At its WinHEC hardware conference in Shenzhen, China, Microsoft talked about the hardware requirements for Windows 10. The precise final specs are not available yet, so all this is somewhat subject to change, but right now, Microsoft says that the switch to allow Secure Boot to be turned off is now optional. Hardware can be Designed for Windows 10 and can offer no way to opt out of the Secure Boot lock down.
The presentation is silent on whether OEMs can or should provide support for adding custom certificates.
[Original Submission]
This discussion has been archived.
No new comments can be posted.
Windows 10 May Make the Secure Boot Lock Out a Reality for Alternate OSs
|
Log In/Create an Account
| Top
| 55 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(Score: 2) by Runaway1956 on Saturday May 30 2015, @02:04AM
Nice for Microsoft, anyway. Millions of machines built to accomodate one and only one operating system. It might not be so bad, if manufacturers were building machines to accept only Linux, and sold those side-by-side with Microsoft-centric machines. But - THAT won't happen!
(Score: 2) by frojack on Saturday May 30 2015, @03:02AM
I could have sword we discussed this back in March when the story first appeared on Ars.
The general consensus back then was that no manufacturer of direct-to-consumer boards would be likely to do this, for fear of losing all sales.
And unless Microsoft pays them, there is no advantage to the big manufacturers to do this either.
No, you are mistaken. I've always had this sig.
(Score: 3, Informative) by frojack on Saturday May 30 2015, @03:12AM
https://soylentnews.org/article.pl?sid=15/03/21/1333210 [soylentnews.org]
No, you are mistaken. I've always had this sig.
(Score: 5, Funny) by aristarchus on Saturday May 30 2015, @03:18AM
I could have sword
I am firmly of the opinion that we should _not_ let frojack have sword, but apparently he's correct on the the dupe.
(Score: 3, Funny) by Anonymous Coward on Saturday May 30 2015, @11:36AM
Sword of Typocles hangs above all our keyboards.
(Score: 4, Informative) by Nerdfest on Saturday May 30 2015, @04:22AM
Microsoft will not pay them, they will threaten to charge them *a lot more* for Windows installs than other companies that play nice and lock out those nasty competing operating systems.
(Score: 2) by captain normal on Saturday May 30 2015, @05:43AM
More than likely they will have to pay the OEMs more to lock down boot. Google will very happy to push all the Chromium OSes for a lot less. Then there are other interesting players out there. I'd been looking at taking a 1/4G $ Samsung Chromebook and booting in Cyanogen. But now it seems I may soon be able to buy one off the shelf.
Everyone is entitled to his own opinion, but not to his own facts"- --Daniel Patrick Moynihan--
(Score: 2) by Nerdfest on Saturday May 30 2015, @12:33PM
I forgot about Chrome. I think you're correct in that helping to mitigate their abuse.
(Score: 3, Insightful) by kaszz on Saturday May 30 2015, @07:52AM
I'm sure the European Union competition regulators would love to bite deeply into a Microsoft or hardware manufacturers that attempt to lock out the competition. And manufacturers that plays along with the Microsoft agenda may be specifically targeted by people with deep coding skills and bad karma in their book. In a free for all scenario.
Any good ideas? ;)
Again this does however prove the point that Microsoft acts in bad faith and should be counteracted at all times.
Otoh, "smart"-phones have this kind of locked bootloader. And look what that got them. Rooting, jailbreaks etc. So alternative OS may come with that inside the installation manager. Ie first install blessed OS, then run special installer to get a real OS.
(Score: 2) by Runaway1956 on Saturday May 30 2015, @01:43PM
ExxxxxACTLY!
Remember how MS built the beginnings of it's monopoly? With a simple threat. "You build ONLY MS OS computers, or you will build NONE AT ALL!" Which of the mega-manufacturers is going to risk being cut off completely?
Just maybe the government will find itself capable of doing something meaningful if MS starts throwing it's weight around this time.
(Score: 2) by Hairyfeet on Saturday May 30 2015, @09:20PM
Won't happen as the EU will throw the finehammer if they try that shit, so I'm willing to bet its just gonna be the tablet and convertables. After all nearly all of those are using the "Windows powered by Bing" free OS so by locking they at least get some Bing search data out of the deal.
