
Before you Dual Boot – MS, OEMs and Linux - dopkew
http://www.eightforums.com/installation-setup/19739-before-you-dual-boot-truth-about-ms-oem-s-linux.html
======
userbinator
I'm now happier than ever that I bought one of the last pure-BIOS motherboards
of the i7 era, and a laptop (Thinkpad X60) that can run completely free
software
([https://www.fsf.org/resources/hw/endorsement/gluglug](https://www.fsf.org/resources/hw/endorsement/gluglug)
, although I didn't know that when I bought it several years ago ), and I plan
on holding on to these machines and making the most of them for as long as I
can, because the future of the PC is looking more and more closed with each
new change.

It was only a few decades ago when IBM released the PC AT, complete with a
full set of documentation, even the full source code of the BIOS. Now you're
lucky if you can even get a datasheet for the SuperI/O chip or processor VRM
controller. I've observed this decrease in openness through the years, but
it's only most recently (post-Nehalem?) I've noticed this happening at an
accelerated pace.

Throughout this time, all the changes that have been made for "security"
appear to me as more and more like attempts to secure systems against their
users, taking control away from them and forcing them to trust some authority
instead. Code signing, secure boot, TPM, patch protection, etc. It is becoming
more difficult to stay in control of the hardware you bought.

It is true that several years ago, it was probably much easier to infect
systems with malware, but at the same time, the users had more freedom;
including the freedom to explore, use, and modify the OSes of their choosing.
Is this freedom something we should really be sacrificing? The well-known
quote comes to mind: "Those who give up freedom for security deserve neither."

~~~
derefr
I think it all comes down to the death of what was, in the 90s, called the
"power user."

There have always been two kinds of computer users: Administrators--those who
can be trusted to administer their own systems; and Users--those who cannot,
who need someone else to Administer their system for them.

The Power User emerged as a gross hybrid because of the limitations of
Personal Computer OSes. In Windows 98, for example, everyone was implicitly
considered an Administrator, even if they had no idea how to Administer
anything. (They were _Users_ with the full _Power_ of an Administrator.)

What would frequently happen is that one person in an extended family would
have such knowledge as to be capable of actually Administering computers, and
would frequently have to drop in to perform Administrative maintenance for
relatives, who had no idea they had to do such things themselves. Nobody would
be looking out for the computer in the interstice.

This era is thankfully over. What do we have now? No greater number of people
capable of Administering their own computers, certainly.

Instead, what happens now is that the hardware manufacturer provides hooks
(the Secure Boot certificate store et al.) such that the computer's Owner can
delegate Administrative power to the OS distributor (Microsoft, Apple,
Canonical, etc.), leaving the Owner as a plain User. "That guy in the family
who knows computers" no longer has to be involved--effectively, the OS
distributor _is_ "that guy."

This is only really a problem for people who _want_ to Administer their own
computers (though in any form-factor where you can buy a motherboard
separately, all these protections _can_ be disabled.)

Frankly, though, I see less and less of a need for people to Administer
personal computers. PCs (I'm including both desktops and mobiles in this set),
these days, are basically the equivalent of VT-100 terminals: fancy screens
you buy, take out of the box, and plug directly into the internet.

This is what I would call the "modern tinkerer mindset":

• "Real Software" runs on Impersonal Computers: servers, either racked in your
office, or existing nebulously in "the cloud." When you are developing this
software, you keep a VM that simulates such an Impersonal Computer running on
your Personal Computer, and interact with it as if it were a network resource.

• Development of new Operating Systems occurs using a hardware emulator
(really a more precise VM), like qemu. It then moves to ordinary VM software.
Everyone else who tries your hobbyist OS will only want to run it in a VM
themselves. Getting it running on Real Hardware is a 1.0 feature.

• If you want to fiddle with hardware yourself, you get a Raspberry Pi, or any
of innumerable other devices aimed squarely at tinkerers. You could develop an
OS using these, too, although it's a much greater hassle than just using
emulation software. These devices are open in ways Personal Computers never
were, having everything from schematics to JTAG pins available.

Given that mindset, what do you _gain_ by having Administration rights to your
new-age VT-100 Personal Computer?

You might answer "the surety that Microsoft/Apple/etc. will never ban VM
software from its platform", but no OS distributor would dream of doing this:
after all, how, then, would its first- and third-party developers do their
jobs? They rely on VM software just like the rest of us.

~~~
userbinator
> Given that mindset, what do you _gain_ by having Administration rights to
> your new-age VT-100 Personal Computer?

The freedom and power to control what's yours. A chance to explore, to learn
more about the system you're using and possibly adapt it to fit your needs.
IMHO giving users that _chance_ is very important: how many experienced
developers started out as power users - who also were originally only users?
By taking away these chances, keeping regular users relatively oblivious,
fewer of them will want to go through the increasing hassle of "becoming a
developer"; it becomes an abrupt decision instead of the continuum of
knowledge it once was. This divide between "users" and
"developers/administrators" only makes it harder for users to cross that gap,
and takes control away from them.

> If you want to fiddle with hardware yourself, you get a Raspberry Pi [...]
> These devices are open in ways Personal Computers never were, having
> everything from schematics to JTAG pins available.

