Microsoft Taking Aggressive Steps Against Linux On ARM 675
New submitter Microlith writes "Microsoft has updated their WHQL certification requirements for Windows 8, and placed specific restrictions on ARM platforms that will make it impossible to install non-Microsoft operating systems on ARM devices, and make it impossible to turn off or customize such security. Choice quotes from the certification include from page 116, section 20: 'On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enabled' — which prevents users from customizing their security, and in section 21: 'Disabling Secure MUST NOT be possible on ARM systems' to prevent you from booting any other OSes."
Sounds anti-competitve to me (Score:4, Insightful)
As much as i hate to say it, time to get the Feds involved, again.
Forget piddly sanctions, or even a "breakup". Shut them down once and for all.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
The trick to being a good shill is to not have your diatribe prewritten to post as soon as the story goes from red to green.
It's a little too blatant otherwise.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
And why not bitch at Apple for locking down OS X and iPhone's too?
But... WE DO BITCH AT APPLE FOR LOCKING DOWN OS X AND IPHONE TOO.
Time for another slapdown (Score:5, Insightful)
Seems these criminals have forgotten the last lesson in not behaving anti-competitively already. Time to fine them a few billions to make them remember.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
The security we (Linux users) always wanted was supposed to be on software level, not on hardware level.
Doing anything like this on hardware level is definately anti-competitive.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:4, Insightful)
This is a rather pathetic attempt at misdirection. Of course the strategy is to claim this is about malware. But guess what, when you look under the hood you find that it is not. There is absolutely no reason to block the installation of another OS, except direct anti-competitiveness. If it was just to prevent the user from easily open their system, there would be other options.
Your argument that there are other ARM devices is also completely bogus, and so obviously I am not even going to explain.
You are a Microsoft shill, nothing else.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:2, Insightful)
...something about leveraging a monopoly to take over another sector...
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:3, Insightful)
Leveraging your monopoly in one area to attempt to dominate another much? This is an attempt by Microsoft to use the power they have over hardware manufacturers and computer distributors via their Desktop PC monopoly to force out the current players in the Tablet market. Abuse of a monopoly position pure and simple.
Re:Sounds anti-competitve to me (Score:5, Insightful)
As much as i hate to say it, time to get the Feds involved, again.
Forget piddly sanctions, or even a "breakup". Shut them down once and for all.
If true....
I haven't had a chance to check the story fully yet - I read the MS pdf - but it doesn't actually say those measure will be applied to all devices. Being able to lock it, and locking it by default are not the same thing.
I suspect the story is true, and that MS will pull a security excuse - they've already managed to convince a lot of people that the internet is the OS, and that Google has the monopoly. And I've never seen any changes in the traditional MS approach to doing business - still no set price for their products and underhand incentives (and disincentives). Maybe if they pull the Sony/Apple appliance excuse the regulators (many of whom MS have hired since their last slap on the wrist) will look the other way.
As the Chinese would say "we live in interesting times".
How is this not anti-competitive? (Score:5, Insightful)
Making it impossible to dual-boot your ARM device. Security for the boot sector is one thing, making it impossible to install another OS by choice is something else.
Re:Well... (Score:4, Insightful)
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:2, Insightful)
This does not make the devices secure. Stop repeating that nonsense. Then, from your ID I deduce you are related to the shill.
Go away, you are not welcome here.
Simple Solution (Score:4, Insightful)
Tablet makers offer ARM tablets without WHQL Certification preloaded with Linux or Android.
I mean they don't need to install Windows 8 on the things when there's perfectly good alternatives around, and it seems like adhering to a document more than 150 pages long is a time wasting PITA when you can simply go to a competitor and be done with it.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:2, Insightful)
They are going to that other market with an explicitly anti-competitive strategy. Quite obvious. The thin veneer of lies used by you (and others with IDs suspiciously close to yours) cannot cover that.
Go away MS shill.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
You are forgetting one of the 10 commandments of propaganda: If you repeat it enough times, people will believe it is true.
