Printed from

Windows 8 secure boot spurs OS lock fears, Microsoft answers

updated 11:55 pm EDT, Thu September 22, 2011

Microsoft says Windows 8 secure boot non-issue

Microsoft's Tony Mangefeste in a response to early adopters tried to calm down fears that Windows 8 might be used to shut out Linux or competing operating systems. After Red Hat engineer Matt Garrett worried that the UEFI firmware's secure boot feature could be used to exclude non-official operating systems, Sinofsky stepped in to clarify that it was part of the spec and not Microsoft's policy. The code is also an optional policy that, even when active, could still let someone install another OS without a flag preventing the new OS from running.

PC builders can both set which party has control over the security certificates used to greenlight an OS as well as letting customers load certificates themselves.

Secure booting is designed to prevent against viruses and other rogue code that would execute before the OS itself has actually started, compromising Windows or any other platform before it has had a chance to raise defenses. Traditional BIOSes, such as those still used on many Windows PCs, aren't complex enough to check for a certificate on startup and can easily let through such attacks. In addition to white lists of known good operating systems, they can also watch for blacklisted code and stop it from loading.

Microsoft's policies on UEFI still leave concerns. As the company requires UEFI to get a Windows 8 certification sticker but doesn't have a rule mandating support for other operating systems, officially approved PCs could be limited to running Windows only if the PC builder doesn't want or care about the policy.

Pushing UEFI is a form of catch-up for Windows. Apple has had regular EFI since 2006 so that it could recreate and move beyond the features of PowerPC's Open Firmware when it switched to Intel. The Mac producer has accommodated loading Windows from EFI since the outset through Boot Camp.

By Electronista Staff


  1. MisterMe

    Fresh-Faced Recruit

    Joined: May 2007


    Too cute by half

    Those who suspect Microsoft's motives are justified in their concerns. Microsoft dropped support for EFI in Windows Vista after Apple announced the switch to Intel and EFI. So the Redmond monopoly has rediscovered the EFI religion. Why? Why now?

  1. testudo

    Forum Regular

    Joined: Aug 2001



    Maybe they just dropped EFI because it wasn't prevalent enough (at all) to warrant getting it to work 100% correct. You know, like how they dropped so much from Vista to get it out the door.

  1. BigMac2

    Forum Regular

    Joined: Dec 2000


    How does it apply...

    To any existing PC who all still using the old BIOS? Beside Apple does someone else is using EFI yet?

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Seagate Wireless

It seems like no matter how much internal storage is included today's mobile devices, we, as users, will always find a way to fill the ...

Lenovo Yoga Tablet 2 (Android, 10.1-inch)

Lenovo is building a bigger name for itself year after year, including its devices expanding beyond desktop computers. The company's l ...

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, the process is not exactly something most people put a lot of thought into. Printers are often t ...



Most Commented


Popular News