Funny you mention the RPi, as it's nowhere close to being as open as the PC/AT
was.

~~~
derefr
You seem to be conflating "developer" with "administrator", which I just don't
understand.

Want to be a developer? Download [https://love2d.org/](https://love2d.org/),
open Notepad and write some Lua, save it in the same directory and run the
executable. Or write some text that starts "<script>", save it as HTML, and
double-click it. Or download Racket and follow the tutorials. Or, if you
really insist on writing low-level code, download {Visual Studio Express,
XCode Command Line Tools, Debian build-essential} and open up a shell.
Learning to program has only gotten easier and easier over the decades.

But wanting to be an Administrator? What for?

Do you want to Administer your DVD player? It's an appliance. It plays DVDs.
It works well _because_ it only plays DVDs.

PCs are appliances. They run, in sandboxed environments, "application
software", which are binary packages code-signed-by-proxy by the OS developer.
They work well _because_ they only do this. And _within_ the framework of
these restrictions, you can still program new software, or an entirely new OS.
These are tasks this appliance lets you perform.

You can build your own computer. It won't be an appliance. You can also build
your own DVD player. It won't be an appliance either. Is it so bad, then, that
DVD players exist for playing DVDs? Is it so bad, then, that PCs exist for
running sandboxed code-signed applications?

~~~
diydsp
<sarcasm> What do you have a kitchen for? You can microwave TV dinners all you
want. If you want to make your own recipe, say because you want to be healthy,
or don't like the flavor of TV dinners, you can just make a simulated Real
Recipe out of pieces of TV dinners. It's almost as good.

Just let someone else more qualified than you, or well maybe not more
qualified, but more in charge than you, decide what you should eat. Selecting
a restaurant or frozen dinner has only gotten easier and easier over the
decades. But wanting to be a cook? What for?

And why do you need a camera? People should be able to sell you pictures of
whatever you want a picture of. There should be enough pictures of everyone on
Facebook already. Or, if you really insist on having a picture of something or
someone that a Big Corporation doesn't have, just get out some crayons and
sketch them. Buying crayons and coloring books has only gotten easier and
easier over the decades. But why take your own pictures, what for?

And what do you need musical instruments for? Want to be a musician? Just
download some songs that have already been written and play them in a
different order on your DRM-closed player. Or, if you really insist on having
your own choice in music, just call a radio station and request something.
Calling and requesting songs has only gotten easier and easier over the
decades. But wanting to make your own music or start your own band? What for?

And that address bar on your web browser? Just go to yahoo.com, and click all
the links there. They already know what's good for you. If you really insist
on having your own, post to a social network. Starting a web page on
Facebook/google has only gotten easier and easier over the decades.

But wanting to go to whatever websites you want - or make your own websites?
What for? </sarcasm>

~~~
derefr
Er, did you miss the part where I said "You can build your own computer. It
won't be an appliance"?

Most kitchens have microwaves in them. Sometimes a microwave is the best tool
for a job. (For defrosting red meat, for example.) But chefs don't insist on
forcing their microwave to somehow do all their kitchen-related tasks; they
use other tools, each with its own affordances, each with a best-suited task,
together, to get done what they want done.

Likewise, a home-entertainment system usually has a DVD player in it. You
don't try to use your DVD player as a PVR, or a video-game machine. You use
separate devices for each of those tasks.

A capital-c-Computer is an amazing machine that can do many things equally
well--it's sort of like an undifferentiated stem-cell. I completely understand
wanting to use a capital-c-Computer, just for the sheer neatness-factor of it.

But a PC? The modern PC _isn 't_ a capital-c-Computer. The modern PC is a
microwave, a DVD player. Like the microwave, like the DVD player, you likely
have one _in your toolkit_ \--in fact, you likely use it for a lot of things.
But it'd be silly to expect it to do everything.

You can have your capital-C-Computer and a PC too. Neither of them is going
anywhere.

------
bananas
I never dual boot. It's a PITA with UEFI or not and has been since the dawn of
time. It's Linux -or- Windows. UEFI is not a problem though - people need to
stop badmouthing something they really don't understand.

I settled on using Windows as a host OS[1] and use Linux on VMs because to be
fair, Windows power management, suspend/resume and hibernate and driver
support is miles better i.e. it actually works more than once. Oh and they
really don't fuck up the kernel every 2 minutes like on Ubuntu and don't throw
out buggy shit like Apple do.

I used a 2011 MBP for the last 6 months or so however (with virtualbox) and I
had to go back to an older and slower T400 as it was more reliable as well.

So virtualbox on windows 7 it is. And it works _really_ well. I'm pretty happy
and I'm a picky as they come when it comes to hardware and software.

On my desktop (a Dell T3500 with piles of RAM), it's 8.1 with Hyper-V with
Linux in it as that works pretty damn well too.

Is suspect the problem here is _users_ rather than _hardware_ and _vendors_.

[1] On my Lenovo T400.

