Hacker News new | comments | show | ask | jobs | submit login
Microsoft Bans Linux/Android Dual-Booting on Windows 8 ARM Devices (dailytech.com)
146 points by mtgx 1693 days ago | hide | past | web | 133 comments | favorite

I think the real issue with this is that it stops manufacturers from bundling Windows RT with Android. Take Asus for example. They've just made their "big" announcement which everyone thought it would be a dual-booting Windows RT/Android machine, and it turns out it's just Windows with the Bluestacks program that can make it run Android apps inside Windows.

I find that pretty silly, and I don't see a real reason why they didn't just make the machine dual-boot both Windows and Android. If users want Android apps inside Windows, they can download Bluestacks themselves. So the only explanation is that Microsoft is coercing manufacturers into not allowing Android or other OS's alongside Windows.

If they are doing this now, and more Linux vendors start asking for Microsoft's "permission" to boot their OS on the Windows machines with UEFI, what's to stop Microsoft from denying a UEFI license to someone who's starting to become a "real" competitor to Windows (like Android is, in some cases)? What if Ubuntu gets to 10% market share in the next 5 years, and keeps growing? Will they keep giving Canonical the UEFI license? What's guaranteeing that they will, if they are already banning Android from the Windows RT machines?

You're absolutely right. This announcement is all about money more than OS religion.

The expectation and Microsoft's fear was that manufacturers would take the marketing money (i.e. the Win8 subsidy) that Microsoft is paying out the wazoo and hedge OS bets by also including Android. Acer and Asus don't care what OS they run so long as it keeps them in the race against Apple. They're happy to let Microsoft pay them money to market their devices if it means they have to include "apps" (and in this case app := OS).

Microsoft wasn't willing to subsidize devices that run Android because it views Android as a competitor rather than an enemy-of-my-enemy. Given Apple's clear cost advantage, it would have been interesting to see such a Android+Win8+subsidy bet play out. Microsoft might have been able to dislodge marketshare enough during the year that Microsoft comes out ahead next year with SP1. Alas, the business case will slightly less interesting.

>I think the real issue with this is that it stops manufacturers from bundling Windows RT with Android. Take Asus for example. They've just made their "big" announcement which everyone thought it would be a dual-booting Windows RT/Android machine, and it turns out it's just Windows with the Bluestacks program that can make it run Android apps inside Windows.

Everyone thought something that everyone else knew wouldn't happen from about 6 months? That article you submitted is from January.

Also, do you have any references to everyone thinking Asus's big announcement will be an Windows RT/Android hybrid?

The quotations say nothing of the sort. A vendor could provide a dual-boot device providing they have an Android bootloader signed with Microsoft's signing key, which is a service that Microsoft will be providing.

A more open question is whether any of the existing Linux vendors will be doing this. Fedora is willing to use Microsoft's signing service for x86 because users will be able to disable the feature or enrol their own keys. We're not willing to do that for ARM because users won't have that freedom and so wouldn't be able to replace components like the kernel.

"...a service that Microsoft will be providing." It's now a 'service' to unlock the 'universal' in the 'universal Turing Machine' in my hand?!

a patent-pending service as well

>"A more open question is whether any of the existing Linux vendors will be doing this."

The Market Economics Fairy predicts that they will not given the limited number of people who are interested in dual booting a tablet and the diversity of device configurations likely to be manufactured.

Limited number? Quite a few enthusiasts will buy x86 tablets JUST for this purpose. Sure, enthusiasts, but enthusiasts also drive Linux to some extent.

The enthusiast market + the small business market for Linux is so small that no significant manufacturer builds Linux laptops for the consumer segment. The enthusiast Linux tablet market will probably be rather smaller.

The service is NOT provided for ARM devices.

edit: I'm sorry to see the child comment downvoted. I am under the impression that user key enrollment is disallowed, but I'm actually not seeing an mechanism by which Microsoft can prevent the signature of ARM based bootloaders.

That having been said, I don't completely understand ARM devices to know if it's plausible to sign an ARM bootloader with the MS key.

edit2: The person y'all downvoted is the guy who wrote the blogpost outlining the Fedora way of handling this issue: http://mjg59.dreamwidth.org/12368.html

You have anything to back up that assertion? It doesn't match what I've been told.

Edit: Right, user key enrolment is impossible on the ARM devices, but we've had no indication that the signing service will be restricted to x86-only.

So your understanding is that manufacturers will still be able to add their own "instant boot" capability for media playback or quick access to contacts, but will have to have the system image signed by Microsoft to do this?

