OEMs Allowed To Lock Secure Boot In Windows 10 Computers

[LAwLz]

"You can't just say "wow Microsoft is innocent! They were allowed to put the safety on if they wanted" if someone ends up being shot."

 

It's more like this:

"You can't just say "wow Microsoft is guilty! OEMs were allowed to leave the safety on if they wanted' if someone ends up not being shot when they should have been."

 

if you want to stick with the [safety = disable safe boot setting] and [someone = a hacker with a nasty OS to crack the Win10 used in a company fleet]

Eh... What the hell are you talking about? Are you seriously suggesting that nobody should be allowed to boot any other OS than Windows because someone might bring a memory stick with a liveCD and crack the Windows password?

There is a very simple solution for that, and it's called a BIOS password. No need to mandate Secure Boot to protect against it. Secure Boot has NOTHING to do with someone booting a liveCD. It's not intended to protect from that. It is intended to protect against things like rootkits and locking out competitors' OSes from being used.

[BashZeStampeedo]

"You can't just say "wow Microsoft is innocent! They were allowed to put the safety on if they wanted" if someone ends up being shot."

 

It's more like this:

"You can't just say "wow Microsoft is guilty! OEMs were allowed to leave the safety on if they wanted' if someone ends up not being shot when they should have been."

 

if you want to stick with the [safety = disable safe boot setting] and [someone = a hacker with a nasty OS to crack the Win10 used in a company fleet]

 

This whole debate is silly. If companies want custom PCs with perma-Secure-Boot, that's their prerogative. But leave the other market segments alone and keep it a sensible option.

[creativename]

https://yourlogicalfallacyis.com/anecdotal

So just because you dont like win 7 its okay that MS limits peoples freedom.

I use windows 7 because the metro UI is absolute crap.

A lot of people dislike windows 8 also.

http://www.infoworld.com/article/2618073/microsoft-windows/windows-8-review--yes--it-s-that-bad.html

But thats beside the point really , anyone SHOULD be able to install whatever god damned os they want on the hardware they bought.

Windows 8 doesn't have metro. Windows phone has metro.

The modern UI is far more efficient than the windows orb was

[Dabombinable]

Windows 8 doesn't have metro. Windows phone has metro.

The modern UI is far more efficient than the windows orb was

If your on a touch screen device, with a mouse and keyboard, which most Windows users actually use, the new UI is terrible. Why do you think Windows 10 is going to have the old UI, just updated.

[LAwLz]

Windows 8 doesn't have metro. Windows phone has metro.

The modern UI is far more efficient than the windows orb was

Metro = old name for "modern UI". Neither Windows 8 nor Windows Phone has "metro" because it changed name. A lot of people still call it metro though.

 

No, the modern UI is not at all more efficient than the Windows start orb, unless you use your mouse to click on icons. For keyboard users it is on par at best, and worse in some areas.

[AlexGoesHigh]

If your on a touch screen device, with a mouse and keyboard, which most Windows users actually use, the new UI is terrible. Why do you think Windows 10 is going to have the old UI, just updated.

windows 10 isn't exactly going back to the old style, it seems MS is actually updating the RT framework (aka modern UI, metro) to be functional with any set of hardware interaction, like touchscreen tablets, phones, 2in1 laptops, regular laptops, KBM, TV's, etc, why do you think they are now calling it universal apps 

[TAK]

.

[creativename]

If your on a touch screen device, with a mouse and keyboard, which most Windows users actually use, the new UI is terrible. Why do you think Windows 10 is going to have the old UI, just updated.

The new UI is better with a mouse and keyboard. Have you actually tried using it on a touch screen? It's not a great experience. Its much more efficient to use a mouse and keyboard + shortcuts/hotkeys

[Dabombinable]

The new UI is better with a mouse and keyboard. Have you actually tried using it on a touch screen? It's not a great experience. Its much more efficient to use a mouse and keyboard + shortcuts/hotkeys

I was reffering to the Windows 8 UI as being terrible, the Windows 8.1 UI is much better, but Microsoft should have used it in the first place.

