Linux won't be locked out of Windows 8 PCs, but FUD continues

A new draft of Microsoft's Windows 8 hardware certification specs confirms what we already knew: the new Secure Boot feature won't lock out Linux on hundreds of millions of new PCs. But Linux backers are demanding the right to hack a new class of devices that doesn't yet exist.
Written by Ed Bott, Senior Contributing Editor

Lawyers have an old saying: If the facts are on your side, pound the facts. If the law is on your side, pound the law. If neither is on your side, pound the table.

A tiny but vocal minority of Linux fanatics are pounding the table today over a new security feature called Secure Boot that will be introduced in Windows 8, shrilly accusing Microsoft once again of a conspiracy to "lock out" Linux.

They are pounding the table because the facts are not on their side. Very large market forces are not on their side. Any prospective Windows 8 user should not be on their side.

So what's really going on?

Related posts:

Back in September, the Linux community expressed dire fears that Microsoft was plotting to lock out Linux in new PCs sold with Windows 8. The reality has now emerged, in the form of a detailed document from Microsoft that outlines requirements for Windows 8 certification on hardware. That document proves those fears were completely unfounded.

Indeed, if you read the latest headlines, you need to pay careful attention to the Orwellian changes in wording to see just how absurd the current arguments are.

Here's the headline from my colleague Steven J. Vaughan-Nichols' post on September 23, 2011:

Microsoft to stop Linux, older Windows, from running on Windows 8 PCs

And here's the headline from his January 13, 2012 update:

Microsoft to lock out other operating systems from Windows 8 ARM PCs & devices

See how "Windows 8 PCs" turned into "Windows 8 ARM PCs and devices"? That's a huge difference. For one thing, there's no such thing as a "Windows 8 ARM PC." The initial wave of ARM-based devices running Windows 8 will be tablets that run a subset of the full Windows 8 operating system, compiled for a completely different architecture. Even if later models add keyboards and trackpads, they will still not be PCs, any more than an iPad is a PC.

And they don't exist yet.

Now let's talk about Windows 8 PCs. The new specifications make it very clear:

All versions of Windows 8 shall be UEFI-compatible ...

All client systems must support UEFI Secure boot ...

MANDATORY: Enable/Disable Secure Boot. On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup. A physically present user must be allowed to disable Secure Boot via firmware setup without possession of PKpriv [the private key that supports Secure Boot].

"Non-ARM systems" means the classic x86 PC design. Roughly 400 million of these devices will be sold this year, and probably an equivalent number will be sold in the first year that Windows 8 is available. Every single one of those PCs will have the ability to run older versions of Windows, Linux, or a new operating system you create yourself. To do so, you will simply have to flip a bit in the system's setup screen.

Sorry, conspiracy theorists. This does not represent "Microsoft’s latest attempt to abuse their PC monopoly power ." Quite the opposite. In the general-purpose PC segment, where small vestiges of Microsoft's one-time monopoly still exist, this new security feature will be enabled by default, but the option to disable it will be mandatory. No lock-out for Linux.

In other words, Linux community, your fears were unfounded. So why the dire new headlines?

Ah, because those same certification guidelines from Microsoft include this phrase: "Disabling Secure [Boot] MUST NOT be possible on ARM systems."

Windows 8 ARM systems do not yet exist. When they do ship, late this year or early next year, they will consist exclusively of tablets designed to run Metro-style apps. They will not run x86 software. They represent a close collaboration between a small number of hardware makers and Microsoft to build a secure, high-performance system that will be starting fresh in a market dominated by iPads and Android tablets.

If a PC maker decides to build an ARM-based system and install something other than Windows 8 on it, they can tell Microsoft to drop dead and design the firmware any way they want. The Secure Boot requirements apply only to OEMs who sell an ARM-based device and Windows 8 as a complete package.

If you disable Secure Boot on a Windows 8 ARM tablet, you have effectively bricked it. No other currently available operating systems, including any version of Windows, will run on it. No currently shipping version of Linux or Android will run on it.

This feature is indeed designed to make the next generation of PCs more secure by design, by making it impossible for malware authors to coerce users into installing rootkits that take over a machine before the operating system has a chance to boot. That's a very good thing.

Microsoft has done the right thing by making this feature user-configurable on general-purpose PCs that use the x86 standard. That preserves freedom of choice, even at a slight cost in security.

But on the new, built-from-scratch ARM-based platforms, the Linux community is literally asking Microsoft to compromise user security so that they can hack a new platform.

The correct answer to that request, in my opinion, is a firm no.

Of course, hackers will figure out a way to defeat UEFI-based protections in ARM-based Windows tablets, just as they have figured out how to mod Android tablets and jailbreak iPads. They could even work with PC manufacturers to create a mechanism by which the signatures for Linux bootloaders are included in new UEFI-based ARM systems.

But apparently it's much more fun to pound the table.

Editorial standards