~~~
donniezazen
Generalization that Windows has better "power management, suspend/resume and
hibernate and driver support" is grossly wrong. Noob friendly Linux
distributions like Ubuntu provide excellent support of all the points you
mention.

~~~
bananas
They really don't. Suspend doesn't always wake up all devices, different
kernel releases break hibernate completely. Also Ubuntu just disabled
hibernate for a vast chunk of time. It's never worked properly. And don't get
me started on all the playing around you have to do with powertop to get
usable battery life.

And that is Ubuntu (12.04 LTS) noob friendly edition on standard Intel
Centrino hardware.

~~~
girvo
Hibernate is a good point. But on my Samsung Series 5 ultrabook, Ubuntu 13.04
got better battery life, out of the box, than Windows 8 did.

------
CSDude
Hear my fucked up story of UEFI, Secure Boot and Windows 8:

I have a Windows 8 laptop. It had 2 HDDs, so I easily installed Ubuntu 13.04
to second HDD. However, during a Win8 update process, it hanged for hours and
I force closed. Then even my recovery partition was corrupted. So, I wiped my
first HDD, and since the OEMs don't give DVDs anymore, I could not install it.
I live in Turkey, and there is a special version of Win8 Single Language, not
found on internet. You cannot confirm checksum of them because it is not
widely used, and depends on the region I think (maybe wrong). Therefore, even
If I found a iso on Turkish forum I could not verify it, but tried to install
Single Language version anyways. But It could not verify my key, that is
burried in my motherboard. I tried to install Windows 8 Pro from MSDNAA, and
it said it cannot because of the internal license on my pc. I tried dozens of
way to disable it. When I got Windows 8.1 Pro from MSDNAA as well, It
installed without problems. That is really f*cked up. I did not like flatness
of even windows, I disabled Secure Boot, removed my partioning from GPT to
MBR, installed my Ubuntu with Windows 7 as it is used to be, before these dark
times.

Now I'm a teaching assitant of operating systems course, students need to use
Linux for assignments, and almost all of them uses VirtualBox, which is not a
very good replacement for native experience. It is fast, but not fast enough.

~~~
ntakasaki
What has this got to do with Secure Boot?

~~~
tanzam75
> _What has this got to do with Secure Boot?_

It's got nothing to do with Secure Boot. If he had gone into the UEFI and
disabled Secure Boot, the problem would still have occurred.

Secure Boot has become this scapegoat for everything that could possibly go
wrong.

As its name suggests, Secure Boot prevents the OS from booting. If the
_installer_ is complaining about a product key mismatch, then it's got
everything to do with the installer and nothing to do with Secure Boot.

~~~
CSDude
I did not say Secure Boot causes this, the UEFI contains product key, and it
does not allow to be deleted, modified or extracted. Since it is permanent
there, Windows installer fails to accept another key, or even a legitimate
higher edition Windows installation.

~~~
tanzam75
> _I did not say Secure Boot causes this,_

Here's what you said:

> _Hear my fucked up story of UEFI, Secure Boot and Windows 8:_

Why mention Secure Boot at all? It's got absolutely nothing to do with your
situation.

~~~
CSDude
It is a story about all of them, I did not say Secure Boot caused this
problem, I said I disabled it to be able to install Windows 7.

~~~
tanzam75
> _It is a story about all of them, I did not say Secure Boot caused this
> problem, I said I disabled it to be able to install Windows 7._

Suppose that a user buys a Windows 8 machine, goes to a website, and downloads
malware that slows down the machine and makes it unusable. Finally, a local
teenager wipes the machine, disables Secure Boot, and installs Windows 7.

One would hardly say that this is a "f-cked up story of" malware, Secure Boot,
and Windows 8. Secure Boot is merely incidental, and has nothing to do with
the issue of malware on Windows 8.

------
yc-kjh
OpenBSD does not support UEFI, and probably never will.
[http://permalink.gmane.org/gmane.os.openbsd.misc/196288](http://permalink.gmane.org/gmane.os.openbsd.misc/196288)

Please note that OpenBSD has no problem handling large disks, greater than 2
TB. The problem is with the horrible Restricted Boot (UEFI) system.

The Asus model 1015E is in violation of the requirement that UEFI (Restricted
Boot) can be disabled, and that Legacy Boot can be enabled. I am boycotting
all future Asus products, because I had to deal with this problem _after_ I
had already purchased one. It was difficult and painful to get my money back.

If any manufacturer purposely builds systems without Restricted Boot, I will
patronize them (even for non-Arm products). I am hoping that some manufacturer
will build a line of Arm-based devices without Restricted Boot. (Yes, I know
about BeagleBone, Raspberry Pi, etc. But these are not full-featured laptops.
They are embedded machines aimed at embedded uses. I _do_ use them for that
purpose. Also note that the Raspberry Pi has the craptastic Broadcom chip, and
it is _anything but free [as in liberty] and open_.
[http://permalink.gmane.org/gmane.os.openbsd.misc/192942](http://permalink.gmane.org/gmane.os.openbsd.misc/192942)
Also, the recent release of source code from Broadcom is only open source
wrappers that call proprietary binary blobs. Fsck Broadcom.)

~~~
sounds
Please post a blog link to your Asus 1015E and Broadcom experiences. I want to
reshare and help build community awareness.

