Linux group mulls anti-Microsoft campaign

Linux group mulls anti-Microsoft campaign

Summary: Plans to enable a secure boot on Windows 8 machines have drawn the ire of Linux Australia's membership and has them considering action.


Plans to enable a secure boot on Windows 8 machines have drawn the ire of Linux Australia's membership after Microsoft revealed plans recently that would require all alternative operating systems (including earlier versions of Windows) to carry Microsoft security keys to be compatible with the Unified Extensible Firmware Interface (UEFI) and its secure-booting procedures.

This would make it impossible to install alternative operating systems like Linux, or even older versions of Windows, if the OEM doesn't bundle the secure keys with new OS releases and the hardware vendor doesn't enable the secure-boot feature to be switched off.

Members of Linux Australia are looking to petition the Australian Competition and Consumer Commission (ACCC), claiming that Microsoft's behavior is anti-competitive. They are circulating a form letter addressed to the ACCC in an attempt to press the regulator into action, as well as a step-by-step guide on how to create a new complaint for investigation. Linux Australia president John Ferlito told ZDNet Australia today that the council will be meeting on Thursday night to determine whether it will take up a campaign against Microsoft's secure boot practices.

For more on this story, read Linux users threaten Microsoft with ACCC on ZDNet Australia.

Topics: Operating Systems, Linux, Microsoft, Open Source, Software, Windows

Luke Hopewell

About Luke Hopewell

A fresh recruit onto the tech journalism battlefield, Luke Hopewell is eager to see some action. After a tour of duty in the belly of the Telstra beast, he is keen to report big stories on the enterprise beat. Drawing on past experience in radio, print and magazine, he plans to ask all the tough questions you want answered.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • How selfish

    So this group wants 90% of the computing world to be less secure so that 1% of the computing world doesn't have to spend 30 seconds disabling a setting before installing their OS?

    How selfish.

    How utterly selfish.

    They should be petitioning the OEMs to ensure that secure boot can be turned off.

    That should be their focus.

    Instead, they want a security feature to be totally unavailable.

    How ridiculous.

    How childish.
    • Speaking as a 1%er


      As long as the OEMs allow me to spend 30 seconds to disable a setting, I've got no problem with this setup. The issue is that without a campaign like this, I fear that OEMs will not see this as an issue and will not sell machines which allow secure boot to be disabled. So perhaps it is wrong to make this an anti-Microsoft campaign, but this is an issue for machines bundled with MS Windows, so it's tough to have a campaign without MS getting caught in the crosshairs.
      Michael Kelly
      • Has Microsoft required that OEMs not allow this to be disabled?

        @Michael Kelly
        If not then it is very easy not to catch MS in the crosshairs.

        The ironic thing is that while Linux users are complaining about Microsoft taking away their choice, they are responding by taking away our choice to use a more secure version of Windows. It is my choice to use secure Windows, why do you want to take that away from me? Why is your choice more important than my choice?

        "So perhaps it is wrong to make this an anti-Microsoft campaign"

        Not perhaps wrong, it is wrong. Period.

        "As long as the OEMs allow me to spend 30 seconds to disable a setting, I've got no problem with this setup."

        Agreed. You need to petition OEMs to include this and leave Microsoft, and my choice to have a more secure version of Windows, out of it.
      • RE: Linux group mulls anti-Microsoft campaign

        @toddybottom: "they are responding by taking away our choice to use a more secure version of Windows."
        Not at all. Nobody says "remove UEFI Secure boot", they're saying "give me a choice to disable it".

        Then you can secure your Windows AND I can install my Linux.

        If Microsoft's requirements on OEMs is what leads to Linux not being possible to install, then MS should share the pain.
    • RE: Linux group mulls anti-Microsoft campaign


      They have to prevent these security measures. How else could they run around screaming that Windows is insecure?
      • RE: Linux group mulls anti-Microsoft campaign

        @Badgered lol
        It only prevents bootsector rootkits anyway. Nothing more.
    • RE: Linux group mulls anti-Microsoft campaign

      @toddybottom <br>You thought the In-security of PC is caused by BIOS not implementing secure boot and you thought secure boot can actually secure your Windows?<br>This is utterly ignorant, selfish and childish.<br>BIOS won't help protect your system. After boot, full hardware control will be handled to system. BIOS/UEFI only determines which hardware to mount, what system to boot. When booting, kernel will first be executed, not the virus. After booting, kernel may run the virus the same as it run other applications. Virus will infect independently whether or not your kernel is signed.<br><br>The secure boot (if force enabled) restrict users from switching to another OS (no matter from Win to Linux or from Win8 to Win9). This sure enforce security, in a non-sense way: If you want to live in a safe house, then go into the jail. While this may prevent sb. breaking into your house, generic virus can still infect you as usual.
      Someone pointed out that there are bootloader Viruses. Yes, there are even BIOS viruses that flash your BIOS and start to do bad thing on "Power on".
      A real safe system like Linux will be able to detect and stop any program from changing these sensitive parts of an OS (unless the root user is foolish enough). Then do we need secure boot if Windows can be this secure? NO!
      Even if Windows kernel is signed, future virus may still surpass this check by stealing the key from Windows---i.e. a signed virus infected bootloader.
      • Root kit, boot sector virus..?