I've said this before and I'll say it again: Microsoft isn't doing this to ban Ubuntu / Linux in general, but to prevent Android from spreading. With ICS being a great OS, many (tech) folks would simply dual-boot ICS on their WinRT devices.

But those people will just figure out a way to do that anyway.

I don't see the point in these decisions to expend likely a lot of time, effort, and money eliminating edge cases.

You never know, if Microsoft allowed it that could open the door to marketing and such that could lead to Win8+Android tablets being mainstream or something.

Not that it would be likely, but I'm sure Microsoft would want to stave off any chance of that happening in the early days of the platform.

Virtualization is better than dual boot anyway. MS better make it run well virtualized.

On hardware that's powerful enough to handle virtualization well, sure.

It looks like ARM has gotten some virtualization extensions recently, but I still have my doubts as to how pleasant the experience would be on sub 1.5GHz processors.

For reference, it absolutely fucking sucks under virtualization.

Along with their apparent restriction of the 'desktop' on arm, this is the reason I lost interest in windows8 on arm. So far a linux + android solution (like ubuntu have demonstrated) seems more powerful and very will also have more apps to start (way to go throw away windows' advantage #1).

It seems quite short-sighted, too, as I see ARM as being a viable laptop platform in the life of windows 8, but MS are restricting it to 'device' status.

Also, we've known this for a long time now.

Windows already had no advantage - all programs would need to be rebuilt for the new platform. That's what killed Windows NT on everything non-x86.

The only apps that will be cross-platform will be WinRT/Metro based ones.

Metro is a set of UI guidelines, not a set of programming tools. Applications built using the Silverlight Framework (not to be confused with the browser plugin) should be suitable for cross platform development because CLR runs on both platforms. CLR remains Microsoft's way of integrating the "write once, run anywhere" philosophy within the Windows ecosystem in order to deal with legacy issues.

Thanks. This whole stack is very confusing to me these days (I once was a Windows developer, one of the first MCPs in Brazil, but that was another life, a very long time ago).

And Android, iOS and OSX are all waiting in line for my attention before I consider learning modern Windows development again. I sincerely hope that, if I wait long enough, I won't need to ;-)

Are you sure you're not describing cross-platform with Windows Phone instead of Windows 8?

I thought for Windows 8, Microsoft is pushing WinRT as the cross-platform solution, and that "binaries" crossing from x86/x64 to arm will work as-is for javascript, as-is (if pure) for CLR, and with no modifications but requiring recompilation for native (C/C++) WinRT apps.

If you're writing in C/C++ rather than C#, then you're off the CLR ranch, so to speak. It's like saying Java isn't portable because a program links to custom libraries written in C.

That said, rumor has it that the next version of Windows Phone will not be Silverlight (though XAML and Silverlight are fairly similar), but based on WinRT.

That's a good thing because it will allow Windows Phone Apps to better integrate Javascript.

>The only apps that will be cross-platform will be WinRT/Metro based ones.

Is this true? The code is cross-platform, but I was under the impression that the executable was not. You still need to compile the app for both X86 and ARM.

Maybe it is the right time to make all this rage converge into contributions to coreboot [1]. A free working alternative is the only practical way out of this future kind of subjection.

Google has already contributed core for some current Ivy Bridge chipsets. It would be nice if coreboot received more testing and development from a broader audience.

[1] http://coreboot.org

Coreboot is a good thing, but it's going to be hard to succeed without hardware vendor support, and that will be hard to build unless people actually want the product.

I work for a VAR. Our preferred vendor was one of the first to market with motherboards that expressly supported Coreboot. We're supporters of OSS, and so are our customers, so we figured that they'd be popular.

We sold only a handful over about two years. Our competitors didn't seem to have much more success, as our vendor didn't continue the experiment into the following motherboard generations.

Shopping for coreboot devices is frustrating. Google returns products containing pictures of legs.

The problem is not the availability of a free alternative. Hardware vendors could already simply choose not to implement secure boot - the default policy is a single configurable switch during the build. The problem is that vendors believe they can make more money by selling hardware that meets Microsoft's requirements. Coreboot doesn't do anything to help there.

> Hardware vendors could already simply choose not to implement secure boot

You are right, but if we had an easily installable coreboot we could just ignore whatever comes with the computer and just flash coreboot over the existing firmware.

This is basically what Linux people have been doing with Windows in the past twenty years: see that Windows is preinstalled, boot a CD, overwrite the partition table, install distro. But this was possible because in most cases the distro you chose was ready to be installed on a whatever computer you had; the same cannot be said of coreboot.