~~~
yc-kjh
I don't blog.

~~~
sounds
Ok. I can respect that.

------
mindslight
With the locked down antics that manufacturers are pulling these days, the
only way to protect yourself is to root your device and install your preferred
environment on it _immediately after you obtain the device_. Don't delay or
procrastinate with excuses like wanting to try out the manufacturer's
experience, waiting until you need the functionality, or wanting to prepare
more. Every day you put it off, the more likely you will end up stuck with and
dependent on a user-hostile device that you were tricked into.

You need to run into every possible incompatibility or bricking while you're
still well within the return and credit card dispute periods. And if you're
actually unsure of how to proceed in making sure that shiny new device
actually works for you, please please ask a technical friend for help. The
future of society very much depends on it.

------
zyztem
Actually, it is not that difficult to dual boot Windows/Linux with UEFI. You
just need more understanding about this whole thing. I can recommend Arch wiki
article:
[https://wiki.archlinux.org/index.php/Unified_Extensible_Firm...](https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface)

And [http://www.rodsbooks.com/efi-bootloaders/](http://www.rodsbooks.com/efi-
bootloaders/)

Kernels 3.3+ can be loaded from EFI partition directly without additional
bootloader, no need to wrestle with grub-efi. This blog explains required
configuration:
[http://wolfwings.dreamwidth.org/224805.html](http://wolfwings.dreamwidth.org/224805.html)

~~~
zanny
efibootmgr makes it really simple to set up. When I get a new computer with
Arch, once I install the base system, my bootloader is literally just:

efibootmgr -c -l /vmlinuz-linux -L "Archlinux" -u "initrd=/initramfs-linux.img
root=<root partition uuid> ro quiet splash security=tomoyo"

Assuming /boot is my efi system partition.

The real problem is that most motherboard manufacturers have absolute garbage
bloated proprietary messes of EFI implementations, and we are stuck with Intel
jamming this shit down our throats in the first place rather than opening up
their chipset documentation so we could have coreboot support on these boards.

------
patcheudor
I learned my lesson long ago. Linux is for VMs. I run vanilla Windows as my
boot OS and then use Linux from within a VM, thus getting the benefits of
Windows hardware compatibility where I need it. This lets me do things like
run nine monitors when my laptop is docked by chaining DisplayLink adapters.
Note that Windows with DisplayLink will only support eight monitors so for the
ninth I bind the DisplayLink adapter to the VM for dual monitors with my Linux
VM. Going above more than two monitors with a Linux host OS is akin to beating
one's head into a wall, especially if you move between monitor configurations
often, but just works in Windows.

Thus far, with the ability for the VM to bind specific hardware directly and
not shared via the host OS I get all the benefits of a Linux host OS without
the hassle of broken driver implementations taking me down for long stretches
at a time. As an example, I can bind my ALFA WiFi adapter directly to the
Linux VM and run aircrack-ng all day long.

Yes, there are drawbacks. You will need a bigger hard-drive (best if you can
fit two in your laptop) and more memory, but those are cheap these days. The
benefits, however are massive. I keep multiple VM versions and can instantly
recover from anything stupid that I might do in the Linux kernel without
impacting my ability to actually get my work done.

~~~
yulaow
I have the problem that in my windows os I need to run hyper-v to use the
emulator of windowsphone and windowstablets for work purposes.

Why is it a problem? Because if you active hyper-v (and you need a reboot to
change from active/deactive) all other VM, if started, will crash your os,
show a blue page of death, restart your machine and show a "I am trying to
recover your system" for like 20 minutes.

And hyperv is like the shittest VMm ever to run linux over it, also with the
"officially supported" linux versions.

~~~
bananas
Hyper-V user here. It's fine - I run 12-15 VMs (4 of which are Linux) at a
time (full production environment with virtual networking) on a 4 year old
Dell T3500 Quad Xeon with 32Gb of RAM. Sounds like your hardware is
broken/crap.

~~~
vetinari
On server, it is fine.

On notebook? Trying to combine Hyper-V (for WP dev) and Intel HAXM (for
Android dev) is BSOD nightmare. It stopped after I got rid of Hyper-V...

~~~
bananas
It's fine on a notebook too.

More than one hypervisor per machine is not a good idea. You'll get the same
problem with Intel HAXM and VMware as well.

To be fair the problem with this is that the whole Intel virtualization
architecture is hacked on the side (as is every other damn feature since the
80186).

------
voltagex_
I really don't understand all these people having issues booting in UEFI mode.
Fine, disable Secure Boot (or boot Fedora/Ubuntu if you care about it), load a
recent distro and get on with your work/play.

~~~
CSDude
If you disable UEFI, you need to install your system again, and you cannot use
your old license to install it, at least in Win8. So you either buy another
Win8. So disabling UEFI is not an option, for dual boot.

~~~
higherpurpose
Holy cow, how are we just now finding out about this? So Microsoft is forcing
you to buy yet another Windows license, after you already paid for the one
included with the laptop, if you want to dual-boot?

