Windows 8 DOA
The Windows 8 Consumer Preview has been out long enough for people to try and get used to its dual Metro/Desktop interface. But the longer it’s out there, the less people like it, and there’s a backlash against the dual system from people ranging from normal users to engineers. Will Microsoft listen and fix the hybrid operating system?
What a whole lot of FAIL, Vista 2.0 here we come. This is great for tablets, but tablets are a fad. This has no place on a desktop operating system. Smart phones are the evolution of computing. Mark my words – in 5 years, tablets will not exist. You will have a phone that will be your primary mobile computer. At home, you will connect your phone to a wireless mouse, keyboard and display.
“Windows 8 just dumps you into the Start screen. No tutorial, no help icon on the main screen, nothing. This will be fixed by launch or Windows 8 will fail.”
Bibik is on target. Most people who use Windows 8 on traditional computers rather than tablets will spend their time in the Desktop because that’s where the apps they most use are, notably Microsoft Office, which won’t run as a Metro app. Yet the Windows 8 Desktop is less useful than in previous versions because the Start menu and Start button have been taken away.
Metro and the Desktop are essentially two different operating systems incompletely bolted together. Sure, techies can figure out how to navigate between the two interfaces, but other people will have a hard time.
Remote Kill Switch on your PC
Summary: A feature common in phones will let Microsoft remotely disable malware
This doesn’t surprise me at all, people tend to forget that Microsoft is well in it’s rights to put something like that in, after all they own it not you, you paid a license to use, NOT own. In reality, kill switches are nothing new, all recent versions of Windows OS’s have one built in, that’s why you have to activate your version of Windows. (more…)
Ubuntu adopts Windows XP users
LINUX VENDOR Canonical believes that Microsoft’s Windows XP, not Windows 8, could drive adoption of its Ubuntu Linux operating system.
With Microsoft readying Windows 8 for release later this year, companies are expected to evaluate whether it is worth renewing existing Microsoft licenses or splashing out on the latest Microsoft revision of its desktop PC operating system. However, according to Canonical CEO Jane Silber, it isn’t undercutting Windows 8 that holds the key for take-up of Ubuntu Linux but Microsoft’s termination of Windows XP support that will drive Ubuntu growth.
Talking with The INQUIRER, Silber said, “We certainly track it and keep an eye on competition. [...] The larger impact in terms of Microsoft in our customer base isn’t the emergence of Windows 8 but the upcoming, long awaited end-of-life of [Windows] XP.”
Silber’s point rests on the well known fact that many users, especially large businesses, are still running Windows XP. Microsoft has supported the operating system for over a decade, but the Redmond, Washington software house has said that it will end support for Windows XP on 8 April 2014.
Silber said, “What we are seeing there, particularly with enterprise customers with large desktop deployments in the tens of thousands, [is that they are] taking the opportunity to move to Ubuntu at that point, and they are, in some cases, not even evaluating future Windows desktop operating systems.
“It’s not that they are turning down Windows 8, [it's that] with the end of life of [Windows] XP there’s a disruption and a good point for them to re-evaluate their options.”
While Microsoft’s Windows XP April 2014 end of life date is still two years away, organisations that run thousands of Windows XP machines will have already started planning. Working out whether to upgrade to Windows 7 or Windows 8 or move to Linux could take the best part of a year to evaluate and test, and deployment might take another year, so the battle for those customers is well underway.
Silber believes punters are not necessarily looking for bells and whistles when evaluating an operating system. She said, “It’s more likely people are evaluating their desktop experience in terms of what they really need, this is one of the reasons why we’ve seen a lot of interest from enterprises for Ubuntu for Android. People are looking at what does it mean to have a desktop in five years from now. There’s more interest in client solutions, converged device scenarios, so it’s really an opportunity for us.”
Although some will question Silber’s belief that Windows XP, not the cost of upgrading to Windows 8, holds the key to Canonical’s push into the enterprise, the fact is that Canonical and other Linux vendors have two strong opportunities to go up against Microsoft as it tries to push customers into its next churn of its PC operating system cash machine.
Malware Turns Twenty-Five
It’s been twenty-five years since the first computer virus (Brain A) hit the net, and what was once an annoyance has become a sophisticated tool for crime and espionage. Computer security expert Mikko Hyppönen tells us how we can stop these new viruses from threatening the internet as we know it. This is a great video on whats going on today with computer security.