And, as a bonus, you'll slowly drive anyone that actually has some grasp of the truth slowly bat-shit crazy thanks to the gas lighting effect; which makes them, and therefor their position, unattractive.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
The boot sector can be locked down by allowing the user to add keys manually. There is no need at all to tie it to a specific OS. Rather obvious and already in the spec.
Go away, nobody believes you.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:2, Insightful)
Re:grrrr (Score:4, Insightful)
Are you really that naive? Boot-sector viruses are not that common. If you have a reasonable secure OS you can just prevent the virus access to it. There is absolutely no reason to prevent booting of another OS, requiring the user to add another key manually is quite enough. And all this is quite clear and known to MS.
Re:Entirely predictable (Score:5, Insightful)
>> if you buy a Windows device
What is a windows device exactly? Microsoft marketing dept have invented this concept that Windows is somehow hardware. Its not. Windows is an OS. No more.
I buy computers (not Windows devices, or apple devices). I need them to do the things I want. Its my property. I can and should be able to do what I like with it.
Re:Short Corporate Memory (Score:5, Insightful)
They are in despair. They are too late in mobile market. They start to understand that, but they still have this strong hand mentality. They tried it with Windows Mobile - nope, didn't worked. They are tried with lot of different concepts - also wasted. Now the same with ARM notebooks/tablets.
They don't understand that it is too late. People has seen tomorrow without Microsoft. Tablet competition is very strong out there. What is your killer feature? Office? Who needs that? Email, web - it's all there, it's everywhere.
Re:Simple Solution (Score:5, Insightful)
Re:Sounds anti-competitve to me (Score:4, Insightful)
Apple/iOS too? Android manufacturers that still lock down their devices too?
I don't disagree with the idea that people should buy hardware and be able to install whatever the hell they want, but let's be fair here, this isn't something unique what Microsoft is doing here.. If there is going to be some sort of involvement by the government, I'd prefer for there to just be a general law where hardware should not restrict what kind of user-facing software is allowed to run on it, rather than targeting specific companies for being anti-competitive - which I think should only ever be done in the case of monopolies, which doesn't really apply to Microsoft in the mobile marketspace.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:3, Insightful)
Incorrect. Look at measures on products like the Chromebook for example. I'd love to see how you bypass a user-configurable HARDWARE jumper/switch.
Lies, lies, lies. MS are always full of lies.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
This has nothing to do with preventing the user from adding another OS key to their device. That is the thinly-veiled anti-competitive truth behind this. Also note that on x86, the user _is_ allowed to add another OS key. How is that?
Re:here comes another round of litigation (Score:3, Insightful)
Sadly, Apple manages to get away with this.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
Well, it worked for his first shill post in the other MS story, it was basically first post and still at +4, it was added up pretty instantly so I assume they also have a bunch of shill accounts to mod it up.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:3, Insightful)
Wrong question. The right question is why does MS want this to be posted.
It's bullshit (Score:5, Insightful)
Plain and simple, bullshit. It's a smoke screen. When malware manages to infect boot sector or equivalent, the attack comes from within the OS. Microsoft has every capability of treating writes to the boot area and EFI configuration as special and performing their own security checks to prevent 'unauthorized' writes to that area (going even beyond their permissions to also require signed code). It still regretably break things like Ubuntu's in-windows installer, but I would accept that wasn't their goal and I think the tradeoff is more defensible. Malware because the computer boots off removeable media 'accidentally' is pretty unlikely in EFI case (where OS forces the firmware to skip all that and go straight to boot loader unless user takes action). Attacks where someone maliciously mangles a system they have complete control of is not even a blip on the radar of malware (it may happen, but certainly nothing worth breaking an entire industry over). Incidentally, 'boot sector' type infections are relatively rare in the scheme of MS malware, most malware doesn't bother to infect the boot area, and still they are all over MS platforms.
Also keep in mind, MS is the *only* party who gets to control those keys. The users are not allowed to add new trusted keys. The hardware vendors are not allowed to put another vendor's keys instead of Microsoft's. The vendor *must* use MS key or no one's at all, they are forbidden from using the facility to the benefit of someone like Red Hat for example. The vendor gets in trouble with MS if they use the facility in a way that would prevent MS code from running. How the *hell* is that possibly considered right in the context of 'just improving their security'?