This should been a scandal when Windows 8 launched.

~~~
tormeh
Not really. Installing Linux on a computer running UEFI is perfectly possible.
It's just really hard. I'm typing this on just such a machine and it involved
activating BIOS emulation and then when the Ubuntu purple loading disk screen
came I needed to do a magic key-combo and set some options I don't remember.
Then I needed to run bootrepair and instruct it to make Ubuntu UEFI bootable
and finally I could turn off BIOS emulation.

It's hard as fucking hell.

~~~
zanny
My last two systems (desktops, I don't even have a working notebook right now,
waiting for Broadwell) used Asrock and ASUS boards with EFI implementations
that worked pretty well out of the box under Linux. One runs Suse 13.1, the
other runs Arch. They both have their bugs - the Asrock system wipes the EFI
boot table every firmware update, and the ASUS one can only have one entry in
the EFI boot table, and neither has a working EFI shell - but I did my
research to know they worked.

------
higherpurpose
There's another insane thing I've recently heard about - that Intel intends to
lock the OS to their own (new) chips, and you can't dual-boot or install
another OS. If they do this, yes I expect them to say that "the OEM has the
choice" to allow for dual-booting or whatever, but I bet you 90 percent of PCs
will be locked to Windows, when this arrives on Windows machines:

[https://plus.google.com/+GuidoStepken/posts/bD2VHB4LcEU](https://plus.google.com/+GuidoStepken/posts/bD2VHB4LcEU)

~~~
marcosdumay
Well, once they do that, the same way that one should avoid Windows 8 if he
wants to have a chance of running Linux, one will also be recommended to avoid
an Intel processor if he wants control of his system.

Except that Intel has less of a monopoly than Microsoft, so that's way easier.

~~~
jcastro
This would be worse on laptops. It's braindead easy to just snag an Intel-
based laptop and know everything will work out of the box. (Other than the
Poulsbo netbooks generally speaking they've done a great job supporting Linux
on their hardware).

With AMD laptops you might end up with a Broadcom wireless card and an AMD
GPU.

------
ganeumann
The article claims: "One reason all PC's that come preinstalled with a
Microsoft operating system is cheaper than regular laptop is that Microsoft
subsidizes the cost of the hardware."

I had always thought that PC makers paid Microsoft for Windows. The article
claims that, instead, Microsoft pays the PC makers to install Windows. I don't
see how this could possibly be true if most copies of Windows are sold pre-
installed on PCs.

~~~
ams6110
I've never heard that Microsoft pays OEMs but they certainly do give them a
discounted price. Also it is my understanding that they do have some contract
terms that either forbid sale of the same hardware with other OSes
preinstalled or forbid sale at a lower price with other OS or no OS.

This is all from years ago, I don't know what terms are these days. Obviously
Dell, HP, etc. do have a few preinstalled Linux systems in their catalogs now.

------
derekp7
Here's my rant on how Secure boot should be done. Currently, you have
Microsoft's public key certificates in the firmware, and you can either boot
with secure boot on or off. I would rather that the certificates be treated
similar to a web browsers, where you have a list of "official" certs belonging
to multiple independent entities. In addition, when in secure mode, you
shouldn't be able to boot from unsigned media.

Now here's where I think this can be improved. Usually, hitting something like
F12 at boot time gives you a list of devices to boot from (internal drive, USB
devices, DVD, network, etc). What I'd like to see added to this is an item
labeled "Boot from unsigned DVD/USB/Network [for OS installation mode]". Once
this is selected, whatever you boot would have access to adding additional
certificates to the firmware. Or, more appropriately, you should be able to
select 3 boot options: 1) boot from signed media; 2) boot from unsigned media;
3) boot from unsigned media with write access to certificate key store [OS
installation mode]. That way, the end user can still maintain complete control
over their hardware, yet still get the benefits of protection against boot
sector malware / low level root kits.

~~~
Locke1689
This sounds like secure boot's "Custom Mode." 'Certified for Win8' requires
that all non-ARM machines support either Secure Boot Custom Mode or SB
disabled. I would hope they would support custom, but that's the
manufacturer's prerogative.

~~~
yc-kjh
Asus does _not_ support disabling Restricted Boot for their model 1015E.

~~~
Locke1689
Cite?

------
jrockway
In this thread: a bunch of people who know nothing about computers spread
fear, uncertainty, and doubt.

The reality is: Windows boots fine with Secure Boot disabled. Linux boots fine
from UEFI; the Debian installer sets everything up perfectly.

~~~
yc-kjh
OpenBSD doesn't support UEFI, and will never boot from it.

UEFI (better called Restricted Boot) takes away the user's freedom.

I want to own my hardware. I don't want the manufacturer to own it. I don't
truly own it unless I can run whatever software I want on it. I don't own it
if it prevents me from doing anything I want to do -- no matter what that is.

~~~
just_bytecode
I guess I don't understand how UEFI is inherently less free than BIOS. I
assume most of of the opposition is due to secure boot, but every
implementation I've used let the user manage keys for secure boot or disable
it entirely. Are there other reasons that UEFI is a threat to computing
freedom?

~~~
yc-kjh
The Asus model 1015E does not let you disable Restricted Boot, nor does it
allow you to re-enable Legacy Boot.

I don't have direct proof or experience, but I understand that many other
models (and manufacturers) are similarly broken.