> You are right, but if we had an easily installable coreboot we could just ignore whatever comes with the computer and just flash coreboot over the existing firmware.

No, you couldn't. The move to secure boot means that firmware updates are signed, because otherwise you could disable secure boot simply by pushing out a fake firmware update.

> The move to secure boot means that firmware updates are signed

Does this mean that flashrom will no longer be usable? Not even on boards that allow disabling secure boot?

We've yet to see any mobile device where running another OS than the bundled one have been anything but a nightmare. This is done everywhere, android manufacturers constantly try to lock users in their own android shell, not to mention apple.

These devices are not multipurpose devices, they are built for a specific purpose and tailormade for that and nothing else. It is not in any sense equivalent to desktop/laptop-computers. Which is kind of apparent considering the limitations that Windows Phone, Android and iOS amount to.

Since Microsoft have expressed that secure boot must be optional on x86 it is quite easy to justify this rationally without resorting to the popular "typical evil Microsoft tactics" argument.

I strongly disagree.

>> "These devices are not multipurpose devices".

These devices have chips which can run any algorithm you write. They are not hammers, or even calculators. They are computers. They also have GPS, motion sensors, cameras, and microphones. They are multipurpose enough to make phone calls, play games, run maps, and even power satellites: http://www.nasa.gov/mission_pages/station/main/spheres_smart...

>> Since Microsoft have expressed that secure boot must be optional on x86 it is quite easy to justify this rationally...

Why does doing the right thing in once place give them license to do the wrong thing in another?

I appreciate the security value of secure boot, but ONLY as far as its purpose is to serve the customer. Which means the customer must be able to disable it.

No, they are not computers any more than my clock is a computer. Yes, deep within there is a multipurpose chip that performs the calculations but that is abstracted away. Just as your car isn't a computer, it has multiple computers that aid it but it is not a computer and you have no real interface with the computer itself. Just as my clock, just as my phone, just as my fridge.

I appreciate the security value of secure boot, but ONLY as far as its purpose is to serve the customer. Which means the customer must be able to disable it.

If you can disable it it doesn't serve the customer, because the customer is incompetent and would gladly disable it in exchange for a picture of a cat.

You don't buy a computer, you buy an android/windows/iOS device. Just as you don't buy a computer when you buy an Xbox360 or an PS3 - and because you haven't bought a computer you shouldn't really have any problems with the manufacturer locking you in. Oh, but you wanted a computer? Then buy a computer! Sigh.

I never said I agreed with Microsoft, but it is a rational decision (a rational decision that Apple and pretty much all Android and WP manufacturers have made) that fits well withing the concept of all popular mobile OS's, if you don't buy into that then I guess your only bet is maemo/meego, because you surely don't run WP/android/iOS, right?

People who argue that phones are computers are arguing the nature of a thing is its identity. It seems you are arguing that the intent of a thing is its identity.

Using your argument, if I wrap my desktop PC in a cardboard box with holes for air inlet, air exhaust, and the power cable, and call it a heater, it's no longer a computer, despite having all the bits inside that a computer would have.

I'd much rather decide for myself what something "is", based on what it's actually made of, rather than what the manufacturer wants it to be.

You contradict yourself a little bit. If you decide your PC is a heater, well, then it is one!

It is commercially unviable to sell it to someone third as that, but if you managed that feat, it would be a bit strange if this person then came to you: "You sold me this electric heater, but I looked into it and it is warmed by an especially hot Intel CPU. So I decided it is a PC and despite you are being in the heater-selling-business I want you to not void my warranty when I reflash the firmware so I can install Windows XP to play Solitaire in long cold winter nights."

>> I want you to not void my warranty when I reflash the firmware

That's a different issue. I support the manufacturer saying "we won't guarantee our computer-as-heater will work if you change the software."

What I don't support is "we have have made it legally/physically/cryptographically impossible for you to use the thing you bought however you want to."

If I sell you a watermelon, I'll guarantee its freshness. I'll not guarantee its fitness as a boat anchor, but if you want to try that, go right ahead.

Well, the nature of an android phone isn't a computer, it is an android device. To claim that the PS3 is a Cell-powered computer is about as helpful as claiming that my router is a arm-powered computer, it might be true but that doesn't mean that I can run linux on my router - yet I can run linux on an arm-powered computer.

I'm not arguing that the intent of a thing is its identity - the manufacturers are, and if you buy into that then, well, you buy into that.

All of the devices you mentioned -- Android device, PS3, and router -- are all computers. They are general purpose machines that are programmed for a certain set of tasks. The kinds of devices you mention can all be reprogrammed and are actively reprogrammed by people, sometimes for a similar purpose that they already performed and sometimes for completely different purposes.