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
Ah, the argumentation flowchart is revealed:
1. This is necessary for security
--> direct lie
2. MS does not have a monopoly on ARM
--> not relevant
3. Everybody else is doing it.
--> not relevant and not true
What next? MS really should have paid for some professionals here, not you clowns.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
They do. As do many (probably even the majority) of Android devices. And Symbian devices. And bloody well anything that runs on ARM! The number of locked ARM devices vastly outnumbers the number that are unlocked, or even have the ability to be officially unlocked. Should unlocked ARM devices be the norm? Yes. Is Microsoft's position the norm among every device and OS manufacturer? Also yes.
Number one Android devices manufacturer is Samsung, which didn't ever bother to lock their bootloaders. Quite the opposite, they contribute to CyanogenMod and ever hired its top developer. Maybe it's one of the reasons they are number one?
Re:Time for another slapdown (Score:4, Insightful)
Time to fine them a few billions to make them remember.
On a state level, perhaps. But on a user level, this sounds like their old "we-are-your-only-option-deal-with-it" behavior: they seem to be stuck in the 90's- can't they see that users can simply turn their back on them nowadays? Users that they have never respected?
Microsoft is treading on thinner ice than ever.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
Your argument is bogus. We are talking UEFI here. Why would something be acceptable or even desired on x86, yet on ARM it suddenly is necessary to do the same thing differently? Right, for business reasons, i.e. locking out the competition! And that is exactly what MS is trying to do here. Again.
Face it, you prepared "argumentation" strategy for spinning this is not working.
Re:Sounds anti-competitve to me (Score:5, Insightful)
I think the headline itself basically conveys the reason why the Feds should get involved. If you don't see it, fine, but it's hardly necessary for him to elaborate.
Whew (Score:4, Insightful)
Re:Sounds anti-competitve to me (Score:5, Insightful)
Won't happen. The anti-trust trial was nothing but a shake down. Before the anti-trust trial Microsoft gave almost nothing [opensecrets.org] in donations. They started contributing, and they got a slap on the wrist and allowed to continue anti-competetive behavior.
Re:grrrr (Score:4, Insightful)
IIS has an 18% market share and something like 90% of successful breakins to web servers are done against IIS servers. Roughly 80% of the webserver market is running linux.
When's the last time you saw google get hacked? They run a custom OS built on top of linux. Facebook runs linux on their servers. All of the top supercomputers in the world run linux, 80% of the top 500 run linux. I don't remember the last time anyone ever said a supercomputer was hacked, do you?
If you want to point out these rootkits and exploits, feel free to show me them. I would be amazed that any major exploit for a linux OS would not have been patched quickly.
The only real way of breaking into a linux system that I know of is to have physical access to the computer or to have a bad sysadmin.
Re:good luck compiling it (Score:4, Insightful)
While what you say is true about how difficult it is to compile a recent Darwin system (Apple stopped providing bootable Darwin images somewhere around 10.4 or 10.5), I think the greater reason for the lack of an alternative Darwin OS is that no one really cares. Once you've done the work to get Darwin compiled, X running, and KDE running, you might as well have saved your time and installed Debian, FreeBSD, or any other free unix system.
Re:Well... (Score:5, Insightful)
I really hate to side with the Mac user, but he's right... his Mac *is* far more open than Windows, and has *far* more support from Apple in installing an alternative OS than Microsoft ever gives.
That, however, is because Apple is a hardware vendor, and they throw the OS in on the side. Microsoft is an OS vendor. It's not in Microsoft's interest to allow you to install something different, but it *is* in Apple's interest to give you that option.
iOS != OSX. They have a similar core, and come from the same people, but they serve entirely different purposes.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:4, Insightful)
even Android manufacturers lock down their devices with similar technologies because it makes the devices secure. Why is[SIC] Microsoft allowed to do the same
That's the difference right there. Phone manufacturers lock down their devices. Android doesn't require it. Microsoft is dictating to the manufacturer that they must lock it down. They probably would anyway, so I don't why Microsoft feels compelled to tell them what to do. Hopefully, they will just backlash and not bother with MS.