And lets be honest here guys....if you are sooo cheap that you buy a device that has cut so many corners its using a "Windows by Bing" instead of a true full version....do you REALLY have the right to bitch? It'd be like bitching that those sub $200 netbooks with Win 7 Starter didn't come with XP mode and 64bit support. YOU chose to buy the cheapest thing you could find, YOU could have taken a whole 4 seconds to read the bullet points (where they all clearly mark "powered by Bing") so why should anybody care about you wanting features you obviously weren't willing to pay for?
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 3, Insightful) by Yog-Yogguth on Saturday May 30 2015, @03:56AM
I checked before posting and now this is a bit redundant because someone else basically said the same [soylentnews.org] but even so...
I'm not too worried about Microsoft, it might even be a really good thing adding to the drive towards Free as in Freedom hardware. Let the people using Windows be tied to specific hardware much the same as those who use Apple or iOS or Android are.
I haven't gotten around to buying and trying any Raspberry Pi's yet (or any clone or competitor) but I can make comparisons between an old, dusty, unused, and very average non-gaming 1998 or so desktop box and the Pi 2 B beats than one by several multiples in every regard except size (the Pi 2 is smaller in volume by almost precisely a factor of 512(!!)). I know they're not completely 100% Free (nor is any of the competition) but I doubt they or the Single Board Computers like them will be locked any time soon.
In the absolutely worst case I could live contently (and likely much more productively :3 ) with nothing but a *nix/BSD terminal. RetroBSD [retrobsd.org] and/or LiteBSD [retrobsd.org] can do that (and likely much more) on very small MIPS hardware (some of those even come with small screens). FreeBSD also supports very small MIPS stuff.
But what I'm really waiting for is lowRISC [lowrisc.org] :)
Microsoft isn't anywhere close to where the interesting stuff is happening like this new Finnish guy [helsinki.fi] that's getting his fingers dirty (also together with the username Thoth and some others in various comment fields over at Bruce Schneier's blog [schneier.com]).
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 2) by kaszz on Saturday May 30 2015, @07:56AM
In what way is oottelas work related to motherboard bootloader lockdown?
He sure writes interesting things. But that doesn't make relevant.
(Score: 2) by Yog-Yogguth on Saturday May 30 2015, @02:55PM
Only meant as an example of interesting things going on out there which are as far away from Microsoft (and thus also their bootloader lockdowns) as possible.
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 3, Informative) by kaszz on Saturday May 30 2015, @08:00AM
Raspberry Pi and others are really nice computing platforms. But they don't beat a 4 GHz multicore multimegabyte cache setup with terrazillions of fast I/O. So motherboard lockdown is a problem.
(Score: 3, Insightful) by Yog-Yogguth on Saturday May 30 2015, @03:06PM
Microsoft isn't exactly a king of (or arguably even a noticeable competitor in) either the “serious server” market nor high end computing nor massively parallel computing, if they attempt a lockdown of such boards they'll be laughed at and ignored.
Any lockdown would almost exclusively hit the consumer and SOHO and “corporate thick client” markets (tablets, notebooks, laptops, desktops, workstations, relatively small servers).
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 2) by kaszz on Saturday May 30 2015, @04:53PM
Guess geeks will start using servers ar private workstations..
(Score: 2) by Yog-Yogguth on Saturday May 30 2015, @10:00PM
Yeah that too.
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 2) by Runaway1956 on Monday June 01 2015, @01:50PM
We don't already? Imagine that - I'm ahead of the trend with my Opteron!
(Score: 2) by kaszz on Monday June 01 2015, @10:42PM
Think 19" rack, dual PSU, lot's of blinken lights etc. ;-)
(Score: 4, Insightful) by aristarchus on Saturday May 30 2015, @02:09AM
"I have a bad feeling about this."
(Score: 5, Insightful) by vux984 on Saturday May 30 2015, @02:36AM
I'm fine with secure boot being always on. As long as I can still load my own keys and sign my own start up binaries. As long as -swe have that it can (and arguably -should- ) be on. It is more secure that way.
Its also unclear whether this affects the various linux (red hat, ubuntu...) deals in place to use the Microsoft keys to sign the bootloader. (The former is crucial to true freedom, but the latter does make linux easier to use -- and if those deals are cancelled then we have a legitimate gripe.)
Also the OEMs really have no incentive to force it to be on that I can think of either; so it's unclear why they would.