Windows 8 Antivirus
In a move that is likely to anger the antivirus industry, Microsoft is adding security features from its Security Essentials program to Windows 8. This is good news for consumers, but bad news for the antivirus industry. Microsoft should have been doing this since the release of Windows 95. While many of us do simultaneous facepalms and giggle at a decade-late decision, others question the legality of doing so. A multi-billion dollar industry has grown, based on the absolute porous operating system that is Microsoft Windows.
That’s right. Microsoft this week began offering U.S. customers its free antivirus program via Windows’ built-in update service, a move one major security firm said may be anti-competitive. Microsoft is adding features from its Security Essentials program, which is currently available as a separate download for Windows users, to the Windows Defender package already built into Windows. This means that Windows 8 users will get out-of-the-box protection against malware, along with firewall and parental controls from within Windows without requiring users hunt down a separate download or buy new software. (more…)
Dell, HP and UEFI
A big issue right now in the world of operating systems – especially Linux – is Microsoft’s requirement that all Windows 8 machines ship with UEFI’s secure boot enabled, with no requirement that OEMs implement it so users can turn it off. This has caused some concern in the Linux world, and considering Microsoft’s past and current business practices and the incompetence of OEMs, that’s not unwarranted. Dell has stated it’s plans to include the option to turn secure boot off, while HP was a bit more vague about the issue.
You believe OEMs and Microsoft on their blue eyes. After years of abuse and patent troll behaviour, smart people don’t.
Dell confirmed that they have plans to ship Windows 8 machines with the ability to turn secure boot off in UEFI, while HP had no idea what was going on. BIOS maker AMI, meanwhile, has said it will advise OEMs to not remove the option, but adds that they can’t mandate as such.
A Dell spokesperson has stated that “Dell has plans to make SecureBoot an enable/disable option in BIOS setup”. Dell plans to move to UEFI with secure boot in the Windows 8 time frame.
HP, sadly, was less clear. “HP will continue to offer its customers a choice of operating systems,” HP said, “We are working with industry partners to evaluate the options that will best serve our customers.” Nobody at HP was apparently even aware of the issue, which means this is a general PR statement with zero actual value.
Lastly, BIOS maker AMI stated that it “will advise OEMs to provide a default configuration that allows users to enable/disable secure boot, but it remains the choice of the OEM to do (or not do) so”. This is entirely reasonable – AMI just provides a software package, it doesn’t control what OEMs remove and include.
Michael Reed is the latest person to write about “restricted boot” (or UEFI) in a major GNU/Linux Web site. Matthew Garrett, who started a lot of the outcry, calls it a bug and Groklaw helps remind us that “Microsoft’s license provision [was] prohibiting OEMs from modifying the initial boot sequence…” There are several other examples of Microsoft sabotaging Linux adoption through booting complexity [1, 2, 3, 4,5, 6, 7] . The worst thing one can do is assume good faith from Microsoft. The people who run the company are extremely anti-competitive. Don’t blame Microsoft; it’s in their nature.
My biggest fear is that like with BIOS today, every computer – even revisions within the same model – will have its own unique UEFI implementation, some of them broken and/or limited, without any means of telling which features are supported and implemented and which aren’t. Heck, I’ve encountered countless BIOS implementations over the years which only allowed you to change the boot drive order, and nothing else.
All in all, this issue is far from over, and Considering Microsoft’s history of anti-competitive practices, its current patent troll behaviour, and the general incompetence of OEMs, it’s entirely reasonable and smart for us geeks to be on our toes.
Windows 7 is supported til 2020 … most large businesses are only just thinking about moving to it and doing testing … the will probably never move to Windows 8. Windows 7 is going to be around for the next good few years as well as businesses that will use XP forever and ever … will need new hardware.
UEFI, Windows 8 and You
Secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog - but didn’t take any of the worries away. In fact, Red Hat’s Matthew Garrett, who originally broke this story, has some more information - worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
As written before:
- http://jet-computing.com/uefi-secure-boot-and-freedom-of-choice/
- http://jet-computing.com/microsoft-kicks-linux-from-windows-8/
- http://jet-computing.com/after-31-years-say-goodbye-to-bios-and-hello-to-faster-booting-computers-in-2011-with-uefi/
A short recap: if OEMs want to partake in the Windows 8 Logo Program (and they all want to), they will have to implement secure boot on all Windows 8 machines. Secure boot requires signing keys from either Microsoft or the OEMs themselves to be installed into the firmware – any binaries, drivers, or operating systems not signed by one of those signing keys will refuse to work on that machine.
