FSF Campaigns Against Windows 8's Secure Boot

By design, the feature is intended to keep unwanted and potentially malicious software off a system by preventing unauthorized binaries to load during the boot process. However, the FSF believes that this technology could be abused and simply be used to not allow users to load certain free software.

"We are concerned that Microsoft and hardware manufacturers will implement these boot restrictions in a way that will prevent users from booting anything other than Windows," wrote Matt Lee in a post on the FSF website. "In this case, a better name for the technology might be Restricted Boot, since such a requirement would be a disastrous restriction on computer users and not a security feature at all."

Lee suggests that users should keep their ability to decide whether they want to enable or disable boot restrictions and there should be a way that will allow users to install a free OS.

"Computer owners must not be required to seek external authorization to exercise their freedoms," Lee wrote. If Windows 8 will prevent users from installing a free OS, Lee believes the result may be "complicated and risky measures to circumvent the restrictions", and the " popular trend of reviving old hardware with GNU/Linux would come to an end."

It's a good idea to keep an eye on such new features, but I would think that it is rather unlikely that Microsoft will shut out other OS from its Windows 8 platform. If Microsoft was almost broken up over the integration of IE in Windows, it's fairly easy to imagine the potential antitrust effects if it were to shut out other operating systems.

  • spiketheaardvark
    For fear of antitrust Microsoft might be shamed out of this but I could see Apple using this.
    Reply
  • xenol
    There's an option in BIOS/UEFI to disable this, no? Maybe the main the worry is that some manufacturers will take out that ability. Other than that... how is this more secure? I'm tempted to believe that this is like the key thing with Blu-Ray. It'll only be a matter of time before someone gets a valid key.
    Reply
  • xenol
    spiketheaardvarkFor fear of antitrust Microsoft might be shamed out of this but I could see Apple using this.Apple does this already. It's a combination of requiring UEFI (which most PCs don't have) and Intel's TPM chip. I think.
    Reply
  • runswindows95
    Depends on the motherboard, xenol. I can see the OEM's (HP, Dell, etc) not allowing this to be disabled on their motherboards. However, if motherboard manufactures prevents this from being disabled on enthusiasts motherboards, it will make me think twice before installing Windows ever again.
    Reply
  • de5_Roy
    this very uncool. microsoft(and manufacturers) should let users choose which os to boot from.
    this aint secure boot. this is no linux on this pc cuz i r ballmer boot.
    if apple does this already with their pcs then they should sue microsoft for patent infringement and get it disabled/removed, in which case linux/fsf wins. :)
    on the other hand, apple might be happy since this will make building hackintosh with a windows 8.0 pc harder. :P
    Reply
  • I thought MS already came out and stated that you will be able to turn off Secure Boot in the bios. Furthermore what does MS even have to do with it, they do not make motherboards. So why would say Asus and Msi and Gigabyte want to limit the OS their customers can use on the hardware they sell?
    Reply
  • nordlead
    Actually, there is a very simple solution for this. Add a physical jumper on the motherboard. If the connection is made, then it runs secure boot, if the connection is not made it boots like any current PC. Since it is a physical switch it wouldn't be susceptible to malicious attacks.
    Reply
  • 70camaross396
    I dont see think this will be a problem with hardware makers like asus or gigabyte. they will certianly have an option to turn this off. but i can see OEM's like Dell, HP, or Lenovo using this. in fact they may go even further and use it to even prevent OS upgrades. when i worked for an OEM tech support department early in my career, there policy was we only support the orignal OS that shipped on the system. so if you upgraded from 98 to 2k or XP you were SOL. no more support if things went wrong. I can see OEMs using this to restrict upgrades as well.
    Reply
  • amk-aka-Phantom
    GTFO, Linux fanboys... you don't NEED new hardware. You can play around with your toys on a Core 2 Duo. In fact, 11.04 boots on a Core 2 Duo faster than it does than on my Core i7, and it doesn't support Turbo Boost and glitches with my GPU even though the proprietary drivers are there.

    I think that Linux users are tech-savvy enough to NOT buy prebuilt PCs, and on non-prebuilt there will be an option to disable this.

    Keep protesting. I'll laugh just like I laughed when Linux users "demanded" Steam. They don't really need any of it, they just want to pretend that someone actually gives a $h!t about them.
    Reply
  • Vladislaus
    xenolApple does this already. It's a combination of requiring UEFI (which most PCs don't have) and Intel's TPM chip. I think.The differenc is that it's to prevent the Mac OS from being installed in other non-mac computers. I can still install other OSes on mac computers.
    Reply