- Sep 5, 2012
- 718
- 8
- 76
plot to lock other operating systems from Windows 8 devices, but now we know Microsoft was not telling the whole truth.
Journalist Glyn Moody dug around Microsoft's Windows Hardware Certification Requirements for Windows 8 client and server systems and found on page 116 that will Windows 8 Secure Boot can be disabled: on Intel systems, "Disabling Secure [Boot] must not be possible on ARM systems."
What does that mean? According to Aaron Williamson, a lawyer with the Software Freedom Law Center an organization that provides pro-bono legal services to developers of Free and open-source software, Microsoft has wasted no time in effectively banning most alternative operating systems on ARM-based devices that ship with Windows 8.
Microsoft will be doing this by using Unified Extensible Firmware Interface (UEFI), to block block all other operating systems from Windows 8 systems. UEFI is the 21st century's replacement to PC and other devices' BIOS. It's used to set up your computer and make it ready to boot.
Williamson explains, "The Certification Requirements define ... a 'custom' secure boot mode, in which a physically present user can add signatures for alternative operating systems to the system's signature database, allowing the system to boot those operating systems. But for ARM devices, Custom Mode is prohibited: 'On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enable." [sic] Nor will users have the choice to simply disable secure boot, as they will on non-ARM systems: "Disabling Secure [Boot] MUST NOT be possible on ARM systems.' [sic] Between these two requirements, any ARM device that ships with Windows 8 will never run another operating system, unless it is signed with a preloaded key or a security exploit is found that enables users to circumvent secure boot."
In short, Microsoft insists that any Windows 8 ARM-powered device can not be rebooted or rooted with the user's choice of operating system. And you thought rooting some Android phones was troublesome!
Williamson went on to say that while "While UEFI secure boot is ostensibly about protecting user security, these non-standard restrictions have nothing to do with security. For non-ARM systems, Microsoft requires that Custom Mode be enabled-a perverse demand if Custom Mode is a security threat. But the ARM market is different for Microsoft in three important respects"
Journalist Glyn Moody dug around Microsoft's Windows Hardware Certification Requirements for Windows 8 client and server systems and found on page 116 that will Windows 8 Secure Boot can be disabled: on Intel systems, "Disabling Secure [Boot] must not be possible on ARM systems."
What does that mean? According to Aaron Williamson, a lawyer with the Software Freedom Law Center an organization that provides pro-bono legal services to developers of Free and open-source software, Microsoft has wasted no time in effectively banning most alternative operating systems on ARM-based devices that ship with Windows 8.
Microsoft will be doing this by using Unified Extensible Firmware Interface (UEFI), to block block all other operating systems from Windows 8 systems. UEFI is the 21st century's replacement to PC and other devices' BIOS. It's used to set up your computer and make it ready to boot.
Williamson explains, "The Certification Requirements define ... a 'custom' secure boot mode, in which a physically present user can add signatures for alternative operating systems to the system's signature database, allowing the system to boot those operating systems. But for ARM devices, Custom Mode is prohibited: 'On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enable." [sic] Nor will users have the choice to simply disable secure boot, as they will on non-ARM systems: "Disabling Secure [Boot] MUST NOT be possible on ARM systems.' [sic] Between these two requirements, any ARM device that ships with Windows 8 will never run another operating system, unless it is signed with a preloaded key or a security exploit is found that enables users to circumvent secure boot."
In short, Microsoft insists that any Windows 8 ARM-powered device can not be rebooted or rooted with the user's choice of operating system. And you thought rooting some Android phones was troublesome!
Williamson went on to say that while "While UEFI secure boot is ostensibly about protecting user security, these non-standard restrictions have nothing to do with security. For non-ARM systems, Microsoft requires that Custom Mode be enabled-a perverse demand if Custom Mode is a security threat. But the ARM market is different for Microsoft in three important respects"