Microsoft’s brand new version of its flagship product, the Windows operating system, has pitted it once again against Linux users who have had a longstanding battle with the giant. The Linux community has been particularly offended by the operating system’s Unified Extensible Firmware Interface (UEFI), or popularly known as Secure Boot.
The GNU Linux community’s fundamental objection to the feature is that it amounts to collusion between Microsoft and hardware manufacturers to lock users, depriving them of the freedom to install other operating systems in a Windows environment. They were later mollified by Microsoft’s clarifications that there will be a ‘Secure Boot-disable’ option on PC’s shipping with Windows 8. Although this option would have allowed installation of multiple operating systems, it is still arduous on Secure Boot machines.
Secure Boot is deemed as an attempt by Microsoft to tighten its losing grip in the desktop space and grab onto a substantial user base in the tablet space. With the release of Windows 8 and Microsoft’s tablet computer Surface, there is some clarity about the implications of Secure Boot.
As the Redmond giant provides an option for multi boot on Intel or AMD processor-based computers (seen with Windows 8), and no such option for ARM-based computers, the restriction might play out differently in the tablet market (manifested in Microsoft Surface).
It would create unhealthy competition in the long run, if Microsoft-certified ARM devices make it big in the tablet computer segment, and eliminate other operating systems from the race with a hardware lock in the form of Secure Boot.
If you have a personal computer, or a laptop that you purchased a couple of years ago, the first wake-up screen would most likely be a dull visual with a pixelated logo and text in a monotonous font with keyboard access to only a few obscure device options. This wake-up system software, that has existed from the first IBM PC, is mostly the only piece of computer ware that has never seen any major upgrades.
The Basic Input/Output System (or commonly known as the BIOS) is the firmware that initiates the device wake-up, before the operating system can be loaded.
With UEFI, this interface between the device firmware and the operating system will make the interface advanced, firstly, and more importantly, prevent malicious software that attack the BIOS (rootkits) from hampering the functioning of the operating system. The initiative of Intel and now the consortium UEFI is trying to make the boot process of computers more secure.
Secure or restricted?
Boot restrictions aren’t new in the industry. All Apple products come with restricted boot. Tablets and phones running Android too do not allow multi boot. With the Microsoft version of UEFI Secure Boot, it has joined the league of restricted boot operating systems. If Microsoft is not alone, why is it being targeted?
A blog post on Free Software Foundation website reads, “When done correctly, Secure Boot is designed to protect against malware by preventing computers from loading unauthorised binary programs when booting.” In the case of the Microsoft implementation, it hasn’t been done correctly. Making the apprehensions of Free Software crowd come true, Microsoft has now made it mandatory for ARM-based devices to have “Secure Boot” on, without an option to disable it. This means ARM-based devices certified for Windows do not have the option of booting into another operating system (unless the operating system in question is also certified by Microsoft).
Impact on market
While Free Software community and technologists who want multi boot are agitated with this ARM lock by Microsoft, from a market point of view, it does not seem like a threat, at least as yet.
Microsoft is not imposing the Secure Boot restriction in the desktop space, which is almost entirely ruled by Intel or AMD machines running Microsoft Windows. If Microsoft had imposed Secure Boot on desktop platforms, they might have faced a second antitrust action, because they are still the monopoly in personal computer operating systems.