Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

Summary: The Free Software Foundation is asking OEMs to give users a choice on Microsoft anti-Linux Windows 8's United Extensive Firmware security "feature."

SHARE:

The FSF wants to free you from Windows 8's UEFI cage.

The FSF wants to free you from the Windows 8 UEFI cage.

If you buy Microsoft's explanation for the company requiring a version of UEFI (Unified Extensible Firmware Interface) on PCs that can run Windows 8, it's there to protect users from next-generation malware. If you think that's the only reason for the UEFI to be in there, I have a nice bridge in Brooklyn to sell you. The UEFI requirement is also there to block Linux and other alternative operating systems from booting on Windows 8 PCs. In response to this open-source operating system threat, the Free Software Foundation (FSF) has started a petition to urge original equipment manufacturers (OEM)s to give people a way to easily opt out of Microsoft's Windows 8 UEFI cage.

The FSF fears, with reason, that Microsoft will make it difficult, if not impossible, for end-users to install other operating systems, such as Ubuntu 11.10 on Windows 8 systems. So it is that the FSF is asking users to "Stand up for your freedom to install free software" by signing a petition asking that UEFI be installed on Windows 8 systems in a way that will allow users to install Linux or other alternative open-source operating systems such as FreeBSD or OpenIndana, the successor operating system to OpenSolaris.

Specifically, the FSF is urging "all computer makers implementing UEFI's so-called 'Secure Boot' to do it in a way that allows free software operating systems to be installed. To respect user freedom and truly protect user security, manufacturers must either allow computer owners to disable the boot restrictions, or provide a sure-fire way for them to install and run a free software operating system of their choice. We commit that we will neither purchase nor recommend computers that strip users of this critical freedom, and we will actively urge people in our communities to avoid such jailed systems."

The reasons for this petition, the FSF, explained is that since "Microsoft has announced that if computer makers wish to distribute machines with the Windows 8 compatibility logo, they will have to implement a measure called 'Secure Boot.' However, it is currently up for grabs whether this technology will live up to its name, or will instead earn the name Restricted Boot."

While admitting that "When done correctly, 'Secure Boot' is designed to protect against malware by preventing computers from loading unauthorized binary programs when booting." The FSG continued, "In practice, this means that computers implementing it won't boot unauthorized operating systems--including initially authorized systems that have been modified without being re-approved."

That's fine, as far as the FSF is concerned so "long as the user [is] able to authorize the programs she wants to use, so she can run free software written and modified by herself or people she trusts. However, we are concerned that Microsoft and hardware manufacturers will implement these boot restrictions in a way that will prevent users from booting anything other than Windows. In this case, we are better off calling the technology Restricted Boot, since such a requirement would be a disastrous restriction on computer users and not a security feature at all."

Thus, "It is essential that manufacturers get their implementation of UEFI right. To respect user freedom and truly protect user security, they must either provide users a way of disabling the boot restrictions, or provide a sure-fire way that allows the computer owner to install a free software operating system of her choice."

Amen.

While Steven Sinofsky, Microsoft's president of the Windows division can say that "OEMs are free to choose how to enable this support," given Microsoft's long history of strong-arming OEMs and, indeed Bill Gates will soon be appearing in court again to defend how Microsoft used to attack competitors in the 90s, do we really have any reason to trust Microsoft today? I think not.

As Red Hat engineer Matthew Garrett said when he dug into the problems that UEFI posed for Linux, "The truth is that Microsoft's move removes control from the end user and places it in the hands of Microsoft and the hardware vendors." If you'd like to make sure the control about what runs on your PC remains in your hands and not Microsoft's, I urge you to sign the FSF petition.

Related Stories:

Microsoft to stop Linux, older Windows, from running on Windows 8 PCs

Microsoft: Don't blame us if Windows 8's secure boot requirement blocks Linux dual-boot

Microsoft tries to block Linux off Windows 8 PCs

Will Windows 8 block users from dual-booting Linux? Microsoft won't say

Yes, UEFI 'secure boot' could lock out Linux from Windows 8 PCs

Caged animal image by <A HREF="http://www.flickr.com/photos/vinothchandar/"> VinothChandar, </A>, CC 2.0.

Topics: Operating Systems, CXO, Hardware, Linux, Microsoft, Open Source, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

94 comments
Log in or register to join the discussion
  • FSF doesn't have to do anything!

    Like the new Sony PS3 that won't run Linux, JUST DON'T BUY THEM!
    kd5auq
    • There will not be a choice.....

      @kd5auq

      OEM's margins are so small, they will not make two versions of each model PC they sell. Therefore there will no longer be any choice at all.

