With the release of Windows 8, the FOSS community is up in arms about the requirements Microsoft released for the ‘Certified Windows 8 Sticker’ on new Windows PCs later this year.
Microsoft, with a goal of making Windows 8 more secure from everyday threats like hackers and malware decided that new Windows 8 PCs will be required to ship with the latest motherboard operating system (formerly known as BIOS) called UEFI. This allows for System files to be digitally signed so that if a hacker gained access to these files and modified them, they would be restored to their original state upon restart, unless a verified change has been made.
But the problem is that any other operating system will not be allowed to run (dual boot) on these systems unless so sanctioned by Microsoft or allowed by the OEM. Secure Boot will be turned on by default on new PCs and whether or not it can be disabled will be entirely up to the OEM. Windows on ARM (WoA) tablets and PCs will not allow this to be disabled.
The Linux community is outraged as they say this will negatively affect their market share which sits at one percent worldwide, although there is an easy fix, explained Linux Developer Linus Torvalds. He says that due to the huge cost of purchasing the Verified signatures for each and every build of Linux (of which there are hundreds) the user can only purchase a Microsoft Security Certificate that allows the installation at US$99 if you wish to keep Secure Boot active.
This reminds me of the time when Apple only allowed OSX to be installed on Macs, before Microsoft forced them to open up their systems. Apple could have given the incentive to allow this but at a cost. But in the interest of security I think this move is the right way to go.
But the Linux community feels that for Microsoft to make money off of a free OS like Linux and FreeBSD is an abuse of their monopoly and should be investigated by the DOJ. Microsoft already makes around US$15 per Android handset and tablet due to patent violations.
Torvalds feels this is the only way to go, and I agree. It keeps computers safer and in the end the consumer will benefit. If the FOSS community feels so strongly about it they can always opt for custom-built PCs. I believe HP and other hardware manufacturers might allow Secure Boot to be disabled on premium machines such as their ProBook range. But on consumer products it seems like a waste of time as most consumers usually stick to what they get on their system.
It still needs to be proved how effective Secure Boot will be, but moves like this keep Microsoft years ahead in terms of security. And Windows 8 is no exception. Microsoft already gave advertisers the finger when it made ‘do not track’ a default setting on Internet Explorer 10.
Since most IT professionals complain about the security issues on Windows, they should laud this move. There will be blood, but it’s all in the name of security.