

Linux Is Coming to Windows 8 PCs... Slowly - Garbage
http://ostatic.com/blog/linux-is-coming-to-windows-8-pcs-slowly

======
kylec
This whole UEFI secure boot thing is a deliberate attempt to lock out
competing third party OSs. I'm surprised there haven't been antitrust
inquiries in the US or EU about it.

~~~
brudgers
This is a mischaracterization.

UEFI secure boot is not required to run Windows 8.

It is required to slap a Windows 8 logo on a new machine.

That is a decision made by hardware vendors, not Microsoft. Since it is hard
to imagine a serious advertising campaign based around a competitor's lack of
such logos, such decisions reflect the desktop Linux market.

I suspect that hardware vendors are happy to make desktop Linux harder to
install because I vividly imagine indignant support calls from novice Linux
installers adopting FOSS as an ideology.

~~~
Zr40
To be precise, having an optional secure boot is required for the Windows logo
certification. If it cannot be disabled, no logo certification.

See "Windows Hardware Certification Requirements for Client and Server
Systems" [1], requirement "System.Fundamentals.Firmware.UEFISecureBoot", items
17 and 18.

[1] [http://msdn.microsoft.com/en-
us/library/windows/hardware/jj1...](http://msdn.microsoft.com/en-
us/library/windows/hardware/jj128256.aspx)

~~~
beatgammit
From your link:

> On non-ARM systems, it is required to implement the ability to disable
> Secure Boot via firmware setup.

To be more precise, this is only true for non-ARM systems. This is evil, since
it's entirely possible to have an ARM desktop/laptop, and I really hope
there's some kind of anti-trust legislation here. At least Apple offers a way
to boot into an alternative OS, even though it is still a bit locked down.

~~~
brudgers
What way is offered by Apple to boot other OS's on their ARM devices such as
iPads, iPods, and iPhones?

------
glesica
It seems like what MS may be getting (or trying to get), at least in part,
from this is a return to (or continuation of, I suppose) GNU/Linux as strictly
an "enthusiast" OS. A BIOS tweak won't stop me, but it would definitely stop
my mom.

I'm currently in school and I see a surprising number of students using
Ubuntu, even outside the CS department. Not a lot, by any means, but more than
I would have guessed. I wonder how many of them would be using it if it
required a weird workaround or really anything more than "put the disc in and
reboot".

~~~
w1ntermute
> I wonder how many of them would be using it if it required a weird
> workaround or really anything more than "put the disc in and reboot".

Well, "put the disc in and reboot" doesn't work right now on most PCs, does
it? You have to go into the BIOS and change the boot order, or pull up the
boot menu to make a custom selection.

~~~
glesica
It worked on the Thinkpad I bought a few weeks ago... I think most machines
are configured to boot from the optical drive first. Even if there is a boot
menu, that is still much less scary than having to hunt through a series of
menus to find and change an obscure setting.

As we in this community are probably all aware, even small obstacles like
having to enter a name or type a credit card number can drastically reduce
conversion rates on the web. I think this is a reasonable analogue. Even
objectively small obstacles can be important.

~~~
taejo
You said

> Even if there is a boot menu, that is still much less scary than having to
> hunt through a series of menus to find and change an obscure setting.

My mom heard

> Even if there is a scary series of menus to find and change an obscure
> setting, that is still much less scary than having to hunt through a series
> of menus to find and change an obscure setting.

------
techsupporter
Aren't the only systems that are "required" to have UEFI Secure Boot--and to
prevent end user disabling of this setting--based on ARM? I was under the
impression that nothing had changed for the x86 architecture.

~~~
JoshTriplett
x86 vendors that want to qualify for the "Designed for Windows 8" logo program
have to include UEFI secure boot and enable it by default, though they can
allow users to disable it or install their own keys. That creates an extra
hoop to jump through to install anything other than Windows 8.

ARM systems designed for Windows 8 have the same requirement, and additionally
must not allow users to disable it or install their own keys.

~~~
freehunter
>though they can allow users to disable it or install their own keys

Prior to the launch, Microsoft said it was actually _required_ that vendors
allow Secure Boot to be disabled on x86.

