Read about the potential threat to dual booting Puppy and other Linux distros with Windows 8:
http://www.itworld.com/it-managementstr ... ux-booting
There is more here for the seriously geeky:
http://mjg59.dreamwidth.org/5552.html
Windows 8 OEM specs may block Linux booting
Windows 8 OEM specs may block Linux booting
[b]Classic Opera 12.16 browser SFS package[/b] for Precise, Slacko, Racy, Wary, Lucid, etc available[url=http://terryphillips.org.uk/operasfs.htm]here[/url] :)
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Re: Windows 8 OEM specs may block Linux booting
It is even worse than we suspect . . .Terryphi wrote:Read about the potential threat to dual booting Puppy and other Linux distros with Windows 8:
http://www.itworld.com/it-managementstr ... ux-booting
Even reading about it may be subject to copyright or some such blocking . . .
Fatal error: Call to a member function set_display() on a non-object in /var/www/itworld/sites/all/modules/features/itw_answers/itw_answers.module on line 430
Thanks indeed for pointing this out to us.
Guys I just love this. This is exactly what I have been warning for
for years. I am a true pessimist and reality always turns out to be
ten times more bad than even my worst nightmares
Haha this is so funny.
http://www.itworld.com/it-managementstr ... ux-booting
them have finally found a way to force us to get our own OEM makers of hardware. To go get together to collect money to ask the hardware guys to make our own Linux hardware.
May I give a reasonable prediction. Lobby will ask the European Union to set a law for all of Europe that no ISP will allow a pc to go out on internet that doesn't show this secure UEFI certificate in place.
that is a very likely scenario folks!
Edit
one of the commentators and most likely not the only ask this
Am I wrong? I mean if them to go to such length to secure the hdd booting why would them then allow anybody to boot using any odd CD/DVD/USB with possible malware on it?
Guys I just love this. This is exactly what I have been warning for
for years. I am a true pessimist and reality always turns out to be
ten times more bad than even my worst nightmares
Haha this is so funny.
John deMurga can get in trouble if I quote all if it. Read at the first link firstWindows 8 OEM specs may block Linux booting
New secure boot process leaves unsigned Linux out in the cold
September 20, 2011, 9:45 PM —
After years of trying to cut off Linux growth as a desktop platform on x86 and x64 PCs, Microsoft may have actually figured out a way to stop Linux deployments on client PCs dead in their tracks.
...
EFI, and the later UEFI specification, is not the problem for Linux. The problem is Microsoft's other requirement for any Windows 8-certified client: the system must support secure booting. This hardened boot means that "all firmware and software in the boot process must be signed by a trusted Certificate Authority (CA)," according to slides from a recent presentation on the UEFI boot process made by Arie van der Hoeven, Microsoft Principal Lead Program Manager.
The slides, posted on Garrett's in a blog Tuesday afternoon, reveal Microsoft's plan to lock down the boot process, which Microsoft rightly points out has become a high-value target vector for injecting malware onto Windows PCs. To combat this, Microsoft is requiring all Windows 8 devices to have a hardened boot. Right now, even though there are EFI-ready Linux bootloaders and distros available, none of them are signed, Garrett reminded me.
It's not just a matter of replacing the UEFI system on the device with other, unencrypted, firmware. If all parts of the chain need to have a CA signature, then swapping out a machine's signed EFI layer with, say, an unsigned BIOS or EFI would not work. Garrett described the problem in more detail:
http://www.itworld.com/it-managementstr ... ux-booting
them have finally found a way to force us to get our own OEM makers of hardware. To go get together to collect money to ask the hardware guys to make our own Linux hardware.
May I give a reasonable prediction. Lobby will ask the European Union to set a law for all of Europe that no ISP will allow a pc to go out on internet that doesn't show this secure UEFI certificate in place.
that is a very likely scenario folks!
Edit
one of the commentators and most likely not the only ask this
That sounds too simple for them to allow. As I get it them would not allow such booting because it does not have those certificates. ???01NarrativeMode_tw330709924 9 hours ago
Wouldn't the simplest solution be to boot from an external device like a cd or more likely usb key? Dual boot when you want it, walk away with your cache files. Done.
Am I wrong? I mean if them to go to such length to secure the hdd booting why would them then allow anybody to boot using any odd CD/DVD/USB with possible malware on it?
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
Terry's other link give this answer.
Them would not get Microsoft money if them do and to have microsoft is the only way to get volume sale of teh product so that is a must.
Maybe Android and Google is the only other "party" big enough to pay the hardware makers to allow for linux? But that will be a linux on Google permission. Who know what them will allow. No root obviously!
