Printed from http://www.electronista.com

Windows 8 secure boot spurs OS lock fears, Microsoft answers

updated 11:55 pm EDT, Thu September 22, 2011

Microsoft says Windows 8 secure boot non-issue

Microsoft's Tony Mangefeste in a response to early adopters tried to calm down fears that Windows 8 might be used to shut out Linux or competing operating systems. After Red Hat engineer Matt Garrett worried that the UEFI firmware's secure boot feature could be used to exclude non-official operating systems, Sinofsky stepped in to clarify that it was part of the spec and not Microsoft's policy. The code is also an optional policy that, even when active, could still let someone install another OS without a flag preventing the new OS from running.

PC builders can both set which party has control over the security certificates used to greenlight an OS as well as letting customers load certificates themselves.

Secure booting is designed to prevent against viruses and other rogue code that would execute before the OS itself has actually started, compromising Windows or any other platform before it has had a chance to raise defenses. Traditional BIOSes, such as those still used on many Windows PCs, aren't complex enough to check for a certificate on startup and can easily let through such attacks. In addition to white lists of known good operating systems, they can also watch for blacklisted code and stop it from loading.

Microsoft's policies on UEFI still leave concerns. As the company requires UEFI to get a Windows 8 certification sticker but doesn't have a rule mandating support for other operating systems, officially approved PCs could be limited to running Windows only if the PC builder doesn't want or care about the policy.

Pushing UEFI is a form of catch-up for Windows. Apple has had regular EFI since 2006 so that it could recreate and move beyond the features of PowerPC's Open Firmware when it switched to Intel. The Mac producer has accommodated loading Windows from EFI since the outset through Boot Camp.





By Electronista Staff
toggle

Comments

  1. MisterMe

    Fresh-Faced Recruit

    Joined: May 2007

    -1

    Too cute by half

    Those who suspect Microsoft's motives are justified in their concerns. Microsoft dropped support for EFI in Windows Vista after Apple announced the switch to Intel and EFI. So the Redmond monopoly has rediscovered the EFI religion. Why? Why now?

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0

    or

    Maybe they just dropped EFI because it wasn't prevalent enough (at all) to warrant getting it to work 100% correct. You know, like how they dropped so much from Vista to get it out the door.

  1. BigMac2

    Forum Regular

    Joined: Dec 2000

    0

    How does it apply...

    To any existing PC who all still using the old BIOS? Beside Apple does someone else is using EFI yet?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Tablo DVR

With over-the-top content options growing past Hulu and Netflix, consumers may be finding it harder to justify paying a monthly fee fo ...

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Sponsor

toggle

Most Commented

 
toggle

Popular News