~~~
JoshTriplett
Other way around: the original spec did _not_ require vendors to support
disabling UEFI secure boot or using "custom mode" (meaning installing your own
key). See <http://mjg59.livejournal.com/139232.html> for one reference to
that: "Windows 8 certification does not require that the user be able to
disable UEFI secure boot, and we've already been informed by hardware vendors
that some hardware will not have this option."

Microsoft changed the spec in the wake of the controversy around UEFI secure
boot. The current version of the spec (available from
[http://msdn.microsoft.com/en-
us/library/windows/hardware/hh7...](http://msdn.microsoft.com/en-
us/library/windows/hardware/hh748200)) does mandate the ability to use custom
mode or disable UEFI secure boot, for non-ARM systems only.

------
liljimmytables
I wonder if this will have an implication for running Linux on Surfaces, I
hope it does because they're a very neat (and affordable - inb4 Asus
Transformer) piece of hardware but I have little use for another Windows
machine.

~~~
mjg59
The Surface doesn't carry the third-party signing key, so in the absence of a
flaw in the firmware implementation you're not going to be able to run
anything other than Windows.

~~~
liljimmytables
That's great info, thanks. Disappointing but gratefully received.

------
sudonim
Reminds me of when apple switched to intel hardware and it was believed that
you couldn't boot windows. Throw some money after it and people will find a
way.

~~~
ConstantineXVI
Booting Windows on x86 Macs (pre-Boot Camp) was mainly a problem of hardware
support; Windows simply didn't support booting via UEFI in 2006, and Macs
didn't ship with BIOS emulation.

Linux can boot on UEFI systems; the problem here is Secure Boot as configured
on Win8 systems simply won't let you boot anything else without the proper
signatures (or disabling it).

------
brudgers
_"Installing Linux on most Windows 8 computers is still no easy task."_

Windows 8 Professional includes the Hyper-V hypervisor. Many PC's recent
enough to have UEFI will have a compatible processor (i3 and later).

For many tasks a virtualized installation probably has adequate performance -
contemporary hardware and Hyper-V are pretty powerful relative to the machines
of a few tears ago.

Of course, for some, not booting directly to Linux might create a performance
concern. For others it is an ideological issue. However, one which is created
by the decisions of hardware vendors and market realities, not Microsoft.

~~~
k_bx
While "virtualization of everything" seemed like a real future few years ago,
at my experience of having Ubuntu installed as virtual machine for coworkers
that use windows (but have to do python on linux) -- it completely suck. We
ended out either having separate machines or just finding alternatives to
windows-apps for those people.

~~~
LeafStorm
I tried this at my office in August. When hosting the VM on my (somewhat old)
laptop, raw performance was the issue -- there wasn't enough RAM and CPU to
run both Win7 and the VM concurrently, and as an intern I couldn't justify the
laptop upgrade.

When moving the VM to a server, the raw performance issues went away, but
network lag became a pretty serious obstacle when using the GUI. In the end, I
ended up just SSHing into the VM, and mounting part of its filesystem using
Samba.

(And assuming that I had been able to get a working graphical environment,
it's still a very low standard of "working." There are dozens of little
annoyances when you're nesting a completely separate window manager inside
your current window manager.)

------
edandersen
UEFI Secure Boot on ARM machines (Windows RT) cannot be disabled but this is
to protect revenue, not the machine. This allows subsidized hardware, hoping
that Windows Store app sales will make up for the loss. This is the same
business model as the Xbox.

Secure Boot on x86/x64 machines is required to have an option to disable, or
the machine will not get Windows 8 certified.

------
looser
One more pubkey/privkey layer I assume. Some people think that several locked
doors are more secure. I shall say that several locked doors would be more
secure if the time is limited for the intruder. We, from the hacking world,
have a good amount of time to unlock this one more layer. Well well well, one
more layer that does nothing but prevents computers from computing.