/. bitches about Windows security and then when MS does something they bitch about that. No Linux fan ever said MS should lock down hardware, they say MS should control what the software that runs under MS OS should be able to do, not lock down the hardware. A shill is not to be taken at face value.
And it's not a valid comment. The OP posits that
Re:Microsoft doesn't get it... (Score:5, Insightful)
Lol, no, they won't. They'll try linux once, get a set of instructions that tell them to open a terminal $sudo, stop reading, and go back to Windows. On the desktop anyway.
But we're talking about phones, and 'gadgets' slates etc. Have you ever used WP7? It's nifty. It's definitely different than the iOS clone that Android is. I don't have a WP7 device of my own, but I can certainly see the appeal, I've played with a few of them and they feel very different than anything else, and they are pretty neat, live tiles is a good concept, as would be the xbox integration if I ever used my xBox. I'm not sure 'better' or 'worse' applies, but the market is new enough there's room for designed differently, which it is, and people who like this design rather than the iOS style will like it.
Believe it or not, people outside the /. bubble hate linux. Well that's not quite true, they actually hate things that break, and windows and linux both break for mostly the same reasons: bad drivers, bad hardware, and software problems users know nothing about. But they at least know more about Windows, and have better free support for windows from friends than there is for Linux, and instructions for how to solve problems on window are written for idiots.
People like to bitch about windows because it's fashionable, and because it tends to produce obfuscated error messages. But every piece of software does that, including Linux. Windows on ARM is for gadgets, not desktops, so you're buying all new software from somewhere, if you want it for your gadget. Now, are you going to buy software you know, that's a recompile from the x86, or software you don't?
No this is turning Microsoft into Apple (Score:4, Insightful)
They probably hope to increase their stock market value by copying Apple's lock down on their devices.
Next you will get an Microsoft Appstore and a Microsoft VM, but you will have to pay Microsoft money to run linux on that VM.
Ah yes, and development tools will be forbidden, unless you pay for a developer license from Microsoft.
All in the name of security, while viruses and trojans will just install themselves in userspace as normal apps, or might even hack into the OS irreversibly through bugs.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:5, Insightful)
Couple 'o Points:
1.- After seeing how badly Google has been getting pwned with Android malware the LAST thing MSFT wants is to be the easily pwned OS in this new market, and 2.- the REAL reason I'm willing to bet my last buck they are doing this....ready? PIRACY.
1. Android's malware woes weren't all (or even mostly) tied to the boot sector, so this makes no sense.
2. Err, how on Earth is locking the boot sector going to stop piracy? I may be missing something here, but seriously? Not seeing it.
As for the rest, I largely agree, except for one bit:
There is ONE nice thing though, after this shit bombs we'll be getting Win 8 pads at Touchpad prices and if you end up with a $500 winPad for the firesale prices the touchpad went for are you REALLY gonna give a shit what it runs?
The fact that Android on the HP TouchPad was hurriedly pushed out and then widely broadcast says otherwise. The reason? An unsupported OS/arch means no new applications, no updates for existing ones (after awhile), and you;re basically stuck with something that becomes obsolete faster. Seems like a total waste of hardware after awhile.
Re:here comes another round of litigation (Score:4, Insightful)
Slow down cowboy, I think he's referring to the tablet and mobile market, in which Apple does have a large market share and they have:
* Restricted users from installing other OSes? Check.
* Bundled their own apps? Check.
* Restricted users from installing apps whose functionality overlaps with the bundled apps? Check.
* Restricted app developers from using advertising providers that aren't Apple? Check.
The list goes on, and on. The iOS developer agreement is a hideous, monstrous, terrible blight on the software world and should never have happened. But Apple has gone further in embracing lock-in and bundling and anti-competitive practices with iOS than Microsoft has *ever* gone with Windows. If you produce an app and Apple decides to make that part of the core functionality in the next version, they'll take your toy, kick sand in your face and eject you from the app store. Only the immense amount of pressure of some very large companies lobbying Apple for leniency on particular apps has caused them to yield on *certain things* and they are very particular about what those things are.
