Red Hat engineer Matthew Garrett, who initially raised the possibility that it might be tricky to install alternative operating systems on Windows 8 certified PCs, has responded to Microsoft's blog post on Windows 8 'secure boot'.
Garrett doesn't pull his punches:
As things stand, Windows 8 certified systems will make it either more difficult or impossible to install alternative operating systems.
"The end user is no longer in control of their PC."According to Garrett, Microsoft's dominance when it comes to desktop and notebook systems means that it can get it's own digital certificates onto millions of machines with UEFI while at the same time effectively locking out rivals such as Linux.
No other vendor has the same position of power over the hardware vendors. Red Hat is unable to ensure that every OEM carries their signing key. Nor is Canonical. Nor is Nvidia, or AMD or any other PC component manufacturer. Microsoft's influence here is greater than even Intel's.
Microsoft is in a position to use that dominance to offer incentives to vendors to follow the certifications requirements (which demand UEFI and that 'secure boot' be enabled).
Competition in that market is tough, and vendors will take every break they can get. That includes the Windows logo program, in which Microsoft give incentives to vendors to sell hardware that meets their certification requirements. Vendors who choose not to follow the certification requirements will be at a disadvantage in the marketplace.
There are also implications when it comes to upgrading:
The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware. The end user is no longer in control of their PC.
Garrett goes on to call Microsoft's rebuttal 'misleading' by claiming that Microsoft is removing control from the end user and 'places it in the hands of Microsoft and the hardware vendors'. Furthermore, he claims that 'UEFI secure boot is a valuable and worthwhile feature that Microsoft are misusing to gain tighter control over the market'.
The final irony? If the user has no control over the installed keys, the user has no way to indicate that they don't trust Microsoft products. They can prevent their system booting malware. They can prevent their system booting Red Hat, Ubuntu, FreeBSD, OS X or any other operating system. But they can't prevent their system from running Windows 8.
Has Microsoft found the perfect way to make it difficult for people to install Linux (and older versions of Windows) on new PCs?