Linux Distros Won't Run On Microsoft's Education-Focused Windows 10 S OS (betanews.com) 96
Reader BrianFagioli writes: I was sort of hopeful for Windows 10 S when Microsoft made a shocking announcement at Build 2017 that it is bringing Linux distributions to the Windows Store. This gave the impression that students using the S variant of the OS would be able to tinker with Linux. Unfortunately, this is not the case as Microsoft will be blocking Linux on the new OS. In other words, not all apps in the store will be available for Windows 10 S. "Windows 10 S does not run command-line applications, nor the Windows Console, Cmd / PowerShell, or Linux/Bash/WSL instances since command-line apps run outside the safe environment that protects Windows 10 S from malicious / misbehaving software," says Rich Turner, Senior Product Manager, Microsoft. Tuner further explains, "Linux distro store packages are an exotic type of app package that are published to the Windows Store by known partners. Users find and install distros , safely, quickly, and reliably via the Windows Store app. Once installed, however, distros should be treated as command-line tools that run outside the UWP sandbox and secure runtime infrastructure. They run with the capabilities granted to the local user -- in the same way as Cmd and PowerShell do. This is why Linux distros don't run on Windows 10 S: Even though they're delivered via the Windows Store, and installed as standard UWP APPX's, they run as non-UWP command-line tools and this can access more of a system than a UWP can."
you can... until a vendor like e.g. lenovo releases a laptop with a UEFI BIOS where you are not permitted to remove the boot-locked settings that would *allow* you to install a GNU/Linux distro... https://www.bit-tech.net/news/... [bit-tech.net]
Unless of course that distro had paid in to be part of the UEFI club. I believe Redhat was one of them...
a) The Lenovo lock wasn't done by UEFI, it was done by preventing the hard drive controller from speaking AHCI. Linux does not have a driver for Lenovo's proprietary RAID protocol. Lenovo came to their senses.
b) Nothing stops a UEFI BIOS from keeping a whitelist of keys.
There's one small detail here, though: there are two keys [microsoft.com]: one, the "Microsoft Windows Production PCA" is used to sign Windows only, while the other, "Microsoft Corporation UEFI CA" is the one they for antitrust reasons "kindly" allow certain biggest distributions to be signed with. Inclusion of the former is mandatory, while the other OEMs merely "should consider including".
Doesn't sound that ominous yet? Then recall what the way Windows is sold: there's a ridiculously high official price no one pays, and "volume discounts" every single mainstream PC maker gets, negotiated under strict non-disclosure. You can bet that when the time is ripe, all the makers will suddenly fail to include the UEFI CA key (as losing the volume discounts would effectively put them out of business).
And even while the UEFI CA key lasts, you lose the main reason to use Linux rather than some proprietary kernel: there's no way you can edit the kernel, install a non-distro version, build your own modules, etc. You no longer can insert unsigned modules, kexec an unsigned kernel, use a number of facilities that could be used to gain control over your own machine.
And what's the gain for you? Precisely nothing! A thief can still install Windows on a stolen machine, someone who wants your data can boot Windows (or, for now, one of the "blessed" distros). The UEFI CA doesn't sign particular kernel builds but distro signing keys, so you can be assured every three letter agency of US, Russia, China and any other country Microsoft wants to sell their software in do have such a signing key. Thus, the malware the thugs use against your machine on the border will also boot fine.
Ie, "Secure" Boot is strictly negative for you unless you can remove all keys not under your control.
The UEFI CA key has signed a bootloader that lets you replace the kernel with a single keypress.
... or why buying boot-locked (indeed, any DRM'ed) product is a BAD IDEA (tm).
Everyone already buys bootlocked phones, this is simply the next logical step.
