Main Area and Open Discussion > Living Room

Fedora/Microsoft - Embrace, Extend, Assimiliate

<< < (3/5) > >>

wraith808:
The problem isn't how much or who pays for it. The problem is that UEFI drives a wedge down the middle of what was formerly an open hardware ecosystem. Now there are "Windows PCs" and "non-Windows PCs" on the hardware level. Microsoft has used its numbers to effectively get its own proprietary hardware platform (like Apple) without actually having to manufacture it. Which is the best of all possible worlds in that they can control a huge segment of the mobo/CPU market without having to "own" anything. A very handy argument to make when accused of anticompetitive business practices in the USA.

This could, of course, be easily eliminated as a problem if all the PC manufacturers would include a simple mechanism (a switch on the back of the case or a jumper on the mobo) to turn off UEFI without having to go through heroics. But I wouldn't hold my breath waiting to see that happen. I'm sure there will be some purely token hand wringing and breast beating on the part of certain manufacturers (Dell et al.) over this. But nothing of substance will emerge from it.
-40hz (June 01, 2012, 11:34 AM)
--- End quote ---

(via NeoWin circa 2011)




* UEFI allows firmware to implement a security policy

* Secured boot is a UEFI protocol not a Windows 8 feature

* UEFI secured boot is part of Windows 8 secured boot architecture

* If desired, Windows 8 utilizes secured boot to ensure that the pre-OS environment is secure

* Secured boot doesn’t “lock out” operating system loaders, but is is a policy that allows firmware to validate authenticity of components

* OEMs have the ability to customize their firmware to meet the needs of their customers by customizing the level of certificate and policy management on their platform

* Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows

--- End quote ---

So that would seem to leave it up to the manufacturer- and some have already done this.  Or have things changed appreciably since this was released?

Stoic Joker:
^^That^^ would seem to eliminate the need for a lot of tooth gnashing.

wraith808:
Since it's circa 2011, I wonder if (a) something's changed or (b) it's just been forgotten in interim? Either is likely possible...

40hz:
Last I read, in order to bear the Microsoft Certified tag - and have Windows preinstalled - all PCs and servers must ship with UEFI secure boot enabled. The end user has the option to switch from "standard" to "custom" secure boot mode after the fact. But Microsoft is a little vague about exactly what the ramifications might be for using Windows 8 in that scenario. The big question is whether or not Metro will be available if secure boot is disabled - and more to the point, will access to the Metro store (the only source for installing Metro apps) be allowed if secure boot is turned off?

However, if the machine is ARM based, secure boot (UEFI) must be enabled - and the manufacturers are specifically forbidden by Microsoft to provide or allow any mechanism (hardware, flashing, or software) to disable it.

So no...it's not exactly up to the manufacturer not to implement it if they plan on shipping machines with Windows pre-installed (OEM) - or if they want to even have Windows on an ARM based device.

It's a new business and software model for Microsoft. And (much like Apple) the 'choice' for both the consumers and the manufacturers seems to be to either accept the new terms as dictated - or do without. Or at least as of right now.

Bit of a change from the way things used to be. At least that's my tuppence.

----------

Note: the actual wording Microsoft uses can be found in their Windows 8 Hardware Certification Requirements (file=windows8-hardware-cert-requirements-system.pdf) which you can download from this webpage if you're interested. Information about secure boot starts on page 119.

mahesh2k:
Problem is about bootloader which will require each linux or any UNIX Or BSD distro to sign up to sysdev and get a key. This is where conflict starts. This has nothing to do with hardware vendor.

Navigation

[0] Message Index

[#] Next page

[*] Previous page