Microsoft claim that the customer is in control of their PC. That's true, if by "customer" they mean "hardware manufacturer". The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality. The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware. The end user is no longer in control of their PC.
Microsoft claim that the customer is in control of their PC. That's true, if by "customer" they mean "hardware manufacturer".
Isn't that always the case? Today I'm not guaranteed the ability to do secure boot. Today I'm not guaranteed the ability to use certain types of RAM or certain types of video cards or certain types of data adapters (e.g., Thunderbolt), or have touch support, or etc...
But what the customer is in control of is the ability to pick a PC which conforms to what they want, or the ability to build it.
There's never been a guarantee that a specific computer will allow a customer to do whatever they want. All secure boot disabling is is simply one more item in the matrix. And almost all these items are defined by each individual OEM.
The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor
This I hadn't heard of. So with UEFI secure boot you're saying that you likely won't be able to change graphics cards? I hadn't heard that.
The drivers for any hardware used in the UEFI environment (so graphics, input, storage, potentially network) have the ability to compromise your system, so they have to be trusted as well. For hardware that's built into your machine, that's fine - the drivers will just live in the firmware volume in flash and can't be replaced, so they're trusted. If they're on a plugin card then it's a different story.
There's a few obvious options here. The first is for Microsoft to sign the drivers. That would work but would slow down driver deployment. The other is for the vendor to have a key. That means that systems would have to carry the appropriate public key. If you buy a system with the AMD key then you'd be able to run a Radeon, but unless it also carries the Nvidia key then you won't be able to swap it out for a Geforce.
It's also possible that Microsoft will issue vendors keys that have chained trust back up to Microsoft's key. That would avoid the requirement to distribute individual vendor keys, but it means that any vendor key is now trusted by all systems with the Microsoft key (ie, all of them). At that point it's no longer about compromising Microsoft's key, it's about compromising any hardware vendor's key. Succeed in that and you're able to produce malware that'll run on any system. Stuxnet demonstrates that this is a real risk. And once the malware is out there and signed by this leaked key, the only way to fix it is to revoke that key. Which then instantly stops all of that vendor's hardware from working.
It's still unclear which of these deployment scenarios will be followed. All of them have downsides, and one of them may well be to restrict your ability to choose which hardware you want to use in your (otherwise compatible) system.
Thanks that was useful, and does make clearer why the complaint exists.
It almost seems like there should be two Win8 logos:
1. The Standard Win8 Logo -- where secure boot is disabled.
2. The Secure Win8 Logo -- as I think the best story is for MS to sign all the drivers.
That way if you're buying something like a laptop or tablet, where you're a lot less likely to swap things in or out, then maybe the Secure Win8 is what you want. But for a desktop where you plan on moving over a lot of your old HW or do upgrades, you may not want the Secure logo. Just thoughts.
Apple sells both the hardware and the OS that runs on it, they own the whole stack and thus can do pretty much what they want with it. Even so I don't think there are any problems installing a Linux distro on any Mac, and Windows is directly supported by Apple via bootcamp.
Microsoft only owns the OS part of the stack, and this move, combined with some shady back room dealing or just relying on plain old OEM incompetence, could potentially prevent you booting any other OS on hardware they don't own or manufacture themselves.
> I don't think there are any problems installing a Linux distro on any Mac
None whatsoever. In at least Ubuntu's case, you need do little more on modern Intel Macs than insert the CD and reboot. If you want to keep OS X around (and have a few other goodies), install rEFIt first for better partition and boot management.
In some ways, dual-booting Linux and OS X is less problematic than Linux and Windows has ever been.
Microsoft claim that the customer is in control of their PC. That's true, if by "customer" they mean "hardware manufacturer". The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality. The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware. The end user is no longer in control of their PC.