~~~
jrockway
Buggy BIOS is nothing new.

------
joyofdata
For me precisely this was the final reason I needed to simply erase Windows 8
64bit Professional (which I paid for half a year earlier) and install Ubuntu
13.10.

I was worried about driver issues and spending too much time adminstering my
system instead of using it for being productive. I cannot emphasize enough how
unnecessary those worries were - I f __ __ __love it! As an IT guy using R,
Git, Python and further Linux tools this made actually a lot of tasks way
easier!

My recommendation - f __* dual boot - get rid of Windows and switch to Linux!

~~~
dopkew
If you mention what your system is, then it could help others in making buying
decisions. This would then send a message to hardware vendors that linux
support gives them visibility and appreciation.

~~~
zanny
[https://www.system76.com/](https://www.system76.com/)

[https://www.thinkpenguin.com/](https://www.thinkpenguin.com/)

[https://www.dell.com/us/business/p/xps-13-linux/pd](https://www.dell.com/us/business/p/xps-13-linux/pd)

And others. Really, if you are buying a new system for Linux, and it isn't a
custom desktop, just buy a notebook from a Linux provider so you know modern
kernels support the thing out of the box flawlessly.

------
lunulata
"My journey into hell began about two months ago when I purchased a new HP
laptop computer..." That'll teach you. Next time don't buy HP. Those super
cheap laptops come at the price of quality and decent support. You pay for it
one way or another. As for the UEFI being bad or not working well with Linux,
I disagree. I think you just don't know what you're doing and HP support is
bad with no documentation.

------
keithpeter
I currently use a couple of recycled core duo 2 thinkpads. BIOS so of course
GNU/Linux installs easy either whole disk or dual boot with windows.

In the future, I suppose I'll need to look to a Chromebook as a cheap platform
for my GNU/Linux.

Unless people actually start making open hardware...

~~~
grannyg00se
No need to fear. I have a recent Thinkpad (T530) and it boots ArchLinux
painlessly from USB or internal 32gig ssd. Also boots into windows8 from the
main 120gig ssd if necessary. It's UEFI with secureboot disabled.

~~~
lsiebert
Yeah I did something similar on my T530. Booting into Windows is a pain,
compared to Mint. Everything wants to update and reboot.

------
codelap
This isn't about UEFI, I've had no issues with it. Primarily because I don't
use Windows on it. Microsoft is up to it's old tricks here. Then again, try to
run OSX on a Dell. I just wish all these guys would get their heads out of
there asses.

~~~
pritambaral
> try to run OSX on a Dell

I don't get what you're trying to say here, so pardon me if this response is
totally orthogonal to your point.

OS X isn't supposed to be run on PC's (laptop+desktop). Nor is it expected.
Desktop Linux, however, is.

~~~
rjbwork
Except that OSX does run on PC's. The architectures are identical now. My
MacBook Pro can run windows natively because it is an x86/x64 architecture
from the ground up.

~~~
pritambaral
I am aware of the architecture of Mac hardware. But OS X doesn't have driver
(thus hardware) support for all (or even a large range of) hardware that
conform to the architecture. Apple develops (espcially when it comes to
optimizations) OS X expressly for it's own selection of (as opposed to general
purpose) hardware. Apple also goes so far as to actively try to prevent OS X
running on non-Mac hardware[0]. Contrast this with Linux, *BSDs that are
developed on and for a wide range of (and general purpose) hardware.

[0]:
[http://en.wikipedia.org/wiki/Apple%E2%80%93Intel_architectur...](http://en.wikipedia.org/wiki/Apple%E2%80%93Intel_architecture#Dont_Steal_Mac_OS_X.kext)

~~~
codelap
If there wasn't a legal constraint, then hardware manufacturers and the
community would make those drivers.

