Windows 10 Secure Boot requirement could make Linux user’s life harder

If you are a Linux open source operating system user then this recent news from Microsoft can make your life tougher. The new Secure Boot requirements can make installing the Linux operating system much harder than it ever used to be. Microsoft gives manufacturers an option to enable UEFI Secure Boot without providing you a manual kill switch, which means that you could only be able to boot your PCs with Microsoft approved operating systems.

linux-image

While booting a new Windows 8 PCs, the Secure Boot features present at the UEFI (Unified Extensible Firmware Interface) firmware, check for approved digital signature present on the operating system loader and its drivers. UEFI is basically a modern replacement for the traditional BIOS that were used by  PCs to start up. The role of the UEFI Secure Boot feature on Windows operated PCs are generally to check the low level software signed by Microsoft or the computer’s manufacturer, preventing any malware like Rootkits from interfering with the boot process.

A few years back, Microsoft had released the UEFI Secure Boot System to the Linux Foundation, that allowed  Linux to work on computers running UEFI firmware.

But now this same feature will block Linux boot loaders, making it tough for users to install Linux OS on the PC system. In fact, in Windows RT, this Secure Boot is designed in such a way that it allows only Windows RT to boot.

The Linux community has no idea what to do with this new technology, as this could shut down all other operating system that doesn’t match with the Secure Boot requirement. But thankfully Microsoft has come out with some solution as well. Microsoft has allowed manufacturers to give users a way to turn off UEFI secure boot and install whatever they want.

In Windows 10, Microsoft gives manufacturers a choice to make the user-configuration toggle optional. This means that you can choose to buy the computer with or without toggle depending upon your need. Here one thing is very important to note that Microsoft has still not come out with their final specification, which means that there is a possibility that things might change.

These requirements could only affect new PCs and not the older models that had been upgraded to Window 10. Modern versions of some Linux distributions, including Ubuntu and Fedora, are working fine with Windows PCs, as they have their own tool to work with UEFI. The Linux Foundation is still working with Microsoft to come out with a secure boot loader that works with independent distributions.

We need to wait and see what the next changes are, that Microsoft brings for Linux users.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

8 Comments

  1. well, that thing Microsoft did will probably make me do one of the two.
    1 – stick with windows 8.1 and keep windows 10 in vbox.
    2 – love linux even more and care much less about microsoft new products.

  2. John Sprinklebumj

    I only use Windows for a few legacy programs now. Everything else is done in Linux with a dual boot, with the systems on two different disk drives. I am not very sure that a secure boot that does little more than guarantee on Windows will run on that computer is quite legal. In any event, there are now decent Linux programs that can replace my Windows legacy programs. Not exactly a Windows hater here, have been aboard since DOS 1.0, but got kind of tired beta testing new Windows versions and also paying an arm and a leg for them, and certainly did not like all the new learning curves and expenses associated with them. Free is nice, stable is nice, easier installs now for Linux are nice, fast is nice. For the most part, the old adage has a ring of truth in it. If you want to do graphics, use Mac. If you want to do some serious number crunching and such, use Linux and if you want to play Solitaire, use Windows. My personal solution is fairly simple. If Windows makes it difficult to impossible to use Linux on a new box, then I will not do Windows any more. If not, I will take it for a spin and maybe even use it.

  3. scott flynn

    True enough. I have and always will build my own machines. I will not accept a machine that limits what I can do with it. This is fine as long as we are talking desktops. What to do with laptops and the like? Microsoft is playing dirty pool.

  4. KevinD

    Not to get a whole flame war started, but it is really easy to get confused about these definitions.

    From my review of the WinHEC slides, Microsoft laid out the market as two segments; Desktop and Mobile. But this isn’t the old Desktop and Notebook segments with which we are all familiar. This is the PC version of Windows vs the phone version of Windows. Mobile seems to start at entry 7 inch tablets and extend down as far as they support even to Raspberry PI 2. Desktop seems to start right above entry 7 inch tablets and extend up to the beginning of servers.

    Not a lot really changed. Microsoft never had phones that supported enabling / disabling UEFI Secure Boot. Computer companies building PCs are still required to have a BIOS option to be able to enable and disable Secure Boot.

    Even so, it wouldn’t be unreasonable for a computer company to provide a way to disable Secure Boot even in a phone or low end tablet. It just couldn’t be a BIOS option.

    And all of this is just for the computer that companies want to be logo’ed or where they have some type of OEM contract with Microsoft. There are plenty of companies building Windows machines that don’t appear to have relationships with Microsoft. And a few of the OEMs actually sell machines with various versions of Linux.

    Not to say that Microsoft is Linux’s best friend, but it doesn’t appear they are trying to kill it from this. Here they are just trying to kill Root Kits and a lot of the virus vectors around the end of the BIOS and the start of the OS.

  5. BO

    If people are happy using windows I don´t care but I DON´T LIKE IT. I HAVE TO USE IT SOMETIMES LIKE NOW WHEN I AM IN THE LIBRARY. Trying to boot bsd have crashed 2 computers for me so no thanks. No windows no bsd on my computers. I don´t mind Open Indiana, Linux, Haiku, Syllable or Icaros because this is what I want on my computers yeah even Mac. There can be many problems booting why make it worse. It is my choice. Some people like coffee some like tea. Flame wars? I like x 86 but I don´t like windows, so please let me choose OS, and which Linux distro to install. I want to learn how to erase every bit of windows code on a computer and the same with preinstalled LINUX. what I would like to see in the future easiness too boot the OS of choice and good multiboot possibilities.

  6. Pablo Almeida

    My ASUS laptop already prevents me me from disabling Secure Boot. I fear for the future…

  7. Mojito skurt

    they can’t. Relax. UEFI can add keys for both Windows, Linux and other OS. Had MS tried to block other OS, the resulting mass lawsuits across all continents would put MS out of business.

  8. scott flynn

    Business is business. You are right of course – but that model would work to help secure whole segments of the market from ever seeing another OS on any machine sold.

Leave a Reply

Your email address will not be published. Required fields are marked *


6 + 3 =