Just because I buy a device from Manufacturer X does not mean that said device is and only can be what the manufacturer intended. When I own a device, I have the freedom to tinker with that device, including making that device do something it was never intended to do. That is what I as a hacker love about computing machines: they are what I make them when I reprogram them.

I agree on everything you say.

But that doesn't mean that the manufacturer have to play ball and make it easy for you.

Also, when we as consumers chose the iPhone we at the same said that we don't care the slightest about being able to do what we want with our devices, from a hacker perspective the future isn't looking bright and that is our fault since we buy crap.

Along with the other capable technical takedowns of your argument, might I just add that this is the road to technical serfdom. This is not something to be relaxed into, but to be vigorously fought.

So true. Only problem is that it isn't being fought - we consumers gladly pay for it.

So in all honestly, no matter how bad it sucks. We deserve it.

"Android device" isn't a physical thing. It's an idea, a particular (but not the only) application of a set of physical things. Physical things include CPUs, RAM, PCBs, displays, etc. The whole is exactly the sum of its parts.

Let's see what's in a computer: CPU, RAM, storage, input, output, software. What's in a smartphone? CPU, RAM, storage, input, output, software. Absent manufacturer lockdown or inane laws like the DMCA saying otherwise, they are literally, physically the same things in a different package.

Finally, what does it take for a thing to run Linux? 32-bit CPU, MMU, RAM, storage, input, output. A PS3, a phone, a router, a TiVo -- they all have all those things, and all of them can run Linux. They are all computers.

An Android device most certainly is a physical thing. If not, why isn't the CPU just an idea? A particular application of a set of physical things. Physical things include silicon etc.

Is a car a physical thing?

Yes, you can call it a computer but you could also call it a heap of atoms - both statements are true, but they are pretty much both just as useless to describe what an android device really is.

Again, my clock, my fridge and my washing machine has a CPU, RAM, storage, input, output and software. By the same argument they are literally and physically the same thing in a different package - which of course is true, but also so very very wrong.

Yes, you can call it a computer but you could also call it a heap of atoms - both statements are true, but they are pretty much both just as useless to describe what an android device really is.

I disagree -- knowing something is a computer is knowing that it can be virtually infinitely repurposed. "Computer" is an entirely different kind of thing from anything else, regardless of the form it takes.

[quoted from another post] You guys are completely missing my point.

Don't mistake disagreement for obtuseness.

Also, this thread is too long already, but I wanted to mention the philosophies that seem to be driving our respective arguments: https://en.wikipedia.org/wiki/Reductionism vs. https://en.wikipedia.org/wiki/Deontology

You absolutely can run Linux on a router.

Smartphones and tablets are more powerful than any PC 15-20 years ago. Were those just appliances too?

I think you're trying to justify anti-competitive behavior by making a distinction where there isn't one.

Most probably you can run linux on your router. See https://openwrt.org/ http://www.dd-wrt.com

Your router probably is running Linux already. Most commodity routers do.

You guys are completely missing my point. Even though my router might be an arm-computer that runs linux - I can't even run linux on the damn thing (that binary blob that is shipped with the router could be any OS for I care, it's not as if my experience will be any better or worse if runs linux or DOS when everything is locked down and all I get access to is a simple webserver with an administrative page on)... Just as I can't run any other form of linux than android on my phone.

Yes, there are a lot of exceptions - routers that you can install alternative OS's on, I've installed OpenWRT and DD-WRT myself. But that's beside the point. Just because linux run on arm and my router has a arm cpu doesn't mean I can run linux on it.

I bought a router and I got a router. Then I installed something else on it and I could just as well have been using it to control the curtains in my bedroom instead - and I have every right to do that. Just as the manufacturer has the right to secure their product and in effect lock me out of that ability.

Now, if I had bought a computer that would be in a completely different ball game. But now I bought a router and the manufacturer of that router has no obligation not trying make my life a living hell for even attempting to control my curtains with it.

"But now I bought a router and the manufacturer of that router has no obligation not trying make my life a living hell for even attempting to control my curtains with it."

really? You would have no objections to the router manufacturer trying to make your life a "living hell"?

For the most part manufacturers don't really care about people re purposing their devices for other goals unless it potentially leaves them legally liable for something (e.g a children's toy with small parts being repurposed as food).

People naturally re-purpose things all the time, for example using a bank note to do cocaine , an AOL CD as a coaster , a newspaper or deodorant to kill a wasp etc etc.