Secure boot is part of UEFI, and in some cases, you will be able to go into UEFI and disable it. However, the fear is that OEMs will not include the option to disable it – there’s enough historical precedence to assume this will be the case. Just look at any of the gazzilion crippled BIOS implementations out there today.
Microsoft tried to address this lingering, but potentially very problematic issue in a blog post today, but sadly, none of our concerns were addressed. Microsoft does not intend to mandate OEMs include the option to turn secure boot off (surprising!), which means OEMs are free to omit this option from their firmware implementations.
And this is exactly what some of them intend to do, according to Red Hat’s Matthew Garrett in a response to Microsoft’s blog post. “Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we’ve already been informed by hardware vendors that some hardware will not have this option,” he notes on his own blog.
Garret explains that Microsoft still dominates the desktop/laptop market. As tough a reality check as it may be, Apple’s worldwide marketshare there is still below 5% (not that they care though – they have a far larger share of the profit) and Linux barely even registers as a rounding error. This means that Microsoft still wields considerable power in this market.
“Why is this a problem? Because there’s no central certification authority for UEFI signing keys,” Garrett explains, “Microsoft can require that hardware vendors include their keys. Their competition can’t. A system that ships with Microsoft’s signing keys and no others will be unable to perform secure boot of any operating system other than Microsoft’s. No other vendor has the same position of power over the hardware vendors. Red Hat is unable to ensure that every OEM carries their signing key. Nor is Canonical. Nor is Nvidia, or AMD or any other PC component manufacturer. Microsoft’s influence here is greater than even Intel’s.”
This could be disastrous for end users. They will lose considerable control over their own hardware if Microsoft gets its way. “The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality,” Garrett details, “The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware.”
This is going from merely potentially maybe kind of problematic into full-on dangerous. From what both Microsoft and Garrett have told so far, this seems like a perfect storm for Microsoft – they will essentially lock people into using Windows without actually doing any of the locking themselves; they’re basically relying on the utter incompetence of OEMs. And let’s face, three things in life are certain: death, taxes, and incompetent OEMs. This is so damn clever and diabolical I just can’t help having some admiration for it.
I’m not really sure what we can do at this point to prevent this from getting really bad. All I can think of is that clever hackers start work right away on cracking the living daylights out of secure boot – you know, just to be prepared.
So in short, when your desktop or laptop blows up, and your data is toast. I, nor will anyone else, will be able to recover your data, unless you use Microsoft’s products.
Web Browser Defense
For most of us, the Web browser is the first application we use when we turn on a computer. It’s how we check email, read the news, chat with friends and do just about everything.
What many users don’t realize, however, is that the Web browser is the most important security defense our computers have — and yet 60 percent of the browsers accessing the Internet today are outdated. An outdated browser ends up impacting everyone’s security, privacy and performance.
I wrote about Microsoft warning us *rolls-eyes* last week, in that we were not using a “secure” browser like Internet Explorer” GASP!..the horror of us ignorant consumers!
To help users understand the importance of the browser you use, the Online Trust Alliance (OTA), a Web-industry trade group based in Bellevue, Wash., that promotes security and trust in online marketing and commerce, recently unveiled the “Why Your Browser Matters” initiative.
“The ‘Why Your Browser Matters’ initiative provides users overall recommendations to upgrade their out-of-date and legacy browsers for a more safe, more private and more compelling online experience,” said Craig Spiezle, executive director of OTA. “The Initiative is all about communicating with computer users to make them realize that an updated Web browser is one of the most important security steps you can take. It’s as important as running anti-virus/anti-malware software.”
Spiezle is quick to point out that while there is no magic bullet when it comes to computer security, the browser is on the front line of defense because it is used so frequently.
“Modern browsers detect malicious websites and phishing URLs, analyze downloads and support a broad suite of privacy features,” Spiezle said. “It’s critical to have these at your disposal when it comes to protecting yourself online, as well as protecting your machine in general.”
Modern browsers try to provide security for users in three different ways, explained Roger Thompson, chief emerging threats researcher for ICSA Labs in Mechanicsburg, Pa.
For example, said Thompson, all modern browsers have “blacklists” of known malware sites and try to prevent users from visiting them. This method works well if the malicious sites are well-known, but online criminals try to move websites around by changing domain names and IP addresses faster than security researchers can update the blacklists — so sometimes this doesn’t work.