We just discussed this in an article on Netflix not loading on rooted Androids, and when I suggested that it was only a matter of time before the same became true for computers I was told there's no way that would ever fly. But the thing is, it will. It won't be long before locked bootloaders and walled gardens are the norm for the PC world just as they are for phones. Probably only a few more years before it becomes extremely dif
This may fly at home, but it won't work in a professional environment. And the enterprise is Microsoft's last reliable market share, so it would be a very bad move to piss off the enterprise. The whole reason for the student edition of Windows is to keep gullible young people locked into the intended consumer mindset.
Never underestimate the ease you can tell an MCSE that Microsoft will keep his systems secure and easy to manage, and the conviction with which they will follow it.
I certainly know most enterprises I know of require boot-locked machines; my office laptop is absolutely boot-locked.
They do it to prevent a number of boot malware, require whole-disk encryption, prevent tampering, and preventing assholes like me from removing Microsoft Joke.
This may fly at home, but it won't work in a professional environment.
Well first off rumors of this have been going around for the last 15 years and ever really materialized. But if it did it'll be an either-or, you can either run a stock Trusted Computing DRM-signed OS and watch Netflix or you can get root and install your custom bootloader/drivers/patches/virtualization/other OS but not at the same time. They barely allow 4K/UHD content in software, both streaming and blurays need so much hardware support and DRM standards that it's essentially a built-in set top box. They'
This may fly at home, but it won't work in a professional environment.
If you're using Windows 10 S in a professional environment you have far bigger problems to deal with than a locked down OS. A good start would be firing everyone in IT and starting from scratch.
You miss the fact that you won't be allowed to do anything on your unlocked computer.
Online banking? Nope, go see a teller.
Watching media? Not a chance
Gaming? That will be locked out too
Look at Android, even simple survey apps are starting to check for root!
You'll be able to have an unlocked computer all you want, you just won't be able to do anything with it.
LineageOS have released a patch to mask 'rootedness', so that rogue apps that go sniffing around will find that whether a user roots their phone is none of their damned beeswax.
Like it or not, we have to move from "trust the user" to "trust no one". You aren't the market. Your idiot cousin is. The rest is economies of scale.
It's rare a day goes by that you don't hear about a major new hack hitting any of the major desktop or server OSes. We're finding root-escalation exploits on Linux far too often, to say nothing of Windows.
We can bellyache all day about how insecure ${PLATFORM} is, but requiring "trusted" signed binaries is the closest anybody has come to addressing the "user ex
And this is different from a chromebook (Score:2)
how, exactly? I doubt you could install Linux on a school's enterprise laptop either.
As noted in various insider releases you could at the time run traditional applications through the Powershell. I'm sure I mentioned that this was an oversight that will soon be closed. Just like the first build which allowed you to disable the Windows Store only "feature".
Re: (Score:1)
Why isn't Linux an alternative? Is it too scary for you? It only took me a month to dive in and figure it out, that was 10 years ago. I will never go back to that shit stained, bloated, virus magnet they call Windows.
It took you a month 10 years ago, today it would only take a minute, I can't believe the improvements to Linux since I switched completely back around 2000
Linux is far easier to use than Windows, and it "just works", no fiddling with drivers, no searching for codecs, you just use it. Every time I have to sit down in front of a Windows machine for any reason I cringe, they're slow, unintuitive, and incredibly difficult to configure to do what you need. I don't want to spend hours trying to figure out how to
Everyone who claims Linux isn't the alternative either:
Everyone who claims Linux is an alternative doesn't use their PC for gaming. Or, is part of the extremely tiny minority of gamers that is happy with the limited subset of games run on Linux.
See what I did there?
Makes me think of Linux Mint (at least Mate, Xfce). Technically you can add many themes but there's very little, almost nothing installed by default.
This is because GTK3 themes break constantly every time Gnome does a little update to GTK3, so when you upgrade your OS to a new version hell might break loose.
Also, Mate sends you to a website (gnome-look) that lists GTK3 and GTK2 themes. Wtf? I obviously want a theme that works on both. Do GTK3 themes bundle a GTK2 theme? I don't know. I don't feel like exper
- Has one or more pieces of Windows-only software that they use and are unwilling or unable to change.
