UEFI secure boot is not required to run Windows 8.
It is required to slap a Windows 8 logo on a new machine.
That is a decision made by hardware vendors, not Microsoft. Since it is hard to imagine a serious advertising campaign based around a competitor's lack of such logos, such decisions reflect the desktop Linux market.
I suspect that hardware vendors are happy to make desktop Linux harder to install because I vividly imagine indignant support calls from novice Linux installers adopting FOSS as an ideology.
Agreed. Such decisions reflect Microsoft's unrivaled power to strongarm cash-strapped and desperate vendors into whatever schemes they choose. I hope the EU is watching.
See "Windows Hardware Certification Requirements for Client and Server Systems" , requirement "System.Fundamentals.Firmware.UEFISecureBoot", items 17 and 18.
> On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup.
To be more precise, this is only true for non-ARM systems. This is evil, since it's entirely possible to have an ARM desktop/laptop, and I really hope there's some kind of anti-trust legislation here. At least Apple offers a way to boot into an alternative OS, even though it is still a bit locked down.
I'm currently in school and I see a surprising number of students using Ubuntu, even outside the CS department. Not a lot, by any means, but more than I would have guessed. I wonder how many of them would be using it if it required a weird workaround or really anything more than "put the disc in and reboot".
Well, "put the disc in and reboot" doesn't work right now on most PCs, does it? You have to go into the BIOS and change the boot order, or pull up the boot menu to make a custom selection.
As we in this community are probably all aware, even small obstacles like having to enter a name or type a credit card number can drastically reduce conversion rates on the web. I think this is a reasonable analogue. Even objectively small obstacles can be important.
> Even if there is a boot menu, that is still much less scary than having to hunt through a series of menus to find and change an obscure setting.
My mom heard
> Even if there is a scary series of menus to find and change an obscure setting, that is still much less scary than having to hunt through a series of menus to find and change an obscure setting.
Microsoft is so very far from caring about any of this. They and their hardware partners can conceivably do a lot of damage to the Linux desktop experience through indifference, but that's what it is. Indifference.
That last category might grow as people stop needing MS Office (reminder, we're talking about consumers here, not businesses) and other Windows-only products.
A secure BIOS that is unfriendly to alternative operating systems throws up a low, but possibly significant, barrier that could keep people from moving to Ubuntu and similar.
ARM systems designed for Windows 8 have the same requirement, and additionally must not allow users to disable it or install their own keys.
Prior to the launch, Microsoft said it was actually required that vendors allow Secure Boot to be disabled on x86.
Microsoft changed the spec in the wake of the controversy around UEFI secure boot. The current version of the spec (available from http://msdn.microsoft.com/en-us/library/windows/hardware/hh7...) does mandate the ability to use custom mode or disable UEFI secure boot, for non-ARM systems only.
There are also more hoops the Linux vendors have to jump that are explained in the article:
Also, what I didn't understand myself - is the $99 Fedora has to pay for the key just something they have to pay once? Or do they have to pay $99 for every single machine? Because that would be pretty ridiculous if Microsoft managed to make Linux as expensive as Windows licenses, through UEFI.
But I think the $99 is cheaper and better (given what some idiot bios developers do - remember (IIRC) one link here on HN where the bios would look for 'Microsoft Windows' or 'Red Hat Linux' on boot entries?)
Linux can boot on UEFI systems; the problem here is Secure Boot as configured on Win8 systems simply won't let you boot anything else without the proper signatures (or disabling it).
Windows 8 Professional includes the Hyper-V hypervisor. Many PC's recent enough to have UEFI will have a compatible processor (i3 and later).
For many tasks a virtualized installation probably has adequate performance - contemporary hardware and Hyper-V are pretty powerful relative to the machines of a few tears ago.
Of course, for some, not booting directly to Linux might create a performance concern. For others it is an ideological issue. However, one which is created by the decisions of hardware vendors and market realities, not Microsoft.
These things aren't killer issues, sure, but if there exists a product that doesn't involve doing things the hard way then I'm going to avoid doing things the hard way.
Linux lacks a grandmother friendly user support interface. When something goes wrong, a person of average familiarity with Linux is fucked. Arguments about how often operating systems present such problems are for another debate.
The issue of hardware, is just that, an issue of hardware. A lack of systems upon which it is easy to boot Linux is due to the fit between hardware manufacturer's and the market. At least the situation is better than Android on an iPhone.
Agree, but I'm not sure what you're driving at. I was talking about existing users that want to run Linux as their primary desktop, as they're going to be the market that is affected by this.
Indeed, I am going so far as to suggest that it may be a market in which hardware manufacturer's are explicitly disinterested due to the potential support costs.
Furthermore, the wide spread expectation that a Linux machine should be less expensive than one with Windows due to the elimination of license fees might make the market even more unattractive to manufacturers.
Supporting Linux is expensive to the point that Red Hat has made a business out of it.
In case anyone's wondering, I did try using Wine, but that was even worse, I'd get weird screen update problems, things would go black, etc. Libre/Open Office wasn't an option either, the client was 100% MS including Project, and compatibility was (and is) a serious issue.
When moving the VM to a server, the raw performance issues went away, but network lag became a pretty serious obstacle when using the GUI. In the end, I ended up just SSHing into the VM, and mounting part of its filesystem using Samba.
(And assuming that I had been able to get a working graphical environment, it's still a very low standard of "working." There are dozens of little annoyances when you're nesting a completely separate window manager inside your current window manager.)
You need decent hardware, I've got a beefy i7 laptop with lots of DRAM and will be adding an additional SSD. You can do better with tower or remoting elsewhere, but it's nice to have the whole environment along sometimes.
Windows 8 has far better security mitigations than a base Ubuntu install.
Secure Boot on x86/x64 machines is required to have an option to disable, or the machine will not get Windows 8 certified.