Some browsers, such as Google Chrome, also run applets and executable code in a “sandbox,” meaning that the code and applets can’t affect other parts of the browser or the operating system. Again, this doesn’t always work.
And all modern browsers have a somewhat regular patch cycle, in which developers fix vulnerabilities to prevent direct attacks.
A good illustration of how a browser can act as the first line of defense is with regard to shortened URLs, or Web addresses.
URL-shortening services such as bit.ly, tinyurl.com or is.gd are handy to use when including links in instant messages, text messages or Twitter posts. Unfortunately, URL shorteners also mask the actual URLs they lead to, and give no warning that links might be drive-by downloads or exploits waiting for unsuspecting victims.
Fortunately, some enterprising software developers have created a way to find out where you’re going.
“There are plug-ins available for Chrome and Firefox that will automatically expand short URLs to their actual address when viewing pages containing such links,” said Harry Sverdlove, chief technology officer of Bit9, a Web security company in Waltham, Mass. “These are useful when using Facebook or Twitter from a browser, common places where malicious links are hiding in short URLs.”
How to protect yourself
As Thompson pointed out, browser vendors are good about providing updates and patches that improve security by fixing vulnerabilities that bad guys exploit. But after that, it’s up to the user himself to take action by actually downloading the updates, or upgrading the browser to the latest version.
You can check the version number of your browser by going to the Help button on your browser’s menu and checking the “About” section. (On a Mac, click the name of the application next to the apple icon in the upper left of the screen.) Often, the “about” pop-up window will prompt you to check where there might be updates available.
For those who use Internet Explorer, Spiezle has this important piece of advice: ”If it says Internet Explorer 6 … run, do not walk to the nearest free download of Internet Explorer 9.”
(If you’re still running Windows XP, update to Internet Explorer 8, the latest version you can install.) Which is the highest version you can run on Windows XP, unless someone figures out a hack for it, which they will. I rather you run Google Chrome.
Internet Explorer 6 has been the target of a number of malicious attacks over the past decade; newer versions of Internet Explorer are much more secure.
Does it matter which browser you use? Spiezle and Thompson disagree on that question.
While Thompson said that today’s browser upgrades have leveled the playing field when it comes to security, Spiezle pointed out that there still are differences among them, and each user has to assess which is best for his own uses.
“You need to look at not only the security features, but also privacy features, as well as support for the latest technologies,” Spiezle said.
Here is the link for a good start, https://otalliance.org/browser/ At first I was thinking that this was another Internet Explorer centered website, but at least they mention the alternatives.
Windows XP – 10 years
Ten years ago this, Microsoft released Windows XP, which became one of its most popular flavors of the Windows operating system — largely because what came after it, Windows Vista, was so terrible and a complete failure. Windows 7, and all its glory was so great it took two years to surpass XP.
This month marks the first time that Microsoft Windows XP has dipped below 50 percent market share among personal desktops and laptops worldwide, after having peaked at about 75 percent in 2007, according to NetApplications.com and Statcounter.com
The 10-year-old operating system is notorious for its security holes. It’s got much less protection against viruses, Trojans and other malware than do its successors Windows Vista and Windows 7, and even the National Security Agency itself advised against XP’s continued use in a document released earlier this year. Yet it maintains a strong presence worldwide, especially in China and Russia, and that huge installation base makes it easier for malware writers to spread their wares.
Savvy users might blame XP’s enduring popularity on the naivete of less knowledgeable consumers, but the real culprit might be Microsoft’s own naivete when it comes to how consumers make their decisions.
“Users in general are averse to taking time out of their schedules to come up to speed on the newest features which, at the end of the day, they don’t view as significantly improving their productivity,” said Tom Halleran, a service delivery executive at a global IT services provider.
Microsoft is slowly but surely abandoning XP. Mainstream support was officially retired in 2009, and the software giant will discontinue all support — likely including security patches — for XP by 2014. The company’s motivation is clear: Compared to streamlined modern operating systems such as Linux, XP has become an embarrassment. I have a XP counter at the bottom right sidebar of my website, don’t wait to act and to make a decision on what operating system to migrate too.
Aside from perpetuating security holes that were never fully addressed, XP makes other operating systems more attractive to consumers looking to trade up. Comparison shopping between Windows 7 and Apple’s Mac OS X is a more or less level playing field; comparison shopping between XP and OS X is no contest.
So why are XP users reluctant to upgrade? There are four main reasons.