This isn't Windows being difficult to use compared to Linux, this is *you* being accustomed to one particular system.
I stopped using Linux on my personal computers around 2006 after a decade because I got so fed up with it. For the last seven years I've been Mac only at work and home, but developing cross platform software I use Windows and Linux frequently in VMs. Don't get me wrong, Windows really irritates me too, but nothing like the way the different Linux desktop environments do with their clunky, u
Apple III from 1980s called, and want its SOS back.
Apple III from 1980s called, and want its SOS back.
Don't denigrate SOS, man!
It was actually a pretty damn nice OS for its day; too bad it had unreliable hardware to run on for the first couple of years. Then, when the hardware finally WAS reliable, nobody trusted it.
https://en.wikipedia.org/wiki/... [wikipedia.org]
I wanna signal an "SOS" for somebody to please rescue me from this nightmare that Windows of today is. Sadly, Linux is not an alternative.
macOS is.
It has a rather expensive hardware dongle.
VirtualBox (Score:2)
It'll run inside VirtualBox though, right?
Probably there will not be a Windows 10 s installer usable in Virtual Box. 10 s is going to be like a Chromebook, pretty much embedded into the hardware.
Just wait. Soon running Linux will be as convenient as running rooted Android, sure, you CAN do it, but you'll have to give up the ability to watch any (legal) media, or do any online financial transactions, etc.
Computers are going the way of smartphones, completely locked down, and even if you break the lock, you'll lose the ability to do half the things you want to do on a daily basis.
Soon running Linux will be as convenient as running rooted Android, sure, you CAN do it, but you'll have to give up the ability to watch any (legal) media
What do you mean soon? Bluray came out 2006. It thought of the not playing videos a whole 11 years before Netflix did.
Based on the description, this sounds like the sort of Windows you would give to a lot of non-technical users. None of my relatives would miss the missing functionality. The fact that it is also coming as a particular flavor of Windows that Microsoft is treating as a special build is actually encouraging because it means Microsoft is not making the same mistake Apple did of acting like they have to choose between pleasing technical users and non-technical users (and in the end, as we see with their hardware choices, the former lost out).
Another thing to consider is that this build will almost certainly reduce the support costs that schools pay without crippling what they can do for most students.
First they came for the....
... Chromebook market.
Then if history is any indicator, they shut down.
Well, does it come with a graphical ping utility then?, because that's what I need the Windows command line for (the other main use is to provide an easy way to shut down. Or I could do some stupid shit like using echo or copy con to write a phone number down.)
I don't give a shit that ping is too "hard" to use or whatever, just let me use it to look at the wifi's packet loss, or to figure out that the network works but the DNS doesn't. Even if that happens rarely it's stupid to assume everything works perfe
2017 The year of Linux as (Score:2)
a Windows desktop APP has arrived.
Useless then (Score:2)
No command line of any kind make this "computer" as useful as a Tamagotshi or a Hot Diggity Dogger machine.
Ironically, Tamagotshi "pets" were not furry.
The Cornballer.
I once achived a command line on a Macintosh SE. I installed Gnu Emacs on it. The shell within Emacs gave me a command line with primative things like ls and cd.
So Windows 10 S is the effective equivalent of the Speak-and-Spell but for college students?
It's the equivalent of a Chromebook but with Microsoft instead of Google.
Yes, a dumbed down computer. They should market it as such. Marketing as for students implies it's suitable for serious class and lab work.
Its GNU/NT, not Linux anyway (Score:5, Funny)
Very few people give a crap about its freedoms.
But then again (Score:2)
Windows 10 has a built-in Ubuntu Linux subsystem. It is a bit hidden and a bit experimental but it's there.
I installed Interix on Windows 2000 back in... 2000. It was a whole POSIX subsystem including the gnu toolchain. It was originally made by Softway Systems but Microsoft bought them. So it was a product I paid money to Microsoft for. A product that included a complete gnu toolchain.
notepad.exe doesn't even run on win10s. what the fuck do you expect?