Microsoft Responds to Linux Lock-Out Claims

[Jim Laughlan]

http://ostatic.com/blog/microsoft-responds-to-linux-lock-out-claims

"At the end of the day, the customer is in control of their PC. Microsoft’s philosophy is to provide customers with the best experience first, and allow them to make decisions themselves...For the enthusiast who wants to run older operating systems, the option is there to allow you to make that decision."

Good! Then don't lock out Linux then...Duh!
Talk about monopolistic practices.... Sheesh

 

[GrumpyOldMan]

Apparently, Microsoft is using an alternate definition of "best experience"

 

[rstanley]

Microsoft’s philosophy is to provide customers with the best experience first...

If their O/S is the only one able to be installed, then theirs is the "Best experience" by default! ;^)

For the enthusiast who wants to run older operating systems...

How is the latest version of Debian, Fedora, Mint, or any other Linux Distro, an "Older Operating System"??? Balmer and his minions are obviously delusional while at the same time relocating furniture! ;^)

 

[Yesyesloud]

Lol... All Linux distros are safer and most more up-to-date than any Windows version. MS doesn't roll.

 

[ryanvade]

Lol... All Linux distros are safer and most more up-to-date than any Windows version. MS doesn't roll.

ha. Square Windows...

 

[Arthur2]

Guess who owns the authentication cert for uefi! MICROSOFT!!
So what does that mean in practice? since Microsoft own the private key to authenticate uefi.(which is intended to replace the conventional BIOS) it means esentially that when the BIOS is no longer available . microsoft can shut down the ENTIRE computing infrastructure at a stroke simply by revoking the certificate needed to authenticate the uefi component on your system. hence. whether you run windows. Linux or whatever. eventually Microsoft will be in a position to hold the world to ransom UNLESS an open alternative is available.

Just hope I am wrong. but i have a gut feelin i am not.;-(

 

[Jim Laughlan]

Guess who owns the authentication cert for uefi! MICROSOFT!!
So what does that mean in practice? since Microsoft own the private key to authenticate uefi.(which is intended to replace the conventional BIOS) it means esentially that when the BIOS is no longer available . microsoft can shut down the ENTIRE computing infrastructure at a stroke simply by revoking the certificate needed to authenticate the uefi component on your system. hence. whether you run windows. Linux or whatever. eventually Microsoft will be in a position to hold the world to ransom UNLESS an open alternative is available.

Just hope I am wrong. but i have a gut feelin i am not.;-(

Good point to consider Arthur!

 

[ryanvade]

Guess who owns the authentication cert for uefi! MICROSOFT!!
So what does that mean in practice? since Microsoft own the private key to authenticate uefi.(which is intended to replace the conventional BIOS) it means esentially that when the BIOS is no longer available . microsoft can shut down the ENTIRE computing infrastructure at a stroke simply by revoking the certificate needed to authenticate the uefi component on your system. hence. whether you run windows. Linux or whatever. eventually Microsoft will be in a position to hold the world to ransom UNLESS an open alternative is available.

Just hope I am wrong. but i have a gut feelin i am not.;-(

There are a few opensource UEFIs being developed. And the Linux foundation is working on a Secure Boot proof boot loader. But yeah, MS is controlling this. Not good.

 

[rstanley]

There are a few opensource UEFIs being developed. And the Linux foundation is working on a Secure Boot proof boot loader. But yeah, MS is controlling this. Not good.

Until the US Court System or the EU puts their foot down and propoerly calls their actions, an attempted Monopoly! (Which it is!)

 

[ryanvade]

Here is a link if anyone is curious.
http://www.linuxfoundation.org/news...oundation-uefi-secure-boot-system-open-source
and
https://www.linuxfoundation.org/sites/main/files/lf_uefi_secure_boot_open_platforms.pdf
2 years old now...not sure how progress is coming.
Technically Ubuntu, RHEL, and Fedora all support booting on Secure Boot systems.

Obviously, a closed operating system could be booted identically to an open one above and still
retain all its secure features, since security is guaranteed by control of the KEK which would remain
in the hands of the operating system vendor. However, Steven Sinofsky has suggested in his blog
posting “Protecting the pre-OS environment with UEFI”:
http://blogs.msdn.com/b/b8/archive/2011/09/22/protecting-the-pr
e-os-environment-with-uefi.aspx
that the average platform owner might wish to give up control of the PK (and with it control of the
signature database) to Microsoft and the OEM suppliers of the platform.
T
his mode of operation runs counter to the UEFI recommendation that the platform owner be
the PK controller and would ensure that the Windows operating system would then become the
only bootable operating system on the platform, but we must agree that it is a legitimate choice
for an informed user to make voluntarily. It is enabled in our blueprint above by allowing the
Microsoft OEM ignition system to install the OEM PK instead of generating a new PK specific to
the installation. This can be achieved simply and securely because only the public half of the PK
needs to be carried by the ignition system to effect this lockdown of the platform. Such a scheme
is fully consonant with the current draft version of the Windows 8 UEFI logo requirements.
T
he ability of the platform owner to regain control should they desire it is guaranteed by the ability
to securely reset the platform back to setup mode.

 

[Jim Laughlan]

Here is a link if anyone is curious.
http://www.linuxfoundation.org/news...oundation-uefi-secure-boot-system-open-source
and
https://www.linuxfoundation.org/sites/main/files/lf_uefi_secure_boot_open_platforms.pdf
2 years old now...not sure how progress is coming.
Technically Ubuntu, RHEL, and Fedora all support booting on Secure Boot systems.

I'm sure there's significant progress.
Surprised Linus hasn't come up with something in the kernel.

 

[bashcommando]

http://www.linux.com/news/friday-fu...-that-cried-wolf?format=image&thumbnail=large

 

[Jim Laughlan]

http://www.linux.com/news/friday-fu...-that-cried-wolf?format=image&thumbnail=large

Bingo!

 

[bashcommando]

Bingo!

Scrabble!

 

[ryanvade]

http://www.linuxnewshere.com.au/index.php/linux/surface-pro-3-running-ubuntu

 

[bashcommando]

The reason linux is better is because of two words: Community... Support...

 

[Arthur2]

@rstanley Its not just a case of either /or but BOTH need to act in concert. and lets not leave Apple or Google out of the equasion either.. also. be aware there is a gradual move towards web based computeing on the back of HTML5 which recently has been the subject of some controversy over the proposed insertion of DRM into an otherwise open standard. worrying wouldnt you say?

 

[rstanley]

@rstanley Its not just a case of either /or but BOTH need to act in concert. and lets not leave Apple or Google out of the equasion either.. also. be aware there is a gradual move towards web based computeing on the back of HTML5 which recently has been the subject of some controversy over the proposed insertion of DRM into an otherwise open standard. worrying wouldnt you say?

"Either/or but BOTH..." ??? I miss your point. I reviewed my comments but don't see what I said.

 

[Arthur2]

"Either/or but BOTH..." ??? I miss your point. I reviewed my comments but don't see what I said.

Until the US Court System or the EU puts their foot down and propoerly calls their actions, an attempted Monopoly! (Which it is!)

 

[Arthur2]

My bad, I should have replied directly to your post. sorry forthe confusion.;-)