Price is an obvious factor, and not just because Windows 7 starts at $200. Mainstream consumers tend not to upgrade their operating systems until they buy new machines. Microsoft expects its customers to respond to upgrade deals, yet ignores the fact that the cost of the hardware itself — a new desktop or notebook — is the real stumbling block from a financial perspective.
Then there’s another concern: compatibility. Corporations may have to buy new machines for entire departments to keep up with operating-system requirements. Home users often prefer to have all their machines running the same operating system — the unpredictable network mismatches that can arise are often too difficult or time-consuming to troubleshoot — and at $200 per Windows 7 license, it may be easier to stick with XP across the board.
Home and corporate users also don’t like the learning curve of adapting to a new system. XP users are used to their work flows; they know where to find what they need, and they like it that way.
Microsoft is mistaken in thinking that every new version of its flagship OS must be a substantial change from the last. Windows users have set tasks to accomplish when they boot up, and taking time out to re-learn how to accomplish those tasks is not what they signed up for. The waste of hours (and, potentially, corporate resources) is a strong deterrent to upgrading.
Some advanced users might consider the above three reasons for resistance to be limited to the less computer literate, but many coders and developers find a fourth reason to avoid updating: preference.
“Tech-savvy users who understand the security benefits of upgrading are often unhappy with what they see as an increasing lack of control over their system,” Halleran said.
With both Vista and Windows 7, Microsoft has been pushing toward a sleeker, more user-friendly, but less user-controlled model. It’s no coincidence that these developments have been compared to Apple’s standard look and functionality. A quick Google search for the phrase “more and more like Mac” turns up nearly half a million results, and even a cursory glance at the text excerpts suggests that this isn’t what a lot of Windows users want.
If it’s attempting to win over Mac users, Microsoft has failed on two counts: Mac users exhibit tremendous brand loyalty, and PC power users tend to stick with Windows precisely because it isn’t Mac. If anything, this race toward a shiny OS singularity only encourages power users to adopt alternative operating systems such as Linux; and indeed, as XP’s market share has dwindled, Linux has gained ground.
In mimicking the Mac model, Microsoft is alienating its hardcore demographic. Despite quirky ad spots to the contrary, the choice of “Mac or PC” these days is usually based on mere preference, not technical factors.
At the same time, Microsoft’s unrealistic assessment of consumers’ willingness to upgrade to unfamiliar systems at high prices means that the world will likely be saddled with XP for years after support is completely abandoned.
Facing the glaring security problems of an XP-infested future, Microsoft might need to rethink both its OS development and its business strategy. The company can sweep XP under the rug, but it won’t be easy to smooth out the big lump that remains.
While many of us may be looking to migrate from Windows 7 to Windows 8 when it becomes available (I’m not, I have no need for either) — no date is set, but it could be late next summer — there are still plenty of folks using XP for many of reasons. However, with the economy as it is and getting tighter, now is the time to look at a decent operating system, such as Linux Mint. The benefits are enormous and you are missing out! There is no reason to go out and buy a new computer, just because Windows XP is expiring or even upgrade. Windows 7 has no feature benefits worth spending the money on; the only difference maybe you get Internet Explorer 9, but who needs that when you have Firefox and Chrome, which are are supported with extensions.
The advantages of Linux are five fold:
- Cost – The most obvious advantage of using Linux is the fact that it is free to obtain, while Microsoft products are available for a hefty and sometimes recurring fee. Microsoft licenses typically are only allowed to be installed on a single computer, whereas a Linux distribution can be installed on any number of computers, without paying a single dime.
- Security – In line with the costs, the security aspect of Linux is much stronger than that of Windows. Why should you have to spend extra money for virus protection software? The Linux operating system has been around since the early nineties and has managed to stay secure in the realm of widespread viruses, spyware and adware for all these years. Sure, the argument of the Linux desktop not being as widely used is a factor as to why there are no viruses. My rebuttle is that the Linux operating system is open source and if there were a widespread Linux virus released today, there would be hundreds of patches released tomorrow, either by ordinary people that use the operating system or by the distribution maintainers. We wouldn’t need to wait for a patch from a single company like we do with Windows.
- Choice (Freedom) – The power of choice is a great Linux advantage. With Linux, you have the power to control just about every aspect of the operating system. Two major features you have control of are your desktops look and feel by way of numerous Window Managers, and the kernel. In Windows, your either stuck using the boring default desktop theme, or risking corruption or failure by installing a third-party shell.