------
marincounty
I have come to the decision just not to buy anything HP. I had two horrid
experiences with two HP laptops, and two printers that went too soon--1 less
than a year--the other less than a week. Off subject, but when ever I hear HP
I cringe.

~~~
buro9
The key there is to only buy expensive HP stuff.

Their office laser printers are great, and their workstations (e.g. the Z820)
are pretty awesome.

Their cheap stuff on the other hand... I agree with you on every point.

------
Zigurd
Back when I did dual boot, I found I seldom used the Windows partition
because, for the reasons I'd need a Windows machine, it wasn't a very good
one.

If you boot Windows for games, you are far better off buying or building a rig
designed for gaming. Conversely, if you need a fast Linux software development
system, swap out the hard disk of any decent Core i7 machine for an SSD, which
will usually be smaller than the rotating media, which makes dual booting less
attractive. And if you are shopping for a Linux machine that's less likely to
be a hassle in any way, look for one that uses Intel graphics and has no 3rd
party GPU.

------
Mikeb85
This is why you should buy machines meant to run Linux, or known to run it
well... System76, Dell dev laptop, ThinkPads, and custom parts for a desktop.

If you do your homework, you'll always have a perfectly functioning system. My
ThinkPad runs Ubuntu (and Suse) like they were meant for each other.

And dual booting is always a PITA... Just delete Windows...

------
xarball
I want to make this very clear:

Dual-booting with UEFI is entirely possible, provided that your hardware
allows entering EFI vars manually, in a SIGNED OS ENVIRONMENT. Every comment
I've seen thus far doesn't seem to grasp that this is MANDATORY before you
have the ability to finish installing a new bootloader. This is how UEFI
_protects itself_ from unauthorized OS signing!

I have my own custom EFI vars set up with grub2 running on a GPT partition
table, all booting beside windows, as purely as the air you breathe, and I'm
loading custom Linux kernels daily and haven't ran into an issue since I
originally set it up. Grub2 itself is my primary boot partition, which can
then jump into the windows boot manager on the other disk.

Grub2 itself has the capacity to act as a custom-signed EFI boot partition
(Not sure if I've got the wording on that correct -- but the gist is there!).
This means grub can be what your bios looks for the signature from. You don't
absolutely need your kernel to be signed, provided you can get a signature
produced from grub, OR you have the ability to write one while in a signed
O/S.

IF you want the easiest approach, look no further than any Linux distribution
that purchased a key to find such a signed environment that permits the
further writing of EFI variables.

Or, even easier -- just write then boot grub 2's EFI-signed bootloader to a
usb key to get started. After that, writing a new OS entry to UEFI should be
the most straightforward thing to do in the world!

*(You can even boot any kernel in the world with such a signed grub2 USB disk!)

------
linuxhansl
The other part that really bugs me is that I cannot buy laptops without
Windows from a lot of vendors.

First thing I do is wipe any Windows/Recovery partition from the drive and
install Linux. Yet, I know that Microsoft got their cut and there is nothing I
can do about it.

How this passes any reasonable antitrust test is beyond my comprehension; on
the other hand what we call capitalism these days has not much to do with
actual capitalism, so maybe I should not be surprised.

------
girvo
All of this faff is the reason why my next laptop will be purchased with Linux
already on it. System76, most likely, although I want the Dell XPS 13
Developer edition--you can't buy one from Australia. Which annoys me to no end
(and if any lovely soul in the US feels like helping me...)

For me, day to day, Linux makes an amazing desktop and development machine.
It's been 7 years since I ran a Windows computer daily (although my iMac has a
Bootcamp partition for DayZ), and I don't miss it, so I'm voting with my
wallet. If you'd told me I could do that a decade ago, I would have thought
you were nuts, but I'm happy that's the case now. I understand the Secure boot
frustration, but without needing to dual boot it's a lot easier.

We've ceded a lot of control, and yet I wonder if we ever had a real say in
the matter. Oh well, I can buy Linux laptops, and that's what matters to me.
Heck, it might be easier to get _them_ to dual boot than a Windows laptop ;)

------
HeyImAlex
Girlfriends laptop is an HP pavilion g7 and no number of tutorials can get
grub to load up on boot. She wants to boot to Ubuntu? Gotta remember to F12
into the bios and manually select it...

But it seems like this is less of a UEFI issue and more of an HP shitty UEFI
issue, since plenty of other manufacturers don't cause any problems.

------
r0h1n
This seems to be an explanation of how to install Ubuntu on an Acer laptop
with Windows 8 -
[http://ubuntuforums.org/showthread.php?t=2176273&s=3a5c2ecb6...](http://ubuntuforums.org/showthread.php?t=2176273&s=3a5c2ecb6245df86e17a7e1536084324&p=12800489#post12800489)

I can't believe how convoluted and snafu-prone the process appears to be. I
bought my Aspire V7 laptop in December and have never gotten around to
installing Ubuntu on it simply because I dread the almost-guaranteed loss of
1-2 working days trying to undo whatever screwups happen.

I can't imagine even one lay, non-Linux lover even thinking of attempting
something like this.

------
zokier
I guess you get what you pay for;
[http://i.imgur.com/wZcxCGZ.jpg](http://i.imgur.com/wZcxCGZ.jpg)

~~~
junto
Or more appropriately, you get what you don't pay for! :-)

------
anon4
Strange.

When I built my current PC, I specifically set it up to boot in UEFI mode with
secureboot disabled, so that windows won't thrash the mbr. Then I happily
installed arch, everything worked fine (even though the double-bootloader,
i.e. UEFI->grub->linux still makes me queasy).

The only trouble was when afterwards I tried installing windows. At least at
the time, windows 7 DVDs weren't able to boot in UEFI mode, therefore weren't
able to use the GPT-partitioned hard-disk. The fix was easy enough at least -
just copy the bootloader to the correct location on the DVD and it boots just
fine.

------
listic
I plan to buy Microsoft Surface Pro 2 [http://www.microsoft.com/surface/en-
us/products/surface-pro-...](http://www.microsoft.com/surface/en-
us/products/surface-pro-2) and install Ubuntu 14.04 on it, however
idiosyncratic that may sound: from reading the reviews, I like this hardware
and I want its features (note that 64/12). I choose a model with 256GB SSD
because it has 8GB RAM. I'm aware of numerous issues with Surface Pro 2 and
Ubuntu
[http://ubuntuforums.org/showthread.php?t=2183946](http://ubuntuforums.org/showthread.php?t=2183946)
but I'm counting on 1) making it all work with community's support, as have
some people in that thread 2) things improving in 14.04.