[patrick3027]

@

 

To be honest, I don't care if I should be mad at Windows or at OEMs, it's a bad thing for Linux users anyway.

[LAwLz]

You keep on thinking whatever the fuck you want. This will NOT be the issue you think it will be, but it's your conspiracy, run with it all you want.

This will not affect a single user. And if an OEM is stupid enough to enable the option, IT'S STILL NOT MANDATORY TO DO SO FOR THE FUCKING STICKER, then you know not to buy their laptops (Which are the only things that this MIGHT affect).

 

EDIT:

In fact, since you seem to have problems with reading comprehension, let me paste my previous post about this right here and highlight the parts that you seem to have problems with.

 

http://arstechnica.com/information-technology/2015/03/windows-10-to-make-the-secure-boot-alt-os-lock-out-a-reality/

 

Did this finally go thru your thick skull?

See that line in the picture: It's the OEM's option to allow Secure Boot to be turned off. OEM's OPTION, NOT REQUIRED FOR THE STUPID STICKER.

Maybe you want to take a deep breath, count to 10 and then read the link you posted? It makes the same arguments as I do but you seem too enraged to realize it.

How do you know it won't become an issue? It wouldn't be the first time Microsoft used borderline (or flat out) illegal means to block competitors. Give them power and they will abuse it. Same goes for OEMs (just look at smartphone bootloaders).

 

Maybe I am being stupid, but I don't get what you are trying to point out with the bold and underlined text. I have never said Microsoft are forcing OEMs to not include the switch. In case you missed it, here is what I said about "who to blame":

Microsoft for forcing manufacturers to not only include it but also have it enabled by default.

The manufacturers for not including an off switch (if they don't do it).

 

 

If something bad happens because of this policy change then both Microsoft and the OEMs are to blame.

 

 

 

Since you are defending this so hard let me ask you this. Will the consumers have any benefit from this change compared to the Windows 8 requirements? I can think of a massive negative aspect to this change and that's OEMs are now allowed to screw customers if they want to (not saying that they will, but they can do it). I think that if you change something the net outcome should be positive, so the benefit I want you to tell me should be equal or greater than the negative aspect for the consumer.

[Django]

And if an OEM is stupid enough to enable the option, IT'S STILL NOT MANDATORY TO DO SO FOR THE FUCKING STICKER, then you know not to buy their laptops (Which are the only things that this MIGHT affect).

 

The only problem with that is the average user doesn't even know what secure boot is. Marketing has a big influence and could sway the way it goes. Something along the lines of

 

"Feel secure knowing our systems implement the latest controls in protection from unauthorized access to your boot process while others leave the door open."

 

The average Joe just might buy into that thinking it's a better system and before you know it other manufacturers start implementing it as well.

[Arty]

http://arstechnica.com/information-technology/2015/03/windows-10-to-make-the-secure-boot-alt-os-lock-out-a-reality/

 

So what happens to people that don't have secure boot?

i don't...

I am on the tech preview so if they include that in a future update..my system could be toast?

 

[SirNumbers]

theyll fix it they have is time.. 

[werto165]

Fixed with a motherboard firmware update>? no idea if that sort of thing can be implemented with such an update. 

[Arty]

Fixed with a motherboard firmware update>? no idea if that sort of thing can be implemented with such an update. 

pre built

[Sauron]

I don't think you NEED it to install windows 10. It's just part of the requirements for new oem machines to receive the "designed for windows 10" pointless marketing badge.

[qwertywarrior]

"Choose a Linux Distribution That Supports Secure Boot: Modern versions of Ubuntu — starting with Ubuntu 12.04.2 LTS and 12.10 — will boot and install normally on most PCs with Secure Boot enabled."

 

https://www.linuxfoundation.org/sites/main/files/lf_uefi_secure_boot_open_platforms.pdf

 

only problem i see with this is that u can install win7 anymore

other than that most modern OSes will work just fine

[Fabri91]

What Sauron said: it has been required since Windows 8 to get the silly badge.