- Software - There are so many software choices when it comes to doing any specific task. Sometimes its a simple modification or feature enhancement of a already existing piece of software, sometimes its a brand new application. In addition, software on Linux tends to be packed with more features and greater usability than software on Windows. Best of all, the vast majority of Linux software is free and open source. Not only are you getting the software for no charge, but you have the option to modify the source code and add more features if you understand the programming language. What more could you ask for?
- Hardware - Linux is perfect for those old computers with barely any processing power or memory you have sitting in your garage or basement collecting dust. Install Linux and use it as a firewall, a file server, or a backup server. There are endless possibilities. Old 386 or 486computers with barely any RAM run Linux without any issue. Good luck running Windows on these machines and actually finding a use for them.
Either way you look at it, you will be forced to relearn Windows 7 when you leave XP, then yet again when you leave for Windows 8. Look at the advantages Linux can offer you and make the decision to try something new for once. You will have to eventually as Windows is totally change the user interface and killing off the start menu. http://jet-computing.com/microsoft-kills-start-menu/
UEFI, Secure Boot, and Freedom of choice
Summary: The Linux Foundation and friends are working on using UEFI so that computers can be both more secure and give users freedom of operating system choice instead of using Microsoft’s secure boot plan to lock users into Windows 8.
Last month Steven Sinofsky from Microsoft announced new requirements for manufacturers wanting to ship Windows 8 systems, including a feature called “Secure Boot”. I wrote about this last month: http://jet-computing.com/microsoft-kicks-linux-from-windows-8/
Canonical, together with Red Hat, today publishes a white paper (shown below) highlighting the implications of these requirements for users and manufacturers. The paper also provides recommendations on how to implement “Secure Boot”, to ensure that users remain in control of their PCs.
However, the obverse of this would be that Microsoft wants all new personal computers to be a closed appliance, as Apple is with it’s hardware and software.
Secondly, it would be most beneficial for the government because, if keys are decided by OEMs then they would have them by default. If keys are chosen by users then, it becomes more difficult for government. UEFI is a great thing, if it is left to users to choose keys. This way we retain complete control of our own computer systems and does so long as it is done not so as to lock out competition.
The UEFI Forum, of which Canonical is a member, is defining the next generation interface between your system’s firmware and any operating system that runs on it. The new specs will make Ubuntu systems boot quicker, have a better battery life and are easier to configure.
The latest UEFI specification also defines a process called Secure Boot (version 2.3.1 – Chapter 27). Secure Boot is designed to address the potential for malware to insert itself between the firmware and the operating system on your computer. It accomplishes this by enforcing that only “approved” software is able to boot in your computer by way of a key that recognises pre-approved and signed software.
According to Microsoft’s presentation at //BUILD/2011, Secure Boot will be “Required for Windows 8 client”. While the UEFI specification does not recommend a specific implementation, Microsoft has a preferred solution (outlined on this blog post) which does not give the user full control over what software that is approved to run on their PC. This is the real issue for users.
Secure Boot should be available to all users
Canonical successfully partners with computer manufacturers to ship millions of Ubuntu pre-installed systems every year. While this distribution will continue to thrive, we are concerned for users wanting to install any Linux distribution on a PC sold with Secure Boot “ON”.
Any new Windows 8 PC will have Secure Boot switched “ON” when it leaves the shop and will be able to boot Microsoft approved software only. However, you will most likely find that your new PC has no option for you to add your own list of approved software. So to install Linux (or any other operating system), you will need to turn Secure Boot “OFF”.
However, we believe that you have the right to have your cake and eat it too! Its possible to have Secure Boot and the ability to choose your software platform.
This is why we recommend that systems manufacturers include a mechanism for configuring your own list of approved software. This will allow you to run Windows 8 and Linux at the same time in your PC with Secure Boot “ON”. This should also include you being able to try new software from a USB stick or DVD.
Even with the ability for users to configure Secure Boot, it will become harder for non-techie users to install, or even try, any other operating system besides the one that was loaded on the PC when you bought it. For this reason, we recommend that PCs include a User Interface to easily enable or disable Secure Boot and allow the user to chose to change their operating system.
Canonical has discussed these concerns with key industry partners and competitors, resulting in the “Secure Boot Impact on Linux” White Paper, authored by Jeremy Kerr (Technical Architect at Canonical), James Bottomley (Kernel Developer) and Matthew Garret (Senior Software Engineer at Red Hat).
I recommend you read this document to gain a better understanding on how Secure Boot will affect you.