In fact a huge amount of human innovation comes from taking an existing thing and using it for something else, going back as far as the original hunters who took tree branches and used them to kill dinner.

The critical thing about computers is that their entire reason for existence is to be repurposed, a computer on it's own is useless.

What we in the software industry are in the business of doing is finding ways to repurpose computers and their entire appeal is that this is so easily done.

I would hate to live in a world where everything has one discreet purpose regardless of it's physical abilities, for example imagine having to purchase a separate TV for every channel you wish to watch.

You actually _can_ in fact run sorts of Linux other than Android on your phone: http://linuxonandroid.blogspot.com/

>> Oh, but you wanted a computer? Then buy a computer!

My long-term concern is that this will no longer be possible.

I'm made quite the cluster out of hacked PS3s. Isn't that in the spirit of Hacker News, anyway?

>This is done everywhere, android manufacturers constantly try to lock users in their own android shell, not to mention apple.

And people still jailbreak/root their devices for numerous reasons. If you buy something, you should be able to do what you want with it. Just because it's designed for one thing doesn't mean it can't do others.

Exception: HP Touchpad. ICS runs great on it.

I've read that the Nokia N9 also does a good job of running ICS.

Other counter examples: Boot2Gecko (runs well & generally demoed on a Samsung Galaxy S2), Ubuntu for Android, ASUS Transformers running various Linux distributions, ...

Because the touchpad had a fairly open bootloader and we built a more versatile one for it based on the same code base (moboot). The bootloader in the OMAP chip also allows booting from usb and does not require the second stage be signed.

That is because WebOS was running a Linux kernel and the hardware was similar to a HTC phone(Sensation?).

Unlike on x86 where windows dominates on ARM there is a different story and linux dominates on ARM, they can lose some market share because of this policy but it seems that microsoft only cares to keep their old strategies no matter what times they live in.

I really don't care about the restrictions on tablets. I figure every OS will have a tablet or two available.

What really bothers me is that ARM-based laptops come under this crud. I have really wanted a modern day replacement for the Psion. Something that gets great battery life and has a decent keyboard. I also want to run a BSD (probably Open), so that is really going to make it a pain.

What's the difference between tablets and laptops? I don't see any differences when it comes to the ability to dual boot. The ASUS Transformer line has been around for a while now, showing that the line between tablet and laptop is blurring. Also, Canonical/Ubuntu seems to be gunning for tablet market share in the future. Do you think they'll have their own hardware?

I don't see any reason to separate out tablets and laptops when talking about dual booting, OS concerns, etc. A tablet is just a laptop with a touch screen and optional rather than mandatory keyboard.

In some respects, laptops are the same as tablets. They serve a purpose, the hardware configuration is controlled by a single entity and they are relatively closed. Yet, you think they are different. The answer is that laptops have always been like they have, and tablets have generally always been in a closed state. There is nothing really 'unique' about a tablet that doesn't make it a general computing device, it just has a different input system.

Now personally I love general purpose hardware, because purposes change, and the software on the device should be able to change with it. I don't think a laptop would be viable for me unless I could change the software. You might bring up phones, but there is a reason for that. They used to be embedded systems, designed for a single purpose (and usable only for that purpose). These days they are general purpose devices that also make phone calls (even if this single purpose drives many design decisions).

I've also done crazy things like install an alternate firmware on my router, why, because it gave me more features. This is why I like general purpose devices, and my freedom to change their software to suit my the specific purposes I want. Tablets aren't fundamentally different from a computer, they just have a different skin.

> What's the difference between tablets and laptops?

Usage patterns. A laptop is just a mobile general purpose computer, to restrict it by restricting say it's OS, you have removed the general purpose nature of the device and this is a loss of functionality.

A tablet on the other hand is an appliance. It has more in common with your toaster, microwave, refrigerator or your DVD player. It is intended to basically do one thing and hopefully do it well. Just like no one really complains that you can't toast bread with a refrigerator, having a tablet sort of locked to one OS isn't exactly that strange of a proposal.

But what about the new line of hybrid devices that are showing up? If I add a touchscreen to a laptop and make the keyboard removable is it a tablet? If I add a keyboard to a tablet is it a laptop. The whole tablet is an appliance/laptop is a computer line or reasoning is flawed from the outset and the lines will only become more and more blurred with time.

Because I see tablets as a device that really needs software that's been design for it. It a package that I buy to have it work out of the box. Tablets aren't laptops without a keyboard, they are their own thing.

Laptops have a long tradition of multiple OSes giving a pretty good experience and being open to multiple OSes.