Does that not say it all. I mean why would them give these keys to us?There is no centralised signing authority for these UEFI keys. If a vendor key is installed on a machine, the only way to get code signed with that key is to get the vendor to perform the signing. A machine may have several keys installed, but if you are unable to get any of them to sign your binary then it won't be installable.
Them would not get Microsoft money if them do and to have microsoft is the only way to get volume sale of teh product so that is a must.
Maybe Android and Google is the only other "party" big enough to pay the hardware makers to allow for linux? But that will be a linux on Google permission. Who know what them will allow. No root obviously!
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
The latest actions of MS with win8 supposedly for security purposes I see as another way MS is trying to cut out linux.
If you buy a PC with their specs with win8 installed, and their moving away from BIOS, will you even be able to remove their OS in favor of a linux OS?
And evidently, repairing windows with linux will be a thing of the past.
MS says it is for security and then they release Developer editions into the wild that I am sure are being used to an extent to search for ways to introduce a hacker's code into the OS.
If a PC is made without a BIOS, and MS copyrights their replacement for it will it leave all linux OSes unable to install on that PC?
If you buy a PC with their specs with win8 installed, and their moving away from BIOS, will you even be able to remove their OS in favor of a linux OS?
And evidently, repairing windows with linux will be a thing of the past.
MS says it is for security and then they release Developer editions into the wild that I am sure are being used to an extent to search for ways to introduce a hacker's code into the OS.
If a PC is made without a BIOS, and MS copyrights their replacement for it will it leave all linux OSes unable to install on that PC?
So the war between the engineers and marketing at M$ continues. I'm an IT pro, and I know of NO IT departments that are looking at 8. None.
They're going to relearn the lesson they did with Vista. And, after the Vista debacle, PC manufacturers aren't going to be too eager to sign off on M$'s next madcap scheme.
They're going to relearn the lesson they did with Vista. And, after the Vista debacle, PC manufacturers aren't going to be too eager to sign off on M$'s next madcap scheme.
-
technosaurus
- Posts: 4853
- Joined: Mon 19 May 2008, 01:24
- Location: Blue Springs, MO
- Contact:
Imagine PC manufacturers that are told by MS that they have to implement the MS version of a BIOS jumping en-mass to linux. 
Also, I really do not think that software bios by MS is going to happen as they are not going to alienate those with existing PCs, especially businesses, with an OS that will not install on those PCs.
And it is a MS world to a lot of people.
I had a DSL phone repair tech that was very upset that I was not running windows when he wanted to check my modem as the PC saw it.
So I fire up my browser and bring up the modem diagnostics page he wanted and that he said was not possible without windows and IE.
The typical brainwashed pubic courtesy of MS.
Also, I really do not think that software bios by MS is going to happen as they are not going to alienate those with existing PCs, especially businesses, with an OS that will not install on those PCs.
And it is a MS world to a lot of people.
I had a DSL phone repair tech that was very upset that I was not running windows when he wanted to check my modem as the PC saw it.
So I fire up my browser and bring up the modem diagnostics page he wanted and that he said was not possible without windows and IE.
The typical brainwashed pubic courtesy of MS.
"Maybe Android and Google is the only other "party" big enough to pay the hardware makers to allow for linux? But that will be a linux on Google permission. Who know what them will allow. No root obviously!"
"According to extracts of Mr Isaacson's book, obtained by the Associated Press, Mr Jobs said: "I'm going to destroy Android, because it's a stolen product. I'm willing to go thermonuclear war on this."
He is also quoted as saying: "I will spend my last dying breath if I need to, and I will spend every penny of Apple's $40 billion [£25bn] in the bank, to right this wrong."
http://www.bbc.co.uk/news/technology-15400984
"According to extracts of Mr Isaacson's book, obtained by the Associated Press, Mr Jobs said: "I'm going to destroy Android, because it's a stolen product. I'm willing to go thermonuclear war on this."
He is also quoted as saying: "I will spend my last dying breath if I need to, and I will spend every penny of Apple's $40 billion [£25bn] in the bank, to right this wrong."
http://www.bbc.co.uk/news/technology-15400984
I already face same strange problems wt a pc in win7 2011.
Sometink in tis machine is able to fuck syslinux, witout damenge the sd card filesistem. it appeds onuly when I reboot. if i turn off and boot again does not iterfere. I dont' konw if is a ardware issue or e bios comportament.
that has a capacity to create a bug in the mbr of the sd card.
Rebboting and find "boot error" is not normal.
In the begining I thoth that the problem was an old sd card. so I buy a new one.
Now with the new one still this append. egain.
I solve it -never reboot . alwais turn on and off the pc.