I realize people are concerned about a gradual 'turning of the screws'; but this 'turn' doesn't worry me and likely will make no practical difference to linux users.
(Score: 5, Insightful) by frojack on Saturday May 30 2015, @03:19AM
I refer you to the prior time we covered this issue. (link above).
The problem is that there currently is only one key signer, although nothing prevents more, nobody else has stepped up.
Microsoft will sign your key, maybe. They've signed shim keys for some of the big distros, but probably not for some of the smaller distros.
You want to compile your own? Not sure they will rush to help you.
No, you are mistaken. I've always had this sig.
(Score: 2) by maxwell demon on Saturday May 30 2015, @07:15AM
He already covered that, explicitly:
If you can load your own keys, there's absolutely no need to have a separate entity sign your stuff. You generate your own key, install it, and sign yourself everything you compile.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by hash14 on Saturday May 30 2015, @01:29PM
As I wrote in the summary last time, which NCommander then proceeded to edit/remove:
This basically kills Gentoo as a distribution because (to the best of my knowledge) there is no stock kernel. Every Gentoo user compiles his/her own, so how is that supposed to work in a thou-shalt-not-choose-thy-OS environment? Also affected is the fact that many of the other major distributions (Arch, notably) also provide solid support for alternative kernels. Plus those who are paranoid and simply want to compile and run their own are also pretty much out the window with this policy. If you want any of these nice things (whether you are a professional developer or just a hobbyist), you will have to invest in specialized hardware to do your work - and this has a chilling effect on the modding community.
This very, very much is an effort to make life difficult for hackers, modders, and anyone who wants the choice to modify or run their own platform. While signed images are a good idea in theory, it completely trades away our ability to control what is rightly OUR hardware and OUR right to do what we wish with it - and it is certain that many short-sighted firmware developers are going to overlook this (case in point: I was installing Linux on a Lenovo laptop only to find out that the firmware is limited to booting BIOS + MBR or UEFI + GPT but not BIOS + GPT because only OSes developed outside Redmond, WA support that).
Perhaps MS really is in kahoots with Redmond Hat on forcing Linux users on to systemd.
(Score: 3, Interesting) by NCommander on Saturday May 30 2015, @04:43PM
I have no idea which post you're talking about. I very rarely edit stories unless we're in an editor drought and the hopper is empty. Even then, its not something I'm great at.
Still always moving
(Score: 3, Informative) by TheRaven on Saturday May 30 2015, @08:57PM
This basically kills Gentoo as a distribution because (to the best of my knowledge) there is no stock kernel. Every Gentoo user compiles his/her own, so how is that supposed to work in a thou-shalt-not-choose-thy-OS environment?
The approach used for other operating systems is to provide a signed bootloader that then chain loads something else. The signed bootloader is tiny and can be distributed as a binary, and then launches GRUB, which then launches the kernel.
sudo mod me up
(Score: 1, Interesting) by Anonymous Coward on Saturday May 30 2015, @09:04AM
Yes, it does make a practical difference. It is a pain in the arse to sign all your boot code. Maybe you could install someone else's key that most distros then use, but if it widely available to be used for signing it won't make good security, and at that point you might as well turn it off.
Yes secure boot does really make it more secure, but the risks are minimal for me anyway, and thus the benefits of having it disabled are outweighed by the risks of having it disabled.
To clarify I'm just referring to my own risk/benefits, I recognise that it can be an overall benefit to many users and am not trying to argue otherwise.
And it increases the barrier to entry reducing the number of new users willing to give it a try.
(Score: 2) by maxwell demon on Saturday May 30 2015, @11:01AM
Then someone should write an utility that makes it easy. I don't see why the utility would need an user interface more complicated than
where the first argument is the name of the unsigned boot loader file, the second names the file containing the private key, and the final argument specifies where to write the signed bootloader.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by hash14 on Saturday May 30 2015, @01:36PM
As long as I can still load my own keys and sign my own start up binaries.
But that's what it's all about, isn't it? If you can load your own keys then great - there really is no story here.
But the fact of the matter is that many vendors are short-sighted enough to think that there's only one key that needs to be loaded into the firmware and that no one will ever have to change it. After all, every additional feature costs money (dammit!) and if the MBAs don't want to invest in it, then you're screwed and stuck with a one-trick-pony pile of silicon.
