Windows 8 Secure Boot – or How Microsoft Is Riling Up the Linux Masses

What a difference a week makes.

It was just the other day that Linux bloggers were celebrating the news from researcher Net Applications that desktop Linux had surged in popularity in recent months.

Now, the mood in the blogosphere has plummeted once again as a result of the latest developments on the Windows 8 front. Secure Boot, that is — a topic astute readers may remember from last fall but that lately seems to have taken a turn for the worse.

Exhibit A: “Microsoft confirms UEFI fears, locks down ARM devices,” as the Software Freedom Law Center (SFLC) recentlysummed it up.

Exhibit B: “Why UEFI secure boot is difficult for Linux,” in which Red Hat developer Matthew Garrett explains why things aren’t looking much better on Windows 8 PCs.

Bottom line? “The Controversy Continues,” as it was put at PCWorld.

‘The Exact Thing They Said They Wouldn’t Do’

“Controversy,” of course, is Linux Girl’s middle name, so she whipped out her Quick Quotes Quill and started taking notes.

“And there we have it,” began consultant and Slashdot blogger Gerhard Mack down at the Linux blogosphere’s rowdy Punchy Penguin Saloon last Friday. “Microsoft is doing the exact thing they said they wouldn’t do, and I still can’t imagine how they think this will actually make things more secure.

“I buy PCs based on my ability to do what I want with them, and the same goes for my mobile phone,” Mack added. “I don’t tolerate Android makers with locked boot loaders, and I already wouldn’t buy an iPhone or iPod. This is just one more set of products I will never spend money on.”

Barbara Hudson, a blogger on Slashdot who goes by “Tom” on the site, had even more choice words on the issue.

‘They Need Software Viagra’

“Nasty, short-sighted, and if you think about it for a moment, a blatant admission that Microsoft, despite having a golden opportunity to abandon all their previous deficient coding practices and cruft when moving to new hardware, still isn’t able to produce an OS that is more than semi-hardened,” Hudson told Linux Girl.

“They need to see a doctor to get some software Viagra,” Hudson added.

“This is not about security,” blogger Robert Pogson agreed. “The local user can always compromise a PC in hand one way or another.”

Rather, “this is about creating a rejuvenated monopoly on ARM,” Pogson asserted.

‘Good-Bye, M$’

Fortunately, “it won’t work, Pogson predicted. “The OEMs have seen FLOSS sell like hotcakes on ARM and they know it is profitable. They no longer need M$ to ensure profitability.”

Some will “produce ARMed units to please M$, but consumers won’t buy them because they know they no longer need M$ on small cheap computers,” he added. “Other initiatives of Wintel will fail similarly: ultrabooks and ‘8’ on anything. ‘7’ on x86/amd64 could not save M$ from a drop in revenue; ‘8’ will not either on ARM or x86/amd64.”

With “an effective monopoly on retail shelves, M$ cannot get more than 60 million PCs per quarter to take their license,” Pogson pointed out. “30 million are installing something else — old copies of XP or GNU/Linux. The world is tired of their old monopoly and wary of a new one. Good-bye, M$.”

‘Microsoft Products Dominate Shelf Space’

Indeed, it’s the purchase decision that Hyperlogos blogger Martin Espinoza was focused on.

“I participated in some spirited conversation on this issue with some apparent astroturfers who insisted that if I don’t like hardware which denies my right to choose what software I’d like to run on it, my sole recourse is not to buy it,” Espinoza told Linux Girl.

“This, of course, ignores numerous issues, including the secondary market,” he pointed out.

“It is a valid point in that when we purchase this hardware we are funding our own abuse, but the simple truth is that the masses purchase that which is presented to them, and Microsoft products dominate shelf space,” Espinoza concluded. “When the choices presented are Windows on x86 and Windows on ARM, the user will end up with ‘secure’ boot either way.”

‘One Less Sticker to Gum Up the Screen’

Of course, tablet vendors that don’t follow Microsoft’s specifications will suffer only by having to ship Win8 ARM tablets without “Windows Hardware Quality Certification (WHQC),” Hudson pointed out.