Apparently as consumers we don't own anything anymore, we are just renting it from our corporate overlords.

You don't have to buy these machines. If you choose to buy it, you've bought a Windows 8 machine and have paid for it. It's not like MS promised you a dual-bootable machine and sold you a single-bootable machine. You know what you're getting, and you can choose whether or not it fits your needs.

> you can choose

Microsoft isn't known for playing nice & allowing competitors to compete fairly. So yes there will be choice, but relying on that as a justification is pretty risky imo. Esp considering MS's standard MO and history.

I hate MS just as the next guy. But Open Thinking (tm) people should no seek freedom (as in speech) through restricting other's (namely, MS) freedom. They have the right to do what they feel like, and we have the choice whether or not to buy them.

(I'm not being snarky)

Well said.

We also have the right to make waves and be loud about the abusive, monopolistic behavior of Microsoft and Apple. http://jailbreakingisnotacrime.org

In this sense the political fight is for our freedom, not a restriction of their sales. If they do sell crippled devices, we'll just do everything we can to make that crippling public, including jailbreaking the devices to show that the emperor(s) have no clothes: DRM is a logical impossibility except through security by obscurity which is no security at all when the person trying to get in (jailbreak the device) has complete physical control over it.

No one has a guaranteed right to profit (the economic kind of profits).

Criticism is not the same as attempting to restrict Microsoft's freedom. Telling others "these guys placed an arbitrary limitation on their product to hinder competition; you should not do business with them" is the free-market way to influence a company's behavior.

I completely agree, and that's what I personally do. I just disagree with some people's opinion that 'Microsoft has no right to do such and such, it's my device. I bought it and so I can do whatever the hell I want to do with it'.

That's not exactly what the grand-grandparent was saying, and I'm not against what he says; I just wanted to add my comment (which I thought would be downvote to oblivion, but funnily, has now a double-digit vote count!!)

>They have the right to do what they feel like

Not when they have the market power to influence the market in a manner that restricts the freedoms of everybody else.

I get that ideally everybody should be allowed to do what they want, but that approach is no good when you're dealing with a company that effectively has a monopoly.

From the article: "Apple has long prevented dual booting to Linux"

This is not true, I have Ubuntu on my MacBook Pro.

The article is about ARM devices, not x86.

Apple makes their own devices. Microsoft is forcing OEMs who would allow dual booting to restrict user choice because they'd rather not compete.

Apple's devices are ARM (that's how ARM works, by licensing designs rather than fabricating chips like Intel).

Implementation detail. Apple sells iPhones, not ARM-based phones. They don't mention "ARM" anywhere in iPhone marketing materials.

They don't have to. It is what it is. The Droid isn't stated as being a Arm Cortex A8 phone. But that's exactly what it is and it's related to what they are stating in the article.

So, if Microsoft bought up Nokia or HTC and made their own Windows RT tablets, people will be better off with no hardware choice like with iOS and there would be no complaining here?

If a company wants to enhance competition between its hardware partners and a hardware choice to the public, they should be forced to not license it on their own terms?

So, now, Microsoft wants to "enhance" competition by making Windows 8 only devices that cannot be upgraded to a non-Microsoft OS.

That's an interesting interpretation of "enhancing".

Lets say a new company called "Cranapple" comes along and releases a new locked down tablet CranPad into the market with their own custom locked down proprietary OS.

Does this act enhance the competition in the tablet market? Serious question.

Microsoft have pretty much bought up Nokia.

rubs his Lumia 710 affectionately

It's not true in the same way about apple's ARM devices either. Microsoft's actions control the hardware's boot code, which (I am assuming) cannot be flashed easily as it's not generic between devices. Apple's control over iPhones is bypass-able via jailbreaking (I've seen iPhones that dual boot android, which wouldn't be possible with a similar restriction.)

Apple make this stuff hard and fiddly (and, on iOS devices, mildly dangerous). Microsoft are making it impossible, if I've understood correctly.

>Apple's control over iPhones is bypass-able via jailbreaking (I've seen iPhones that dual boot android, which wouldn't be possible with a similar restriction.)

Is there really a way to install Android on iPhone 4/4S or the iPad?

Then why aren't a whole bunch of people doing it? Because no one really cares about dual booting a personal device and the associated headaches with keeping things in sync?

I suspect that differences in the way operating systems format and read persistent storage create some interesting technical challenges for a dual boot device.

Me too. You just need the refit to enable multiboot, that's it. I wonder how's it going to be in the future.

