Industry News

Windows 8 Secure Boot Feature Slows Down Linux Adoption

If you’re planning to buy a brand-new Windows 8 computer and also run a Linux distro on the same machine, you’d better think twice. Microsoft’s upcoming Secure Boot feature has sparked an intense debate on the future of the open-source operating systems such as Linux.

Secure Boot is a technology implemented by Microsoft in the upcoming Windows 8 that can stop a computer from loading an operating system that hasn’t been signed by a trusted Certificate Authority: either Microsoft or an OEM. It can be activated or deactivated via the UEFI – the much-anticipated replacement for BIOS – but, in order for vendors to pass the Windows 8 certification and get their “Designed for Windows 8” logo, they have to ship the motherboard with UEFI secure booting enabled.

“With Secure Boot, new free software users must take an additional step to install free software operating systems. Because these operating systems do not have keys stored in every computer’s firmware by default like Microsoft does, users will have to disable Secure Boot before booting the new system’s installer,” said John Sullivan, Executive Director of the Free Software Foundation. “Proprietary software companies may present this requirement under the guise of ‘disable security on your computer,’ which will mislead new users into thinking free software is insecure.”

Canonical and Red Had, two of the most prominent Linux distribution developers, have already taken steps to make their Linux distributions compatible with the Windows 8 Secure Boot feature, but the Free Software Foundation is still determined to fight its introduction.

”As currently proposed, Secure Boot impedes free software adoption,” the FSF wrote. “It is highly questionable that the security gains realized from Secure Boot outweigh the difficulties it will cause in practice for users trying to actually provide for their own security by escaping Microsoft Windows.”

The Free Software Foundation is collecting signatures to have hardware manufacturers ship their motherboards with the Safe Boot option disabled and allow end-users to install their operating system of choice.

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.


Click here to post a comment