Microsoft has announced plans for a security feature in Windows 8 that has the potential to prevent users from installing their own operating systems including Linux.
Early versions of Windows 8 do away with the established BIOS > bootloader > OS booting paradigm in favor of something called the Unified Extensible Firmware Interface (UEFI). This booting system has enabled Microsoft to demonstrate machines booting Windows 8 in a respectable-even-for-Linux eight seconds, but it's the security options built into UEFI that are the real difference.
UEFI includes a secure boot protocol designed to stop bootloader attacks, where rootkits or other malware are loaded into the operating system at boot time. Any code loaded at boot time has to be identified with a secure key, enabling UEFI to lock out unauthorized code. Original Equipment Manufacturers (OEMs) will have to implement this feature in order to get their products Windows 8-certified.
The implications of this for Linux users are obvious. As there is no central registry of keys, it will be up to the PC vendor to determine which code is and isn't signed, giving the manufacturers unprecedented control over what is installed on your machine.
Predictably, that's not how Microsoft program manager Tony Mangefeste sees it. In a blog post he said: "At the end of the day, the customer is in control of their PC. The security that UEFI has to offer with secure boot means that most customers will have their systems protected against bootloader attacks. For the enthusiast who wants to run older operating systems, the option is there to allow you to make that decision."
Quite apart from disingenuously branding Linux an "older" operating system. Mangefeste contradicts his "the customer is in control" sentiment later in the same blog: "Microsoft supports OEMs having the flexibility to decide who manages security certificates and how to allow customers to import and manage those certificates, and manage secure boot."
Matthew Garrett, a mobile Linux developer at Red Hat, hit the nail on the head with his response: "There's no indication that Microsoft will prevent vendors from providing firmware support for disabling this feature and running unsigned code. However, experience indicates that many firmware vendors and OEMs are interested in providing only the minimum of firmware functionality required for their market. It's almost certainly the case that some systems will ship with the option of disabling this. Equally, it's almost certainly the case that some systems won't.
"It's probably not worth panicking yet. But its worth being concerned."
Early versions of Windows 8 do away with the established BIOS > bootloader > OS booting paradigm in favor of something called the Unified Extensible Firmware Interface (UEFI). This booting system has enabled Microsoft to demonstrate machines booting Windows 8 in a respectable-even-for-Linux eight seconds, but it's the security options built into UEFI that are the real difference.
UEFI includes a secure boot protocol designed to stop bootloader attacks, where rootkits or other malware are loaded into the operating system at boot time. Any code loaded at boot time has to be identified with a secure key, enabling UEFI to lock out unauthorized code. Original Equipment Manufacturers (OEMs) will have to implement this feature in order to get their products Windows 8-certified.
The implications of this for Linux users are obvious. As there is no central registry of keys, it will be up to the PC vendor to determine which code is and isn't signed, giving the manufacturers unprecedented control over what is installed on your machine.
Predictably, that's not how Microsoft program manager Tony Mangefeste sees it. In a blog post he said: "At the end of the day, the customer is in control of their PC. The security that UEFI has to offer with secure boot means that most customers will have their systems protected against bootloader attacks. For the enthusiast who wants to run older operating systems, the option is there to allow you to make that decision."
Quite apart from disingenuously branding Linux an "older" operating system. Mangefeste contradicts his "the customer is in control" sentiment later in the same blog: "Microsoft supports OEMs having the flexibility to decide who manages security certificates and how to allow customers to import and manage those certificates, and manage secure boot."
Matthew Garrett, a mobile Linux developer at Red Hat, hit the nail on the head with his response: "There's no indication that Microsoft will prevent vendors from providing firmware support for disabling this feature and running unsigned code. However, experience indicates that many firmware vendors and OEMs are interested in providing only the minimum of firmware functionality required for their market. It's almost certainly the case that some systems will ship with the option of disabling this. Equally, it's almost certainly the case that some systems won't.
"It's probably not worth panicking yet. But its worth being concerned."