[edit] The article is from January[/edit]

Topic discussed previously on Hacker News:



Upshot: If you don't care that your hardware is certified, you don't have to implement secure boot in the way Microsoft requires for certification. You will probably have a few technical challenges, however.

"Upshot: If you don't care that your hardware is certified, you don't have to implement secure boot in the way Microsoft requires for certification."

No, upshot is that for ARM you can't get Windows at all (certified or not) if you allow other operating systems to boot.

Windows certification is not necessarily the same as Windows licensing, and given the history, that is likely to remain the case.

The article conflates the two: "a document that regulates licensing (certification) (pg. 116): "

But Microsoft is clear: "The new Windows Hardware Certification Program (formerly known as the Windows Logo program) makes it easier to certify your hardware for Windows 8. Use the requirements to build and certify your Windows-compatible devices, systems, and filter drivers across all Windows platforms."


Considering that WOA will not be sold separately and how MS touts tight integration with hardware, I'd be willing to make a bet that consumers won't be able to buy an ARM device with WOA that can boot to Linux (without exploits).


"Partners will provide WOA PCs as integrated, end-to-end products that include hardware, firmware, and Windows on ARM software. Windows on ARM software will not be sold or distributed independent of a new WOA PC, just as you would expect from a consumer electronics device that relies on unique and integrated pairings of hardware and software"

Please take a moment to reflect on the current situation before launching the "corporate overlord" and related snark.

Many existing customers effectively do not own what they already have; their systems have been infested with malware and crapplications.

Locked-down bootstraps are the least-bad of a very bad lot of approaches available for dealing with the changes in the user base, and with the increasingly less-experienced and less-DIY users for modern systems.

Security attacks are only getting more subtle, complex and sophisticated. The Microsoft Terminal Server-derived Microsoft code-signing digital certificates is a recent example of the complexity of the environment.

How do you deal with these changes in attacks and with the changes in the user base otherwise, given the numbers of systems out there, and the changes in the knowledge and experience of the user base?

Do any of us like these locked-down bootstraps? Emphatically, no. So figure out another way to ensure this security, get yourself patent or three (and yes, software patents are issued for far too many years) and get yourself rich by solving this problem.

I personally don't see many bootloader attacks these days. Consider that SecureBoot only protects from attacks like this, after bootstraping it is upto the OS to ensure security. So purely from this, I don't think the tradeoffs are worth it. Once you have infastructure like this, it isn't hard for it to be misused (even with good intentions).

What proportion of attacks are stopped by securing the boot loader like 2%? Does anyone really think this will stop most malware?

Anything that cannot boot from USB, SD card, or some externally connected media, should be approached with caution.

If you can boot from external media, then generally you can dual boot. Someone may have to show you how to prepare media for booting, but it's quite easy once you have been shown. Today's PC's all seem to have good support for booting from external media. Are we going to see this removed in ARM devices?

You do not have to shop for devices that have an "open" bootloader. You have to shop for devices that can boot from external media. (For today's PC's, that's quite easy.) If you have a device that can boot from external media, we can show how to do the rest.

Like iOS. Why the shock headline?

Because the iOS policy is unethical (the machine belongs to the user, not apple), and now Microsoft is (attempting) to do it too.

The only way to stop unethical behavior is to punish them. The Library of Congress already ruled that this behavior is unethical, now manufacturers need to be pressured.

For reference as the parent of your comment, I agree 100%

I do however see disparity with general opinion and what is right, which is slightly worrying, hence the original point.

I would love to see an open bootloader for iDevices. However, I do think that there is a difference between Apple, a company who makes their own hardware and have chosen this strategy, and Microsoft, a company who tries to impose their strategy on others (device makers).

In theory, the PC makers are the ones who can choose whether to apply Windows Certification to their devices. Of course, they are in a position where they have no real choice not to, and then we are getting into antitrust territory.

Because it's unpleasant to see an unfortunate anomaly becoming a trend.

Great. If ARM starts dominating laptops as well, nobody will be able to boot Ubuntu or any other Linux distribution on them.

I assume Microsoft will want to have secure booting devices that ship with Windows, because Hollywood and other content producers require a secure OS so their DRM is safer. If they would allow non-secure boot, it might be difficult or impossible to get video and music content licensed from the major producers on the platform.

The real problem with that is that if Metro is successful on Windows 8, that also means that people will have to use only the Windows 8 store in the future, which also means that you won't be able to install apps from websites anymore, just from Microsoft's store. Then, they can just delete whatever apps they don't like or the apps RIAA and MPAA doesn't like.

Because insecure-booting OSes like Windows 7 (and earlier) and Mac OS X have so much trouble getting licensed video and music content...

