliance that just works is really is what "most" PC owners want.
  • by SuricouRaven (1897204) on Friday October 28, 2011 @11:58AM (#37869710)
    Intel: We've invented a new technology that can be used to prevent low-level malware from being loaded during the pre-kernel boot process, when conventional antimalware techniques are ineffective. It could also be used by a manufacturer to prevent the user from installing any unapproved OS, as from a technological standpoint this functionality is identical to blocking malware, but that isn't what we designed it for.
    Microsoft: Oh, that sounds fun. Ok, all OEMs: If you want to ship with the 'windows 8' logo which everyone is going to want soon, you need to include support for this and it must be enabled by default. You will have to include Windows 8 on the trust list, but anything else you need to block as it may be malware. You can give the user the ability to turn this feature off and install non-Windows OSs if you want, but we don't really care.
    Linux supporters: But that means that unless an OEM has explicitly taken the trouble to install a feature that few users will even know of, it'll be impossible for us to use any OS except Windows - most seriously on laptops, where we can't build our own.
    Microsoft: Not our problem! Take it up with the OEMs. We're only mandating that they install linux-blocking capability, we're not asking them to actually use it.

    Throughout this, the OEMs have remained silent on the issue.
  • by Anonymous Coward on Friday October 28, 2011 @12:00PM (#37869724)
    Because for most people, Windows does just work. (Hate to burst your bubble.) I know where you're coming from, but for a lot of people, Linux just doesn't work. It's a lot better than it used to be, but if that Wifi adapter isn't recognized, they have no idea where to go from there.
  • by Bert64 (520050) <bert@slash d o t . f i renzee.com> on Friday October 28, 2011 @12:09PM (#37869864) Homepage

    Most users would be just as stuck if faced with a windows install which failed to recognise their wifi adapter...
    Stock out of the box windows often fails to recognise hardware, xp was especially bad because it got so dated but 7 is going that way too now...

    Users don't install their computers, they buy them preinstalled... There's no reason why a machine preinstalled with linux wouldn't have everything already configured and working, and come with a recovery disc to return it to the factory state... Same as currently happens with windows.

  • by Hatta (162192) on Friday October 28, 2011 @12:18PM (#37869984) Journal

    Not going to happen. Microsoft lobbies heavily [commondreams.org] now.

    Microsoft didn't always seek support in Washington. For years, the software giant prided itself on steering clear of national politics and lobbying. But when their legal troubles started, that attitude quickly changed.

    "Microsoft, before their anti-trust case, had almost no presence in Washington," Arizona Sen. John McCain told The Chronicle editorial board earlier this year. "Now, I almost don't know a lobbyist who's not on their payroll."

    That was in 2001. After a decade of increasing corporate influence in Washington I doubt we'll ever see antitrust action against Microsoft again.

  • by Todd Knarr (15451) on Friday October 28, 2011 @12:35PM (#37870246) Homepage

    I think the big driver for OEMs telling Microsoft to rethink this will be Windows 7 and XP. A lot of major companies won't be ready to deploy Windows 8, especially with money tight. And they'll need to deploy, not stock Windows 7, but the specific image with the specific patches that they've certified compatible with all the other software they need to run. Fail to do that and IT's going to come back with a big requirement to re-certify everything that'll cost a lot of money and take a lot of time, and management'll buy off on it because it'll be phrased as "If we don't verify everything, we're risking another company-wide outage for some unknown number of weeks until the vendors get us a fix. Remember how much pain that caused last time it happened?".

    The big vendors like HP and Dell aren't going to go for something that'll cost them their biggest corporate customers. And the motherboard OEMs won't go for something that'll cost them both their big vendor contracts and their boutique component sales to gamers and the like.

  • by neokushan (932374) on Friday October 28, 2011 @12:38PM (#37870282)

    I've installed windows countless times, I'm a software developer, I build computers, I have made custom (legal) windows installation disks that have drivers and updates slip streamed on them. I've hex edited DVD ROM firmware updates, rooted plenty of Android devices. I'm also pretty good with regular expressions and can use vim in a pinch. Suffice to say, I'm pretty technically inclined and when Linux doesn't recognise my wireless adapter out of the box, I haven't a fucking clue what to do, either.

  • by oakgrove (845019) on Friday October 28, 2011 @12:38PM (#37870296)

    As it stands now slapping the MSFT logo on something adds perceived value and credibility

    I find that hard to believe. A Dell is going to sell whether it has a Windows logo on it or not. Same with Lenovo, HP, Acer, etc. I don't think that sticker is really that valuable as people expect windows on it and would be shocked if it didn't come with it. What do they need to see a sticker for?

  • by therealslartybardfas (2495594) on Friday October 28, 2011 @12:48PM (#37870462)
    I created an account just to say this. You weren't born with the ability to create windows installation disks that have been slip streamed and other drivers on it. You took the time to learn how to do this. The fact that you didn't take the time to learn how linux wireless adapters work isn't a fault of Linux.
  • EU (Score:4, Insightful)

    by ThatsNotPudding (1045640) on Friday October 28, 2011 @01:14PM (#37870808)
    I just hope they sent a copy to the EU Competition Committee, as jack-shit will be done by USFedGov.
  • by dpilot (134227) on Friday October 28, 2011 @01:25PM (#37870950) Homepage Journal

    Other responses to this have replied that RedHat and Google don't spend the campaign contribution $$$ that Microsoft does, and therefore Microsoft can buy Ju$tice here.

    The other side of reality is that the server space is heavily Linux, much of that on workstation-class machines, but also many farms are based on commodity-class machines, too. So in this case, it's not just RedHat and Google complaining, it's also IBM, Oracle, Disney/Pixar, Dreamworks, atmospheric modeling people, the petrochemical industry, etc.

    My prediction is that the workstation-class market will have the switch from the get-go. Almost all of the commodity-class market will not have the switch, per Microsoft's wishes. But not all - because a few of those commodity-class manufacturers will have special boxes, probably at a slight, but tolerable premium, for the above-mentioned companies. Those few manufacturers will pick up the Linux business, lock, stock, and barrel. After a few quarters of that, some other commodity-class manufacturers will introduce their "Linux-capable" boxes in order to grab that same premium. It'll "race to the bottom" after that.

    The real question will then be how do the rest of us get our fingers on those "special Linux machines." At that point, we may not, but some motherboard vendor will realize that he can sell the "Linux-capable motherboard" at a slight premium to those who know that they will get crappy non-Windows support, and also let them shave the Windows support cost into their profit margin, too.

    Plus I need to write my Congress-critters. This Microsoft move is curiously soon after they've been released from Antitrust oversight. Maybe it's innocent and in the name of security and all of that, but the timing really stinks. Of course my Congress-critters don't give a hoot that I can't build and boot my own kernel. But I'd hope that they understand that we're shoving yet another piece of science and technology overseas, away from the US, reducing our competitiveness. The tinkerers who become future scientists and engineers will be on foreign shores, as well as those new ideas, products and business opportunities that my not fit into Microsoft's business plans. THAT's what I'll emphasize in my letters.

The first version always gets thrown away.

Working...