If a hardware producer wants to sell a computer with a Windows8 logo, he will have to offer "secure booting". Now the only problem with that is that it makes dual booting with older Win versions and Linux almost impossible. So everyone should think twice before buying a computer with the Win8 logo. The Certified boot process in Windows8 will possibly shut out users of other OS's. The process needs a Certification for the software and firmware involved in booting from a Certificate Authority (CA). To achieve this the firmware has to be replaced by UEFI (PPTX-Document). Microsofts reason for doing it like this is to prevent malware infetction. For Linux the UEFI specification should not be the big problem (It has supported EFI for some time). But the Certification will be a problem. The certificates will be implemented with keys originating from Microsoft and the Hardware producers. Without these keys the Computer will refuse to boot. So to get Linux to boot: Grub (and for future use) the kernel will have to be certified. That is a problem for both the Kernel and Grub. The hardware producers will probably offer an option to suppress the secure booting option. But this will leave another problem: To dual boot you would have to switch between secure and unsecure booting. That would also go for dual booting Windows8 with Windows7 or earlier versions. Maybe that will motivate Microsoft to find a solution to the problem.... In short: Don't buy Windows8 marked computers! (yet) |
Certified Booting - big Linux problem
Moderators: b1o, jkerr82508
Certified Booting - big Linux problem
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
"There are no stupid questions - Only stupid answers!"
Re: Certified Booting - big Linux problem
Chilling. MS beating the drums of fear, isn't it. This feels like an extension of the earlier problems of trying to dual boot, wherein Windows simply overwrites the boot record, for which there are various workarounds, even modifying boot.ini to have it boot Linux.
However, I see the venerable FUDers as playing on the fears of a non-tech market, fears that are, largely, based on the insecurities of Microsoft OS and the exploits thus enabled. Ironic, isn't it? Not to mention the vast economy based on anti-virus etc. software that relies on these insecurities in order to profit.
So, I see most consumers not having the time or interest in dual booting to resist this promise of "secure" booting. I see them as cowed and beaten by years of conditioning, submitting to another form of the MS forced upgrade paradigm. I see them playing right into the hands of the empire Gates built.
However, I see the venerable FUDers as playing on the fears of a non-tech market, fears that are, largely, based on the insecurities of Microsoft OS and the exploits thus enabled. Ironic, isn't it? Not to mention the vast economy based on anti-virus etc. software that relies on these insecurities in order to profit.
So, I see most consumers not having the time or interest in dual booting to resist this promise of "secure" booting. I see them as cowed and beaten by years of conditioning, submitting to another form of the MS forced upgrade paradigm. I see them playing right into the hands of the empire Gates built.
Re: Certified Booting - big Linux problem
rolf wrote:Not to mention the vast economy based on anti-virus etc. software that relies on these insecurities in order to profit.
Text Book application of Freedom trade for Security.
Re: Certified Booting - big Linux problem
Hm I wonder If we can just put Win 8 in a VirtualBox under Linux? It works great with XP.
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
"There are no stupid questions - Only stupid answers!"
Re: Certified Booting - big Linux problem
I thought about the same thing, cage the beast in box.
What got me thinking is, if you cage the beast, does it check for hardware.
So how VB presents the Hardware to the beast? It will work?
What got me thinking is, if you cage the beast, does it check for hardware.
So how VB presents the Hardware to the beast? It will work?
Re: Certified Booting - big Linux problem
Well this clearly is a BIOS hard coding - and VB is replacing the BIOS - kind off. So it might work.
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
"There are no stupid questions - Only stupid answers!"
- dedanna1029
- Sound-Berserk
- Posts: 8780
- Joined: 14 Mar 2010, 20:29
- Contact:
Re: Certified Booting - big Linux problem
Ah, hell, so you beat me to this one then. Eh, well, delete it if you want to. Sorry. It's been a while since I've been in here, can't keep up these days.
I'd rather be a free person who fears terrorists, than be a "safe" person who fears the government.
No gods, no masters.
"A druid is by nature anarchistic, that is, submits to no one."
http://uk.druidcollege.org/faqs.html
No gods, no masters.
"A druid is by nature anarchistic, that is, submits to no one."
http://uk.druidcollege.org/faqs.html
- dedanna1029
- Sound-Berserk
- Posts: 8780
- Joined: 14 Mar 2010, 20:29
- Contact:
Re: Certified Booting - big Linux problem
Red Hat engineer renews attack on Windows 8-certified secure boot, Linux lock-out row rumbles on
Also, copped this comment today on facebook:
What do you think?
Also, copped this comment today on facebook:
Jerry Eakle wrote:From what I keep reading in those articles you will be able to turn off the secure boot so you can use Linux. From what I get out of the articles is that it's to prevent pirated copies of WIndows running on the computers using secure boot. They also says if anyone is going to prevent Linux from being installed it's not Microsoft it's the OEM companies that put all the bloat that the Linux users complain about.
What do you think?
I'd rather be a free person who fears terrorists, than be a "safe" person who fears the government.
No gods, no masters.
"A druid is by nature anarchistic, that is, submits to no one."
http://uk.druidcollege.org/faqs.html
No gods, no masters.
"A druid is by nature anarchistic, that is, submits to no one."
http://uk.druidcollege.org/faqs.html
Re: Certified Booting - big Linux problem
I am with rolf and RedHat.
The worst OS out there - in terms of security - is setting the standard: How on earth are we ever going to improve? The problem being that the owner of the worst OS can exclude (or make life hard) for the competition.
I do think that Microsoft has severe security issues and that this is an action taken to improve security - to maybe 40%. The other 60% of Microsofts strategy is the all to well known : "How do we dominate the market and exclude the competition"
That is kind of their style and they have been doing it for years, like with the Embrace Extend Extinguish bullying.