“Consumers don’t look for it anyway, and one less sticker on a touch device is one less sticker to gum up the touch-screen,” she noted. “And let’s not forget all those folks who got burned in the past because the sticker said ‘Vista-compatible’ and found out the hard way that their definition of ‘compatible’ differs from Microsoft Marketing.”

In fact, “I can see it getting to the point where the more clued-in corporate types will specify systems that are NOT certified, not only to have the option of using another OS, but more importantly (from their perspective) to be able to continue to run and restore devices long after Microsoft abandons them to the wolves or tries to disable the OS remotely ‘because it’s no longer supported,'” Hudson suggested.

‘It’s Entirely at Your Own Risk’

“With Microsoft ramping up its release cycle so as to be able to obsolete older systems quicker (and both generate more revenue and reduce both the time frame and support costs for older releases), WHQC on ARM is the new purple flavor-aid,” she added. “Drink it if you really want to, but it’s entirely at your own risk.

“Besides, if the sticker says Microsoft, it’s pretty much guaranteed that someone will be able to p0wn it anyway, probably before the devices even appear in stores,” Hudson said.

“This is a much juicer target than the Sony PlayStation ever was, and a multitude of different devices offers a much greater attack surface,” she concluded. “What this means is that the more hardware vendors offer certified versions of Win8 on ARM, the quicker it will be broken.”

‘You Would NEVER Buy the Device!’

Slashdot blogger hairyfeet couldn’t understand why Linux users would care about Microsoft’s plans.

“I mean, do you see them screaming at how iPads can only boot iOS?” he mused. “This is just another case of MSFT aping Apple, which has been pretty much Ballmer’s entire game plan since becoming CEO.”

Besides, “ARM is the exact opposite of x86 — you can’t just slap anything on ARM because the chips and boards are all custom,” he explained. “It’s not like x86, where you can list virtually every chip manufacturer on two hands with fingers left over; everything in ARM land is a one-off design and rarely will even two units by the same company have a layout close enough for a generic OS to work.”

Plus, “in the end none of this should matter to Linux users as a whole because you would NEVER buy the device anyway!” hairyfeet concluded. “It would be like me complaining about the ashtray design in the Mini; since I’m never gonna buy a mini, why would i bloody complain about its ashtray design?”

‘Microsoft’s Motives Remain the Same’

The whole situation is “tricky ground to navigate,” Slashdot blogger yagu told Linux Girl. “Linux is too popular and Microsoft I hope remains legally vulnerable when they maneuver in any way to restrict unencumbered competition.”

There are multiple layers to the story, yagu explained; the trick is peeling them away to determine what the reality is.

“The trusting (ironic this is all about Trusted Computing) side of me wants to believe this is just a spec from Microsoft to ensure their OS runs correctly on hardware platforms,” yagu said. “But history, track record, and all evidence to Microsoft’s tactics since forever make me nervous…

“I’m quite convinced (my opinion) Microsoft’s motives remain the same as always,” he concluded. “Under the guise of ‘innocent’ specs, Microsoft would like nothing more than to lock out Linux.”

‘An Army of Lawyers’

Last but not least, Chris Travers, a Slashdot blogger who works on the LedgerSMB project, pondered several questions.

“The first is whether antitrust law effectively provides a remedy for Linux distributors,” he said. “At this point, Microsoft has a hard time arguing to US courts that they don’t have a monopoly in PC-space (though on mobile devices, this is different, and they probably don’t), and this seems like the sort of behavior that’s classically banned under the Sherman Act.”

When Ralph Nader “characterized the consent decree as requiring an army of lawyers to enforce in the wake of Microsoft’s loss in the DoJ’s antitrust suit against them, my first thought was that such an army of lawyers already existed and would tear Microsoft to pieces if they weren’t careful,” Travers explained. “It seems that this is a good test of this theory.”

Travers’ second question, meanwhile, “is whether this can be attacked not only in the US but in the EU on antitrust grounds,” he told Linux Girl. “The EU has a different tradition of antitrust law, but it may be applicable here too, and action there may be helpful.”

In any case, “seems to me to be a profitable opportunity for an army of lawyers,” Travers concluded.