NPC Seal
We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
I AGREE FIND OUT MORE
x
advertisement
Filtered by: Scitech
SciTech

Microsoft defends 'secure boot' for Windows 8


Breaking its silence on the matter, Microsoft this week defended its upcoming flagship operating system Windows 8's use of a "secure boot" policy, which some programmers said could potentially lock out other operating systems, such as Linux. Tony Mangefeste of the Microsoft Ecosystem team said "secure boot" is not a Windows 8 feature but a protocol of the Unified Extensible Firmware Interface (UEFI). "Windows 8 utilizes secure boot to ensure that the pre-OS environment is secure ... Secure boot doesn’t 'lock out' operating system loaders, but is a policy that allows firmware to validate authenticity of components," he said in a blog post. He added original equipment manufacturers (OEMs) have the ability to customize the level of certificate and policy management on their platform. Microsoft is merely using the Windows Certification program to ensure that systems shipping with Windows 8 have secure boot enabled by default, he said. This should make sure the firmware will not allow programmatic control of secure boot to prevent malware from disabling security policies in firmware. "Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows," he said. With secure boot and UEFI, he said the industry and Microsoft are raising the bar to create greater system integrity and health, and to provide customers with a strong level of protection against a growing class of threat. But mobile Linux developer Matthew Garrett, who brought up the concern earlier this month, maintained the secure boot will make Windows 8-certified systems "either more difficult or impossible to install alternative operating systems." "The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality. The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware. The end user is no longer in control of their PC," he said in a separate blog post. "If Microsoft were serious about giving the end user control, they'd be mandating that systems ship without any keys installed. The user would then have the ability to make an informed and conscious decision to limit the flexibility of their system and install the keys. The user would be told what they'd be gaining and what they'd be giving up," he added. He also said Microsoft's rebuttal is "entirely factually accurate" but "also misleading." "The truth is that Microsoft's move removes control from the end user and places it in the hands of Microsoft and the hardware vendors. The truth is that it makes it more difficult to run anything other than Windows. The truth is that UEFI secure boot is a valuable and worthwhile feature that Microsoft are misusing to gain tighter control over the market. And the truth is that Microsoft haven't even attempted to argue otherwise," he said. — TJD, GMA News

Tags: microsoft, microsoftwindows, windows8, secureboot
LATEST ELEKSYON 2025 RESULTS
News
Voter's Education
Candidates
Find out your candidates' profile
Debates
Find the latest news
Stand on Issues
Find out individual candidate platforms
MyKodigo
Choose your candidates and print out your selection.
Voter's Profile
Voter Demographics
Most Popular
LOADING CONTENT