I would use it solely with Ubuntu, but I'm not sure whether I can make Ubuntu
run in a usable state right away, so I might dual-boot.

What should I know beforehand about running Linux on UEFI computers before my
Surface Pro 2 arrives?

------
sherr
A lot of commentary here and in the article was worrying to me. Directly
relevant since I bought a cheap (good value) Lenovo G510 laptop today that
came with Win 8.1.

I didn't want to use Windows at all, just boot Clonezilla straightaway, clone
the HDD and then install Debian. No go on booting from CD - "not allowed" due
to the security setup. Ah, OK .. so it then boots Win 8.1 and I had to go
through various Windows setups I wanted to avoid before rebooting and trying
again.

It was then I had to figure out the BIOS side of things and saw it was all
UEFI. I just turned it off and switched to "legacy" mode (BIOS legacy I
assume) and disabled secure boot. Cloned the HDD, booted the Debian Testing
CDROM and now have a "Jessie" install on it.

~~~
voltagex_
Lenovo laptops will boot the beta/new Clonezilla fine. Just disable Secure
Boot. Debian will boot in about 5 seconds with UEFI and an SSD.

------
mahouse
So, I have a Lenovo laptop, running dual boot (formerly Gentoo, now Ubuntu)
with Windows on UEFI using rEFInd. Zero problems so far. Am I lucky or what?!

~~~
fhars
You are at least lucky that you didn't run into this issue
[https://plus.google.com/+MarcMERLIN/posts/4RDPCGYCDWq](https://plus.google.com/+MarcMERLIN/posts/4RDPCGYCDWq)
where booting linux on certain UEFI enabled Thinkpads would reproducibly brick
the machine.

~~~
cannam
I have that machine, and I run Linux on it. His post was quite valuable, and
that was obviously a bit of a horror on Lenovo's part, but it looks as if a
subsequent BIOS update fixed it -- or at least I got a newer version of the
BIOS than he refers to and I didn't get bricked.

The machine has a terrible single-button trackpad arrangement, but is
otherwise fabulously good as a Linux development box.

(I do also run Windows, in a VM rather than dual-booting)

------
nitrogen
I'm still using a BIOS-based i7 system with a successful and stable triple-
boot setup with XP (for some old music software), W7 (for games), and Linux
(for work and everything else). It sounds from comments here I may be in for
an adventure when I upgrade to a UEFI system, though the UEFI workstation I
have at work seems to handle dual-booting fine.

------
pyre
I don't get how UEFI is still "getting the kinks worked out." Hasn't Apple
been using it since they converted to Intel? How many years ago was that? How
long does it take to "get the kinks worked out?" Or is this more of an issue
between Windows / Linux implementations of UEFI support?

~~~
rapala
It's the classical problem of a standard that nobody actually follows. Every
UEFI firmware that I have come across has behaved differently.

My current laptop has an UEFI implementation that only boots from a hardcoded
path in the EFI partition. You guessed right, the path of the windows 8
bootloader.

The UEFI in my home server overwrites the UEFI boot manager list every time
you save & exit the configuration tool.

If I remember correctly, the UEFI implementation of a MBP that my friend and I
tried to make dual boot Ubuntu required a blessed HFS boot partition for every
OS.

~~~
zanny
I'm really biased against Intel processors now because of this - I endure my
distaste for how horribly documented and black box their parts are, but the
fact their firmware for going on 6 generations has no documentation to enable
coreboot on these boards drives me to AMD.

Yea, they don't open up all their stuff, but if you dig around you can usually
find a board on most chipsets that works with coreboot. That gets my purchase.
Plus they are doing good work with the radeonSI mesa driver, even if they
still pack binary power firmware with it (I've read a few articles decompiling
and inspecting it to know it is mostly just init command code to start the
hardware).

------
kclay
I ran into this problem with an Acer laptop, somehow I got it working by
disabling something in the bios (think legacy mode) then installed ubuntu from
live cd and made that my boot loader. Ended up returning the laptop since I
didn't like win8 and got a thinkpad T530 and mostly use ubuntu on it.

------
harrystone
No problems here, I just don't dual boot. I recently got a new machine at work
and the first thing I did was wipe it and install Slackware. It was my maiden
voyage with UEFI which was a pain in the ass but no big deal.

------
annasaru
I am forced to dual boot because my colleagues use Skype. Luckily, my laptop
has a mSata slot , so a 128 Gb card dedicated to Linux. Never been an issue
with dual booting my Thinkpad.

~~~
Tobu
Skype is available on Linux. On Ubuntu, it's in the "partner" repo.

~~~
listic
Yep, my only problem with Skype on Linux is that is an older version. Mumble
taught me to use Push-to-talk, but it is only available on a newer version of
Skype.

------
plg
Seems like a business opportunity: for companies to make their own linux
friendly hardware ... or to modify existing laptops to be linux friendly.

------
blueskin_
Restricted Boot has been worked around for some time with Shim.