The situation is a bit different on mobile platforms. Mostly because the field is new and changing, so content producers see an opportunity to require secure boot.

DRM/content licensing was cited by Asus as a reason to ship their Android products with locked bootloaders. I assume the same applies to Microsoft.

It should be noted Secure Boot is not a DRM device in itself, it merely allows you to enforce a chain of trust for an OS to boot. The OS still needs to provide DRM functions itself.

Secure Boot (on ARM) restricts my ability to run whatever the fuck I want on my device. I do not see how this is not Digital Restrictions Mismanagement.

DRM usually refers to mechanisms to digitaly manage rights of content, SecureBoot merely checks that a bootloader is signed by specific keys. Just ensuring people know what's what.

My point is that it's one and the same. You're making distinctions where there are none. Software which I run on my device is content, too. Denying me the right to change or modify that content is the very definition of DRM.

Or what? Hollywood will boycott the entire world?

My speculation is that they are doing this so that they can offer subsidies on the hardware.

Seems possible that there could be 2 options, a Windows option and an unlocked option. You'd think the Windows option would be more expensive. How many vendors are really set up for that?

Windows really took off because of this practice. Vendors would license it based upon total PCs sold, regardless of if they even had windows installed or the customers wanted it. It was so effective that the competition dried up and died in a remarkably short time. This was competition from IBM, you could lump some others in with it BeOS and maybe some early Linux but Big Blue had their ass handed to them which was remarkable. At the time there are a lot more (maybe, maybe not, it seemed like there were a lot more) tier 2 type vendors: name companies with support and such.

I'd argue MS doesn't know how to build market share other than with subsidies or lock-ins and that's what this is. If devs don't pick up Win8 pretty quickly, that ARM tablet isn't going to look so great, why wouldn't you want to try Android with its piles of apps? Then it puts the vendors in a very interesting bind, you have to pick which platform to support, a market leader (Android) or a product from a market leader in a different market. I don't remember the results of the anti-trust but I could see how this is designed to do the same thing but is different enough.

A handful of motherboards now come with 2 BIOS, I think I have an Asus mb with one that you can "tweak" and overclock and then like a failsafe backup. Something like that, maybe with a hardware jumper setting seems like the real solution for your vendors, but that adds some cost. Either that or Win8 just flops, industry wide, that seems like it might be the better solution. There will be win8 tablets at Walmart and Target and such though and million of less technical folks will buy them. I suspect dual boot is dead forever unless someone certifies some sort of kexec like application.

My speculation is so that ARM devices which take advantage of the Microsoft stack are suitable for a wider range of enterprise customers. Think HIPAA rather than "hip."

Isn't that dangerously close to anti-competitive behavior? (i mean noticeably enough to get attention)

If that's the problem, why can't end users "buy off" the bootloader lock if they want to?

MS doesn't need the money, they needs the users.

Then they'd have to admit that the subsidy exists.

The article is much more complex than what it would look like from the title, but it is a good idea to keep the pressure on on Microsoft so that they might "soften their position", as is stated in the article.

Originally Windows 8 x86 certification didn't mandate that a disable option must exist. They changed this because of pressure. They won't soften their position just like that, they have a policy and agenda and they will follow it. Just the fact that they will have a SecureBoot stronghold means they can easily tighten their position. The pain doesn't come from the fences being built, it's from taking them away.

Also, all of this pretty much stops new linux penetration, which is a horrible thing.

The windows 8 x86 certification shouldn't need to mandate that a disable option must exist. It was added because people wouldn't trust manufacturers to support anything but Windows.

The really troubling part of this is UEFI being used as a strong arm scam that depends on MS good will... how did things get to this point. On another point, they can "ban" whatever they want. They also didn't support Windows Phone 7 or allow Android and Ubuntu on my old trusty HTC HD2 and look at it go. Plus, it is just like saying to a child that she cannot have the piece of cake in front of her, if it looks tasty it's going to be munched. Meaning, if the hardware will be good someone somewhere is going to shoe horn it independent of what MS wants.

It gives me great excuse not to use Microsoft Windows then!

I'm not familiar with the specifics of ARM devices. Why couldn't one come later and install Linux+variant of Grub to detect the MBR after the Windows install?

Simply because UEFI will refuse to boot to anything other than Windows

Does anyone have statistics about how many Android devices require signed systems?

Just when we hear chromeos and android about to become one

I did not hear that. Link?


It only increases the subsection of hardware I won't buy. Thanks for making my choice easy.

What subsection of hardware do you buy?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact