At first glance, Microsoft’s decision to go with UEFI instead of BIOS seemed like a decent security-minded step. Microsoft plans on requiring that all PCs shipping with Windows 8 implement the secure boot option included in recent UEFI specifications. That’s good, right? It stops malware from playing around with the boot path and disabling antivirus programs! The smiles faded into looks of concern when it was pointed out that a PC with OEM and Microsoft secure boot keys couldn’t launch Linux distros. The ‘Net raged, and yesterday, Microsoft responded to the allegation.
“The security that UEFI has to offer with secure boot means that most customers will have their systems protected against boot loader attacks,” Tony Mangefeste of the Ecosystem team
wrote on the Building Windows 8 blog
. “For the enthusiast who wants to run older operating systems, the option is there to allow you to make that decision.”
Mangefeste then pointed out that the Samsung slate given to developers at BUILD included an option to disable secure boot, and was even kind enough to provide a screen shot of the feature (which we, in turn, kindly show you above). It’s not all roses, though; in the end, Microsoft has no say in whether or not manufacturers have to allow the option to disable secure boot, because UEFI is not actually part of Windows 8. “OEMs are free to choose how to enable this support and can further customize the parameters as described above in an effort to deliver unique value propositions to their customers,” Mangefeste writes.
In the short term, we’d expect pretty much every OEM to include the option to disable secure boot, just in case users want to, say, dual-boot with a legal version of Windows 7 that they already own. But will that last forever? Slashdot forum-goer “Hatta” provides a chilling prophecy of the future . “Today you can throw Linux on any old hardware, and do something useful with it. 5-10 years from now, you'll have to specifically hunt down unlocked hardware. This has a rather drastic effect on the utility of Linux, which is Microsoft's intention.”
What do you think of the whole fiasco? Is the problem real, or is it typical Internet overreaction?