Make no mistake: if this non-feature is enabled by default and it will take special care of vendors (not you, but the vendors!) to disable it there WILL be a lot more more hardware that's locked into Redmond's vertical stack.
(Score: 2) by vux984 on Saturday May 30 2015, @09:20PM
But the fact of the matter is that many vendors are short-sighted enough to think that there's only one key that needs to be loaded into the firmware and that no one will ever have to change it. After all, every additional feature costs money (dammit!) and if the MBAs don't want to invest in it, then you're screwed and stuck with a one-trick-pony pile of silicon.
Here's the deal as I see it. No... the cost of making secure boot non optional is negligible etc; and the cost of developing it has already been completed. And vendors will have product lines that DO allow for linux, for customers who want it. So they're going to be building and maintaining it anyway. Code-reuse for the win.
Microsoft and the Vendors will need an incentive to lock them down.
Blocking some tiny fraction of users from installing Linux on the hardware simply isn't worth Microsoft providing an incentive to the vendors. How much of a discount are they going to offer on OEM licenses to block 1/4 of a percent from re-imaging with linux on a new unit, 1/2 of a percent re-imaging with linux when the unit is 4 years old. And both of these groups paid for their OEM license?? Anything MS would pay vendors in the form of discounts etc to block linux on these units would be throwing money down a hole.
So what will that incentive be? Where's the big money?
This is the endgame that I see:
Subscription based Windows 10. When that happens then there is a proper incentive to lock out other OSes. Because if I can wipe windows and install linux, I stop subscribing. Vendors will probably get in on it too. Free hardware, paid over time as part of your windows subscription, etc.
AT that point, yes, we will see a fragmentation of the market. Disposable windows 10 only subscription hardware. This is going to happen.
Will that be the death of linux? no. Because at that point there will be a real demand for Linux preinstalled hardware. Right now the linux crowd, by and large, either builds their own whitebox or reimages a linux friendly computer that came with windows because its cheaper than buying it with no-OS. So vendors see almost no real demand for linux.
When windows 10 goes subscription, that all ends. And if you want linux you'll buy hardware for it. And vendors will step up and offer it.
Meahwile, the disposable windows subscription hardware will see a jailbreaking; mod-chip; core-boot reflash community spring up.
(Score: 1, Insightful) by Anonymous Coward on Saturday May 30 2015, @02:45AM
It's been their OS being used in offices and at home by virtue of it being a flexible tool to run programs that's kept it alive.
The windows dynasty has been losing steam for awhile, home users are no longer excited about their offerings and we all have a general dislike of the company due to their antics. The web is stealing the thunder from their cherished office suite. It seems losing the browser war and giving into web standards wasn't enough of a wakeup call that there is an environment around them which they need to move with not against.
A company is symbiotic with the environment around it and survives by persuading that environment to exchange energy for service.
The problem is the service is not worth the energy their asking. Doubling down like a landsdown baptist in a gay debate by acting like they have "the shit" so they can pull these stunts shows them to be delusional. I've got 2 systems running linux now, not for fan boy reasons but because linux makes for awesome web servers (I really have no reason for windows other than playing cracked games). Competitive offerings will continue to evolve and eventually whoever has the best structure for their tool in terms of extensibility and utility will prevail.
If they would like associate crippled operation with their OS on top of crippled security that is an illogical and insane move.
(Score: 4, Insightful) by hash14 on Saturday May 30 2015, @01:43PM
One simple word: vertical integration.
(That's one word, right?)
I think it's bonkers that a software company[1] should be allowed to control the hardware on which it is allowed to run without running afoul of anti-trust law. It is clearly obvious that Microsoft is using its dominant position in the software world to impose conditions and restrictions outside their domain which would not be feasible if there were more competition in the marketplace. All these 'certified for Windows' stickers that hardware vendors put on their machines are a means for Microsoft to force adoption or deprecation of technologies of their choosing which has an undue and adverse effect in many domains. It is unfortunate that nobody has seen this anti-trust argument and taken action based on it, and this is what makes me sceptical that anyone will do so with this additional step of monopolistic abuse.
[1] In this case, the market share of Windows as well as the horizontal breadth of applications for which it is used is an important factor: in many embedded applications (as an example), software makers require precise control of the hardware - but since these are narrowly-tailored, specific applications this argument shouldn't apply to Windows.
