On 22/09/11 09:42, Simon Greenwood wrote:
On 22 September 2011 00:06, Alan Bell <alan.b...@libertus.co.uk
<mailto:alan.b...@libertus.co.uk>> wrote:
On 21/09/11 23:29, Bea Groves wrote:
Just read the following. Comments?
yeah, it is potentially very nasty.
To be Windows 8 certified computers will have to be able to do
this secure boot thing. Most will include an option to turn it
off, exactly like the google chromebooks do, they have a switch to
turn off the code signing requirement so you can run unsigned
operating systems. The OLPC also has this exact same feature, but
you can get a dev key and turn it off.
The problem is that some manufacturers might start not bothering
to include an off switch. So that would creep in as a set of
machines (probably quite mainstream high volume ones) that won't
run anything but the pre-installed Windows 8 or above.
The big problem is that Windows 9 might *require* secure boot to
run. This means it won't run on older machines (driving hardware
sales, the industry likes that) and means that more manufacturers
will fail to include an off switch for the secure boot. If the
market doesn't punish them by people avoiding these pre-bricked
computers then they will keep doing it. Microsoft will carefully
not require OEMs to fail to include an off switch, because that
would be anti-competitive. Virtualbox and VMware and so on can
include the public keys and provide a secure boot environment, or
run unsigned code for developing drivers and running Linux, but
you won't be running Linux on the hardware, only virtualised. It
is kind of like the current trend for using up 4 primary
partitions and not creating extended partitions to make dual
booting harder, but this one you potentially can't get round. I
can see a time when you have to get a laptop chipped to run Linux
like you would a DVD player to do multi region.
There are current factors that may give hope: for the one the major
component makers such as Samsung and LG are proving to be less OS
bound than previously, certainly in the mobile phone sector: all the
Korean companies produce both Android and Windows phones as well as
making their own OSes such as Samsung's Bada, so may be less willing
to bind themselves to Windows for their PCs, perhaps more so if the
X86 Android port is successful, becomes official and remains free.
On the other hand, the success of the iPad and other tablets has
blurred the distinction between PC and phone and the tablet-type
device may supersede the PC more in the coming years, something which
Microsoft have seen and responded to by finally porting Windows to
ARM, something which Unity is intended also to address. The
traditional PC may end up playing a smaller role in the hardware
ecosystem than it has previously.
As Alan says, in the short term though, Linux will have to adapt to
EFI (Macs have had this since the switch to x86 and you can run Linux
on them with few problems) but if the time comes that signing becomes
necessary, the growth of Linux may be such that it can't be ignored as
an alternative desktop and that there will a key pair or pairs available.
s/
--
Twitter: @sfgreenwood
"Is this your sanderling?"
We would have to do a lot of awareness raising and support things like
install days to get round things like this. as the borg say "we will
adapt"
paul
--
Paul Sutton Cert SLPS (Open)
http://www.zleap.net
17th September 2011 - Software freedom day
--
ubuntu-uk@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk
https://wiki.ubuntu.com/UKTeam/