        For most viruses, that's true, but there are certain viruses that install on the boot sector of the hard drive and load "before" the OS loads. This is what the Secure Boot is meant to stop.

        Essentially, the point is to make sure the "right" kernel is loaded first, so that it can, in turn, do its thing to keep the rest of the viruses from loading.
      • RE: Linux group mulls anti-Microsoft campaign

        @UStupidKid Virus/malware can mount and patch OS's kernel binary even before the system boots. It can be done by using insecured bootloader.

        That's exactly how Windows 7 activation loader (GNU GRUB based loader) being done, Right now.
      • RE: Linux group mulls anti-Microsoft campaign

        @UStupidKid You got it! Microsoft's secure boot is total crap! Secure boot just ensures that nothing else than Windows 8 boots on that machine but won't prevent your machine from being "molested" by malware and viruses. The people who believe that Microsoft's secure boot makes their machine any safer are ignorant. With secure boot Microsoft plans to be a greater monopoly as it is now. Does Microsoft fear it will be struck down by Linux like Goliath by David? XD
      • RE: Linux group mulls anti-Microsoft campaign


        "That's exactly how Windows 7 activation loader (GNU GRUB based loader) being done, Right now."

        Really? So MS has an open source boot loader? Let's see the source code then.
    • RE: Linux group mulls anti-Microsoft campaign


      There is no such thing as a secure windows.
    • RE: Linux group mulls anti-Microsoft campaign


      90% and slowly shrinking.

      MS has to remember that they are not the only game in town and should make the feature optional or the default with an off switch.

      But we all know MS doesn't know how to play fair or give users a choice.
    • RE: Linux group mulls anti-Microsoft campaign

      @toddybottom LULZ
      No, they do not want others to be more insecure. In fact, projects like OpenBSD in particular wants others to be more secure.
      You're about 10000x more likely to have remotely exploitable bugs in your system that can lead to your email password and banking info getting stolen if you run Windows instead of OpenBSD.
      UEFI Secure boot only protects against bootsector rootkits, a small portion of all malware.

      AFAIK they're NOT asking the secure boot feature to be removed, just that the users can choose what to install.
    • RE: Linux group mulls anti-Microsoft campaign

      @toddybottom <br>I understand MS. Only 90%. Until 1987 all candidates for the local soviets usually received about 99 percent of the vote. That 1% would really help.<br><br>But don't underestimate the risk for MS. Just suppose that 1% would increase to a few %, not on a scale professionals use Linux, but just a few %. MS would already lose some 60-70% of their pro Windows arguments. (no full compatibility, not exact the same functionality, not used to the interface, friends have not enough knowledge, not enough commercial helpdesk support, some hardware makers still slow with supporting driver development, with some electronic products come with incompatible soft). So we must understand MS doing this.<br><br>With enough attention, I suppose a solution will appear, the new system will be open. MS has other ways to make it consumers difficult to try, select an alternative.<br><br>I am sure the people defending the quality's of Windows would also like us to have more chose. It must be difficult to defend something that is used not because people really selected it. They would like to show a high percentage, but after people tested and selected their preferred OS.
    • RE: Linux group mulls anti-Microsoft campaign

      @toddybottom You do realize MS is doing this to prevent you, and most other Windows users, from doing lo-cost Windows upgrades, right?
      The same thing that keeps Linux off these systems will also keep cheap online versions of Windows 9 off these computers.
      The rootkit security is just a side benefit that MS marketing can sell to the un-informed.
  • Linux losers!

    What happens if Microsoft's customers actually want secure boot, which we do?
    This however, proves how unintelligent these Linux fans are, because Microsoft has clearly stated that even though UEFI is a requirement for Windows 8, secure boot can be disabled.

    Go ahead Linux losers, because you won't get too far with this as it makes absolutely no sense.
    General C#
    • Secure boot is &lt;b&gt;NOT&lt;/b&gt; a requirement for Windows 8

      @General C#
      Secure Boot is a requirement for Windows 8 <i>logo certification</i>; not for booting Windows 8. Windows 8 will boot fine (but without integrity guarantee) on a PC without secure boot or on a PC where secure boot has been disabled.
      • Well, that we know of...


        A couple of things that even I found unsettling is that we "don't know" what Microsoft is going to do beyond revoking logo certification for computers without Secure Boot enabled.

        Will we see Windows 8 squak at you a la UAC anytime you boot to the desktop if your computer doesn't have secure boot enabled? I wouldn't be surprised if it did.

        If (and there's a BIG if here) Linux was ever to become mainstream enough that "mere mortals" would want to dual-boot their machines, wouldn't this alone cause a bit of confusion and result in only one outcome?
      • RE: Linux group mulls anti-Microsoft campaign

        @daftkey - Windows 8 Logo'ing cannot be revoked for any particular system that's already logo'd.

        If you purchase a Windows 8 logo'd system, and you disable secure boot, the logo remains valid on that particular system because it SHIPPED to the end user with secure boot enabled.

        There's nothing in the Windows 8 logo requirements (that I can find) that say secure boot must *remain* enabled once the system is purchased by an end user.