(Score: 1, Insightful) by Anonymous Coward on Saturday May 30 2015, @05:04PM
home users are no longer excited about their offerings
Two random family members asked me when is windows 10 coming out (no prompting). They want to upgrade, from .... Vista. Apparently my computer going from off to desktop in ~10 seconds makes them think their computer sucks for some reason. So I would say it is more along the lines people are just keeping computers longer. You only need 'so much' computer to run office and surf the web. In fact much of that usage is taken up by using an iPad. But that novelty is sorta waining or found it as a nice extra to normal computers (extending the lifespan of both). Those who wanted one have one. The remainder do not like typing on them. Neither are going away.
I've got 2 systems running linux now
I have dozens. And about 50 or so more at work. Whats your point?
I really have no reason for windows other than playing cracked games
Ah its not about freedom. Its about 'free shit'. Nice.
Doubling down like a landsdown baptist in a gay debate
and a bigot on top of it. real nice.
You must be a very nice person how can I unsubscribe from your newsletter?
(Score: 2) by Nerdfest on Saturday May 30 2015, @02:49AM
This is really pushing the bounds of abuse of monopoly again.
Boy, I wish someone saw this coming.
(Score: 5, Interesting) by frojack on Saturday May 30 2015, @03:10AM
I suspect you are thinking too small.
This plan has to originate higher up than Microsoft. After all, software running before boot time was never a common avenue of attack.
However, if you wanted to make sure a secure system was never installed, this would be the way to do it.
Who would have an interest in making sure a compromised from the factory OS was always on the machine?
No, you are mistaken. I've always had this sig.
(Score: 4, Touché) by opinionated_science on Saturday May 30 2015, @05:17AM
The fact is the safest way to boot any machine is to compile from source and then sign with your own key.
Of course, getting a safe compiler....
This soft of anti-competition measure is to be expected and why Microsoft cannot be trusted for ANYTHING...not that I did before. Let's not start about Oracle...
(Score: 2) by Runaway1956 on Saturday May 30 2015, @02:01PM
You know that you're paranoid, right/
Of course, the fact that you are paranoid doesn't mean that they aren't out to get you!
Let's say that I can't agree or disagree with you, but that idea is definitely food for thought. An agency that presumes to capture, catalog, and archive all the metadada on all communications in the nation may very well have instituted this scheme.
(Score: 3, Interesting) by goody on Saturday May 30 2015, @03:02AM
I say let them do it. If the major hardware manufacturers are dumb enough to offer only Windows 10 capable hardware, that will make open hardware even more attractive and offer opportunities for new startups to offer it. Perhaps we'll see a Raspberry Pi-like movement arise, offering open desktop and server grade boards.
(Score: 1, Interesting) by Anonymous Coward on Saturday May 30 2015, @03:24AM
Agreed, having people associate them with crippled hardware would be great for allowing the market to open up. Also just getting them off the playing field is desirable because they keep affecting everything disproportionately while having poor user interface design.
The web hopefully will put enough pressure on them that they no longer feel secure enough to attempt to make war against other operating systems and get back to work on usability design.
However I think true democratization of technology will only arrive as we begin to print and later create/share/print our own electronics. The web really opened my eyes that anyone with a good sense of design can handily out-create the product of these corporations (generally by just streamlining the operation and interface). I do not believe that current commercial giants can necessarily compete with the quality that will inevitably arise from having a distributed network of creators constantly refining things.
(Score: 3, Insightful) by kaszz on Saturday May 30 2015, @08:16AM
The declining ability of hardware platforms might hurt alternative OS business while the transition from crippled to free motherboards happens. Time is a factor.
And making a modern motherboard is a really though challenge that will bar most users for simply being to complex and expensive.
(Score: 4, Interesting) by Whoever on Saturday May 30 2015, @04:08AM
The one thing that you can be sure of is that manufacturers of server-grade boards are going to make it as easy as possible to install Linux. The market share for Linux servers is far too high for any manufacturer of server-grade hardware.
(Score: 2) by meisterister on Saturday May 30 2015, @05:14PM
Given the number of people who downgraded from Vista to XP and later upgraded from 8 to 7 (Going from Windows 8 to Windows 95 would be an upgrade as well for that matter), it wouldn't surprise me if the hardware manufacturers that force only Windows 10 would face some serious problems.
