At its WinHEC hardware conference in Shenzhen, China, Microsoft talked about the hardware requirements for Windows 10. The precise final specs are not available yet, so all this is somewhat subject to change, but right now, Microsoft says that the switch to allow Secure Boot to be turned off is now optional. Hardware can be Designed for Windows 10 and can offer no way to opt out of the Secure Boot lock down.
The presentation is silent on whether OEMs can or should provide support for adding custom certificates.
(Score: 2) by Nerdfest on Saturday May 30 2015, @02:49AM
This is really pushing the bounds of abuse of monopoly again.
Boy, I wish someone saw this coming.
(Score: 5, Interesting) by frojack on Saturday May 30 2015, @03:10AM
I suspect you are thinking too small.
This plan has to originate higher up than Microsoft. After all, software running before boot time was never a common avenue of attack.
However, if you wanted to make sure a secure system was never installed, this would be the way to do it.
Who would have an interest in making sure a compromised from the factory OS was always on the machine?
No, you are mistaken. I've always had this sig.
(Score: 4, Touché) by opinionated_science on Saturday May 30 2015, @05:17AM
The fact is the safest way to boot any machine is to compile from source and then sign with your own key.
Of course, getting a safe compiler....
This soft of anti-competition measure is to be expected and why Microsoft cannot be trusted for ANYTHING...not that I did before. Let's not start about Oracle...
(Score: 2) by Runaway1956 on Saturday May 30 2015, @02:01PM
You know that you're paranoid, right/
Of course, the fact that you are paranoid doesn't mean that they aren't out to get you!
Let's say that I can't agree or disagree with you, but that idea is definitely food for thought. An agency that presumes to capture, catalog, and archive all the metadada on all communications in the nation may very well have instituted this scheme.