      This is nothing more than a power grab from Microsoft to keep from continuing to lose market share to Apple and to Linux. This is almost the same strategy that Microsoft used when taken to court for anti-trust violations in the past. I see that happening all over again, only I hope that this time Microsoft does get chopped into 2 or more pieces, which should have occurred last time.
      linux for me
      • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

        @linux for me - I agree and I will sue MS and the OEM for exactly this. If I buy a laptop or motherboard that will not run what OS I choose, I will sue. Simple as that! I'll either get my OS running or I'll get rich... Either way, I win :)
        LinuxRocks
    • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

      @kd5auq The OEM's can always configure an option for each bootable partition, certificate or not. That way, if you boot partition #1, the certificate is passed in, if you boot partition #4 it is not.
      BrentRBrian
      • Sure, the OEMs &quot;can&quot; do lots of things

        @BrentRBrian
        But it's only what they <i>will</i> do that ultimately matters.
        Zogg
  • More FUD from SJVN

    Say no to UEFI! Say YES to boot sector malware! ;)<br><br><I>"The UEFI requirement is also there to block Linux and other alternative operating systems from booting on Windows 8 PCs."</I><br><br>Sure, sure. You forgot to mention it also <A HREF="http://www.zdnet.com/blog/hardware/microsoft-confirms-that-uefi-secure-boot-might-lock-out-linux-and-older-versions-of-windows-from-new-pcs/14942?tag=mantle_skin;content">blocks previous versions of Windows</A>. But who cares about that?
    The one and only, Cylon Centurion
    • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

      @Cylon Centurion : thats also to MS's benefit so they can drop the older versions
      deaf_e_kate
      • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

        @deaf_e_kate

        Microsoft already knows that doesn't happen like they wish, and they have already admitted Windows 8 will be run along side Windows 7.

        Now, Windows 7 has support for UEFI boot, but lacks the keys to be booted with secured boot turned on. So, if they're admitting Windows 7 will still be here while Windows 8 is around, why would they shoot themselves by locking out Windows 7?
        The one and only, Cylon Centurion
      • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

        @Cylon Centurion : never trust what they say now, they have bottled out of many a hype over the years.
        What about Vista and Xp? they are still around.
        deaf_e_kate
      • The UEFI will contain the MS key

        @Cylon Centurion
        And Win7 is a MS product. So I'm sure that MS will find a way for users to secure-boot Win7, as required.

        What does this have to do with users wanting to install their own OS?
        Zogg
      • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

        @deaf_e_kate

        What about XP and Vista? I don't get the question.

        @Zogg
        <I>"And Win7 is a MS product. So I'm sure that MS will find a way for users to secure-boot Win7, as required."</I>

        I'm fairly sure that would require changing the boot process, which they wouldn't do.
        The one and only, Cylon Centurion
      • Won't MS need to change the Win7 installer anyway?

        @Cylon Centurion
        It's not as if the existing Win7 installer understands UEFI and secure boot, is it? So MS will have some work to do anyway, and the UEFI will already contain the MS key, so that won't be a problem.
        Zogg
      • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

        @Zogg

        Windows 7 x64 is compatible with UEFI. But there is no reason to believe Microsoft would go back and alter the Windows 7 boot process to use secured boot.
        The one and only, Cylon Centurion
      • There is every reason!

        @Cylon Centurion<br><i>"But there is no reason to believe Microsoft would go back and alter the Windows 7 boot process to use secured boot."</i><br><br>Don't be absurd! Win8 machines <i>will</i> use UEFI and secure boot, so there is <i>every</i> reason to suppose that MS will allow Win7 to be installed on them too. Why <b>not</b> create a Win7 installer that will use secure boot? The only problem would be getting its certificate in the UEFI, except that MS's certificate is guaranteed to be there already.
        Zogg
    • Re: blocks previous versions of Windows

      @Cylon Centurion But nobody cares about previous versions of Windows. It's Linux we care about.
      ldo17
  • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

    <A HREF="https://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/verified-boot">Chromebooks also use secured boot</A>. Where's the outrage there?
    The one and only, Cylon Centurion
    • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

      @Cylon Centurion Man !!! You are talking too many sensible things. It is not allowed here !!!!
      1773
    • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UE

      @Cylon Centurion A link from a Googler with instructions for installing Ubuntu on a Cr-48:

      http://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/how-to-boot-ubuntu-on-a-cr-48
      "The Cr-48's boot process does not support initrd, which is required by Ubuntu. That leaves us three possibilities:
      1. Use the existing Chrome OS kernel with the Ubuntu rootfs.
      2. Recompile the Ubuntu kernel to do without initrd (ugh).
      3. Modify the Chrome OS bootstub to handle initrd (double-ugh).

      Looks like fun. This may end up taking desktop Linux back to the '90s, where only geeks used it.
      Rabid Howler Monkey
  • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

    I don't see a problem with the lockout. It prevents people from hosing up their PCs with linux. Microsoft is doing you a favor by enabling this. Its not like anyone would willingly want to run linux anyway, and if you don't like it buy hardware that doesn't have this UEFI on it. FSF and linux users have nothing better to do than complain and its all that negative energy that drives people away.
    LoverockDavidson_-24231404894599612871915491754222
    • RE: Free Software Foundation urges OEMs to say no to mandatory Windows 8 UEFI cage

      @LoverockDavidson_

      So you are never going to set up virtualized servers using VMWare?
      benched42