Quite frankly, any computer that is unable to start any binary and hardware-compatible operating system is defective. Period. I would gladly RMA any product if it could only boot Windows 10, even if I didn't want to install another OS on it.
(May or may not have been) Posted from my K6-2, Athlon XP, or Pentium I/II/III.
(Score: 3, Interesting) by Gravis on Saturday May 30 2015, @04:04AM
this seems like something that could cause more people to work on the the coreboot project [coreboot.org] and work on porting to the most recent hardware hardware.
(Score: 2, Interesting) by Anonymous Coward on Saturday May 30 2015, @06:08PM
Except that Intel broke the ability to use core boot / port core boot to hardware using their south bridge since around 2010 (unless you are making your own system from scratch (as in solder etc., not just buying a motherboard, and turning a few screws). This and the Intel back door in newer Intel systems probably means best to just avoid Intel now. ttp://www.coreboot.org/pipermail/coreboot/2015-February/079208.html
Not sure if AMD is going this direction too. And, there isn't anything running ARM that doesn't require proprietary blobs. Hell, for a lot of SOCs, you cannot even boot, let alone have a functional system using a vanilla kernel.
It is becoming a sad place to be someone who doesn't want a corporate/government approved and controlled back door in every piece of electronics they "own".
(Score: 0) by Anonymous Coward on Saturday May 30 2015, @04:37AM
...on which Linux could never run anyway because of cryptic hardware will now prevent incompatible OS from running, sounds good.
(Score: 5, Interesting) by Anonymous Coward on Saturday May 30 2015, @06:44AM
As an independent IT guy for a bunch of small businesses, this will really suck. I rely on live distros to troubleshoot all those crappy Dell boxes when things go wrong (often) and I use Clonezilla to take system images at various stages (original factory image, new deployment, backup before patch Tuesday, etc). There's no way I can afford to purchase some MS-blessed backup solution for every client who hires me. Seriously, FUCK YOU MICROSOFT! Just last week I converted a small office to mostly Linux workstations -- right in your own backyard -- so, take that you blue bastards... Game on!
(Score: 2, Funny) by Anonymous Coward on Saturday May 30 2015, @09:00AM
Hairyfeet! Is that you, in your true form? I hear you, Bro! Micro$oft sucks big time! So glad you finally came out. We fight the good fight, until the beast is dead!
(Score: 0) by Anonymous Coward on Saturday May 30 2015, @01:28PM
His true form is a pair of giant sweaty overgrown manly legs. That's my headcannon and I'm stickin' to it!
(Score: 4, Insightful) by isostatic on Saturday May 30 2015, @07:43AM
It was also possible to bypass the copyright monitors by installing a modified system kernel. Dan would eventually find out about the free kernels, even entire free operating systems, that had existed around the turn of the century. But not only were they illegal, like debuggers—you could not install one if you had one, without knowing your computer's root password. And neither the FBI nor Microsoft Support would tell you that.
http://www.gnu.org/philosophy/right-to-read.en.html [gnu.org]
(Score: 0) by Anonymous Coward on Saturday May 30 2015, @07:50AM
And that's the end of linux as a low cost alternative.
(Score: 0) by Anonymous Coward on Saturday May 30 2015, @10:29AM
How does that work if the relevant distros already support SecureBoot?
(Score: 2) by kaszz on Saturday May 30 2015, @05:20PM
File a complaint with the EU regulators on competitive issues. They have punished ill doers before. Paper filing is quite cheap.
(Score: 3, Interesting) by kaszz on Saturday May 30 2015, @05:34PM
Some issues that seems unclear is:
* How many of the OEM or hardware manufacturers (designers?) will omit the option to turn "secure boot" off ?
* What's the same status on custom signatures with the different manufacturers?
* Can the boot chain be hacked, just like it's done on smartphones? and thus start an alternative boot.
I would like that the EFF or similar institution would have the right to sign kernels in addition to the bad faith corporation.
(Score: 1, Interesting) by Anonymous Coward on Sunday May 31 2015, @08:13AM
The thing that is really screwed up by this is repairability.
Wan't to use a boot disk to repair the system, make an image, or backup files? Too bad.