Not even the greatest idiot on earth would believe that Microsoft hadn't spent a thought on how this would affect Linux. So as usual they are telling maximum 40% of the truth and the rest is stonewalling and deceiving to exclude competition and keep market shares.
Microsoft is sanctimoniously going to claim that even their older versions of the OS will be excluded by this, so they are the fairest of the fair.
But everyone knows that no one keeps two versions of Windows on the same computer. While it is rather common to combine it with another OS.
Now the risk for Microsoft is huge too, as Steve Balmer has stated: Win8 is the riskiest launch of MS yet.
The HW producers (mainly Chineese these days) stand to loose a lot of turnover. Simply because people will not upgrade to a Win 8 box if that is all it can be used for. Therefore they will make it an option.
But it will be an extra hassle caused by Microsoft. So the label -NOT WIN8 CERTIFIED-. will have a significant market potential.
In fact don't use it: I just patented it
For countries like Russia it will be the sign of a plague. Putin has decided that the Russians shall use Linux. Whatever you think of him you have to give him credit for getting things done, so it will happen.
For this reason alone I bet that Microsoft will buy my patent, rather than excluding themselves. It is Linux that has to be excluded not MS, you see.
Also it is questionable if MS has the market position to pull this of anymore. Ironically the PC is not personal anymore. It is for business use. That is where you find the people who make a living of fighting viruses and implementing security.
The personal computer is increasingly a tablet or a phone these days - not a PC.
And in that market Linux and Apple are dominating.
Microsoft is not even present, and when they are, it is questionable if they will be able to achieve a no 3 position.
If they do not pull this one of, then they truly are in trouble - and Steve Ballmer knows it.
As a Microsoft employee put it:
I think they are in trouble.....
The worst OS out there - in terms of security - is setting the standard: How on earth are we ever going to improve? The problem being that the owner of the worst OS can exclude (or make life hard) for the competition.
I do think that Microsoft has severe security issues and that this is an action taken to improve security - to maybe 40%. The other 60% of Microsofts strategy is the all to well known : "How do we dominate the market and exclude the competition"
That is kind of their style and they have been doing it for years, like with the Embrace Extend Extinguish bullying.
Not even the greatest idiot on earth would believe that Microsoft hadn't spent a thought on how this would affect Linux. So as usual they are telling maximum 40% of the truth and the rest is stonewalling and deceiving to exclude competition and keep market shares.
Microsoft is sanctimoniously going to claim that even their older versions of the OS will be excluded by this, so they are the fairest of the fair.
But everyone knows that no one keeps two versions of Windows on the same computer. While it is rather common to combine it with another OS.
Now the risk for Microsoft is huge too, as Steve Balmer has stated: Win8 is the riskiest launch of MS yet.
The HW producers (mainly Chineese these days) stand to loose a lot of turnover. Simply because people will not upgrade to a Win 8 box if that is all it can be used for. Therefore they will make it an option.
But it will be an extra hassle caused by Microsoft. So the label -NOT WIN8 CERTIFIED-. will have a significant market potential.
In fact don't use it: I just patented it
For countries like Russia it will be the sign of a plague. Putin has decided that the Russians shall use Linux. Whatever you think of him you have to give him credit for getting things done, so it will happen.
For this reason alone I bet that Microsoft will buy my patent, rather than excluding themselves. It is Linux that has to be excluded not MS, you see.
Also it is questionable if MS has the market position to pull this of anymore. Ironically the PC is not personal anymore. It is for business use. That is where you find the people who make a living of fighting viruses and implementing security.
The personal computer is increasingly a tablet or a phone these days - not a PC.
And in that market Linux and Apple are dominating.
Microsoft is not even present, and when they are, it is questionable if they will be able to achieve a no 3 position.
If they do not pull this one of, then they truly are in trouble - and Steve Ballmer knows it.
As a Microsoft employee put it:
Is Win 8 tablet all we have left to be excited about?
I think they are in trouble.....
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
"There are no stupid questions - Only stupid answers!"
Re: Certified Booting - big Linux problem
Some interesting arguments about the Company Meeting and Ballmer on thin ice, over there at winrumors. Also, sounds like there are plenty of corporate monsters in the wings, should Ballmer be jettisoned.
Good reporting!
Good reporting!
Re: Certified Booting - big Linux problem
And the irony is that it opens new security flaws, according to Ross Anderson; professor of security technology at Cambridge University.
http://www.lightbluetouchpaper.org/2011 ... uting-2-1/
It is probably considered a feature in Turkey - but I dunno....
This probably makes it more popular amongst all the governments.
Have you ever come across a government that does not claim the moral high ground? If you are against this you must be for terror and pedophiles!
We have all heard it before during the Data Retention debate in Europe.
http://www.lightbluetouchpaper.org/2011 ... uting-2-1/
We’ve also been starting to think about the issues of law enforcement access that arose during the crypto wars and that came to light again with CAs. These issues are even more wicked with trusted boot. If the Turkish government compelled Microsoft to include the Tubitak key in Windows so their intelligence services could do man-in-the-middle attacks on Kurdish MPs’ gmail, then I expect they’ll also tell Microsoft to issue them a UEFI key to authenticate their keylogger malware.
It is probably considered a feature in Turkey - but I dunno....
This probably makes it more popular amongst all the governments.
Have you ever come across a government that does not claim the moral high ground? If you are against this you must be for terror and pedophiles!
We have all heard it before during the Data Retention debate in Europe.
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
"There are no stupid questions - Only stupid answers!"
Re: Certified Booting - big Linux problem
If you dislike this you can sign here:
http://www.fsf.org/campaigns/secure-boo ... /statement
http://www.fsf.org/campaigns/secure-boo ... /statement
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
"There are no stupid questions - Only stupid answers!"