Re:MS Taking Aggressive Steps Against MALWARE On A (Score:4, Insightful)
Its not like MSFT is gonna sell jack shit when it comes to Windows 8 on ARM anyway because the whole damned selling point of Windows is WINDOWS PROGRAMS which are all x86. Has everyone forgotten WinNT on Alpha and MIPS? Remember how quick and how hard that shit bombed? Why would you want Windows if you can't run Windows programs?
Ahhhh, but you forget... Windows isn't about programs anymore, it's about apps. And all the hot developer action on Windows these days involves building apps for the Metro UI -- which, not coincidentally, is the Windows Phone and Windows 8 ARM UI. It's even the Xbox UI now. A Windows 8 ARM tablet isn't going to resemble a Windows PC as much as it's going to resemble an iPad that runs a Microsoft OS. The bonus is that you'll be able to take the same programs you run on your Windows 8 tablet and run them in the Metro Start screen on your Windows 8 PC.
I know, it doesn't sound particularly appealing to me, either, but that's how it is.
Re:Sounds anti-competitve to me (Score:2, Insightful)
You're being obtuse. The point here is that MS is strongarming hardware manufacturers to develop devices that only work with Windows. The reality here is that there almost certainly won't be tablets released with Android to go along side the ones that have Win 8 on them. I say that with confidence because I don't see it happening very often with laptops or even desktops. But, with laptops and desktops one has the ability to install any OS with driver support for the hardware.
What's more, if one is restricted to using Android only or Linux only devices if one wants to run something other than Windows, then one is going to have a substantially smaller number of devices from which to choose.
As for your thing about percentages of consumers, it doesn't matter what the percentage is, it's one of the rights of ownership. The original owner might not care, but what happens when MS stops supporting the devices? Just because MS no longer provides patches doesn't mean that the device has failed.
As for your bit about the locked bootloader, it's completely different. If you're going to be so dense, I don't know why I'm even bothering to write this. The difference is that Google isn't forcing all manufacturers of Android devices to lock them down the Android only in order to gain full certification. That's a big fucking deal if one doesn't have the Win 8 certification one is going to be at a competitive disadvantage. Or have you forgotten about the Win Vista certification debacle where some of those computers weren't able to run Vista. God help you if you didn't get one that was even that well supported.
What I'm saying about the flop is that the government should step in to ensure that people can actually use the hardware that they're buying. It's pretty ridiculous that you can't see that this completely violates the typical ownership rights that come from making a purchase.
Whether one is or isn't technically forced to get full certification is really beside the point. Companies that don't go through the process aren't going to be able to charge as much for their hardware and in turn are going to be at a disadvantage. Certification up to a point is reasonable, but when it requires that the device be unusable by other OSes, that crosses the line.
In short, shills like you are why we can't have nice things. MS already fucked up both the desktop and laptop markets, I personally see no reason why they should be allowed to continue the same anticompetitive tactics that have so damaged the industry.
Re:Sounds anti-competitve to me (Score:5, Insightful)
That's not how monopolies work. Or I guess I should say, that's not how anti-competitive leverage works.
Take manufacturer "X". X wants to sell laptops and desktops running Windows, servers running both Windows and various UNIX flavors, and tablets running Windows and maybe Android.
X, naturally, must purchase licenses for Windows in bulk from Microsoft. Possibly tens of thousands of licenses, or more if they're a very large manufacturer. You understand at this point that this is a significant expense.
So they come to Microsoft, who them sits down at a conference table and says, "So, you're going to make sure people can't use your tablets (and anything else that's running off ARM with UEFI) to boot anything but Windows, right?"
The X execs look at each other. "Hadn't thought about it."
"Well, we can give you a bigger discount if you do..."
The X execs now get to choose between turning down money or not turning down money. We'll leave the conclusion as an exercise for the reader.