Windows 8 won't dual-boot Linux?

Software giant Microsoft may be in for a potential conflict with the Linux community, some of whose members voiced concerns the secure booting procedure of its upcoming Windows 8 operating system can lock out the Linux OS. Mobile Linux developer Matthew Garrett said the new Unified Extensible Firmware Interface (UEFI) that Windows 8 will use has a “secure boot" feature that prevents executables or drivers from being loaded unless they are “signed." “A system that ships with only OEM and Microsoft keys will not boot a generic copy of Linux," Garrett said in a blog post. “It’s probably not worth panicking yet. But it is worth being concerned," he added. He said that with “secure boot" enabled, an OS vendor cannot boot its software on a system unless it is signed with a key that is included in the system firmware. Similarly, a hardware vendor cannot run their hardware inside the EFI environment unless their drivers are signed with a key included in the system firmware. “(Thus) if you install a new graphics card that either has unsigned drivers, or drivers that are signed with a key that’s not in your system firmware, you’ll get no graphics support in the firmware," he said. Garrett noted Microsoft presently requires machines conforming to the Windows 8 logo program and running a client version of Windows 8 ship with secure boot enabled. With this scenario, he said there will be two alternatives:

• For Windows to be signed with a Microsoft key and for the public part of that key to be included with all systems; or
• For each OEM to include their own key and sign the pre-installed versions of Windows.

But he said the second approach would make it impossible to run boxed copies of Windows on Windows logo hardware, and also impossible to install new versions of Windows unless your OEM provided a new signed copy. Thus he said the first scenario seems more likely. Problems with signed Linux Garrett said that while there could be signed versions of Linux, there will be problems, such as a need for a non-GPL bootloader. He also said the design of the kernel in the future may mean that the kernel itself is part of the bootloader. “This means that kernels will also have to be signed. Making it impossible for users or developers to build their own kernels is not practical. Finally, if we self-sign, it’s still necessary to get our keys included by ever OEM," he said. “There’s no indication that Microsoft will prevent vendors from providing firmware support for disabling this feature and running unsigned code. However, experience indicates that many firmware vendors and OEMs are interested in providing only the minimum of firmware functionality required for their market. It’s almost certainly the case that some systems will ship with the option of disabling this. Equally, it’s almost certainly the case that some systems won’t," he added. A separate article on The Next Web said Microsoft has been reticent so far to state what is the truth on the matter. “This is not a small issue. If Microsoft does attempt to make it impossible for the average consumer to install and run Linux aside of Windows 8, it will lose whatever inroads that it has made with developers in the past few years. Even more, it’s restrictive and could open the company to even more anti-trust scrutiny," it said. — TJD, GMA News