 

The controversy stems from the fact that while the requirements for the 8/8.1 badge mandated​ the option to disable it, this isn't the case anymore, so an OEM could conceivably make systems where Secure Boot cannot be disabled., should they choose to do so.

 

This has no effect whatsoever on system builders or on anyone who wishes to install Windows on a system, but it only affects OEMs.

[LAwLz]

"Choose a Linux Distribution That Supports Secure Boot: Modern versions of Ubuntu — starting with Ubuntu 12.04.2 LTS and 12.10 — will boot and install normally on most PCs with Secure Boot enabled."

 

https://www.linuxfoundation.org/sites/main/files/lf_uefi_secure_boot_open_platforms.pdf

 

only problem i see with this is that u can install win7 anymore

other than that most modern OSes will work just fine

It sometimes doesn't work, and it won't work if you do any modifications to the core OS (like installing a theme on Windows).

It also assumes that users have control over which keys are white listed, which might not be the case. It is not enough to just support Secure Boot, because Secure Boot must also be configured to accept all the components in the boot chain.

The PDF you linked is how I want Secure Boot to be implemented, but as it is today I don't think anyone actually follows that model, and with this change from Microsoft we are taking 1 small step away from it.

 

 

This has no effect whatsoever on system builders or on anyone who wishes to install Windows on a system, but it only affects OEMs.

It might affect people with laptops.

I am not sure but it might affect people who build their own PCs because motherboards also get a Windows sticker on them (not sure if they have to follow the requirements from Microsoft to get this sticker).

It might affect people who want to use a Windows OS older than Windows 8 (like Windows 7 for example).

[GoodBytes]

http://arstechnica.com/information-technology/2015/03/windows-10-to-make-the-secure-boot-alt-os-lock-out-a-reality/

 

So what happens to people that don't have secure boot?

i don't...

I am on the tech preview so if they include that in a future update..my system could be toast?

You can still install Windows 10 on a system that doesn't have secure boot. This is for manufactures. The requirement doesn't state anything to them, beside that it is up to THEM to decide if they want or not to have secure boot option available to the user. Windows 8 demanded manufactures to give you the option. Now it is up to the manufacture to pick.

[LAwLz]

You can still install Windows 10 on a system that doesn't have secure boot. This is for manufactures. The requirement doesn't state anything to them, beside that it is up to THEM to decide if they want or not to have secure boot option available to the user. Windows 8 demanded manufactures to give you the option. Now it is up to the manufacture to pick.

The requirement states that they HAVE to implement it and have it on by default, and are free to not give users any option to turn it off.

 

 

Old policy -> "You have to implement this and have it on by default but users must be able to turn it off. The user must be in control."

 

New policy -> "You have to implement this and have it on by default, oh and you can totally screw our customers over by preventing them from installing certain things on their computer. You don't have to give users control if you don't want to. It's up to you to decide."

 

 

The old policy was far better for users because it ensured that we didn't get fucked. This gives us no protection.

[TAK]

.

[zappian]

Well, since you have a problem with understanding English, I'll just put you in ignore. No point wasting time on your opinions.

 

Dont cut yourself on that edge mister.

[qwertywarrior]

It sometimes doesn't work, and it won't work if you do any modifications to the core OS (like installing a theme on Windows).

It also assumes that users have control over which keys are white listed, which might not be the case. It is not enough to just support Secure Boot, because Secure Boot must also be configured to accept all the components in the boot chain.

The PDF you linked is how I want Secure Boot to be implemented, but as it is today I don't think anyone actually follows that model, and with this change from Microsoft we are taking 1 small step away from it.

 

do u think microsoft will do this i mean EU gave them hell over the whole browser thing

i cant see this happening its just too much of a bother for microsoft to go court over this (anti-competitive practices)  since they are the ones in charge of the whole signing thing