But I think this kind of dangers are there already for linux.
ms-windows feel free to use now all the ssd, usbstick, for swap during booting (they call it easyboot), so if they wont they can do much moare than that
my old post is:
http://www.murga-linux.com/puppy/viewtopic.php?t=72581
but I tell you. is not a problem of sd card quality.
Sometink in tis machine is able to fuck syslinux, witout damenge the sd card filesistem. it appeds onuly when I reboot. if i turn off and boot again does not iterfere. I dont' konw if is a ardware issue or e bios comportament.
that has a capacity to create a bug in the mbr of the sd card.
Rebboting and find "boot error" is not normal.
In the begining I thoth that the problem was an old sd card. so I buy a new one.
Now with the new one still this append. egain.
I solve it -never reboot . alwais turn on and off the pc.
But I think this kind of dangers are there already for linux.
ms-windows feel free to use now all the ssd, usbstick, for swap during booting (they call it easyboot), so if they wont they can do much moare than that
my old post is:
http://www.murga-linux.com/puppy/viewtopic.php?t=72581
but I tell you. is not a problem of sd card quality.
I remember vaguely that I read it here at idg.se in Swedish.
That is our version of PCWorld.com and IDG is an international owner
of computer mags all over the world. Them have IDG New.
This comment reminded me of it. I came to think of it reading this
MS says it is for security
Anyway as I remember it was a kind of proposal to the whole of European Union?
It is about better security. Them sell it like this. As I remember it.
Every computer should have a certificate from Ms Windows
that it has been rid of any malware using the authorized anti virus
that Ms give okay for for their OS.
So if one don't have Ms Win on the computer then one fail to get that
needed certificate to go online. The ISP is by law forbidden to allow
you to go out on the internet.
As I get it we sure can use Linux but not go out on the internet.
Because there is no way to get the certificate!
Now how likely is it that such a law get through European Parliament?
Not easy to know but if one base guesses on who the Anti-Pirates can
shut down servers then it is very likely. Them do anything for the big
companies with a few exceptions like when them criticized Google for
collecting every private hotspot when them took their movies running
streets up and down.
So maybe, just maybe them does not allow that law but it is a Lobbying going on!
I have tried to find the text again but failed.
That is our version of PCWorld.com and IDG is an international owner
of computer mags all over the world. Them have IDG New.
This comment reminded me of it. I came to think of it reading this
MS says it is for security
Anyway as I remember it was a kind of proposal to the whole of European Union?
It is about better security. Them sell it like this. As I remember it.
Every computer should have a certificate from Ms Windows
that it has been rid of any malware using the authorized anti virus
that Ms give okay for for their OS.
So if one don't have Ms Win on the computer then one fail to get that
needed certificate to go online. The ISP is by law forbidden to allow
you to go out on the internet.
As I get it we sure can use Linux but not go out on the internet.
Because there is no way to get the certificate!
Now how likely is it that such a law get through European Parliament?
Not easy to know but if one base guesses on who the Anti-Pirates can
shut down servers then it is very likely. Them do anything for the big
companies with a few exceptions like when them criticized Google for
collecting every private hotspot when them took their movies running
streets up and down.
So maybe, just maybe them does not allow that law but it is a Lobbying going on!
I have tried to find the text again but failed.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
I found this.
Stand up for your freedom to install free software
https://www.fsf.org/campaigns/secure-bo ... /statement
Theoretically yes but in practice more likely no. Only one percent is not
enough users to make the OEM and hardware people care about us.
Read a good example here.
In same way as did happen 2001 with BEOS the Linux big guys will buy exceptions for Suse and for Fedora and for Ubuntu but for Puppy we don't have the money to buy these certificates.
The hardware will be set to not allow anything else than certified software to boot and I am sure of that Microsoft will sell this idea to
European Union and them make a law to ISP to not allow us to
use uncertified Linux to reach internet.
Every sign points in that direction. Prove me wrong
Stand up for your freedom to install free software
https://www.fsf.org/campaigns/secure-bo ... /statement
Now all you optimists would say that the OEMs would allow us to shut the hardware thing off so we can boot puppy.Stand up for your freedom to install free software
The following is a public statement, open for signing.
For more background, please read our more detailed explanation of the issue at
http://fsf.org/campaigns/secure-boot-vs-restricted-boot
Microsoft has announced that if computer makers wish to distribute
machines with the Windows 8 compatibility logo,
they will have to implement a measure called "Secure Boot."
However, it is currently up for grabs whether this technology will live up
to its name, or will instead earn the name Restricted Boot.
When done correctly, "Secure Boot" is designed to protect against malware
by preventing computers from loading unauthorized binary programs
when booting. In practice, this means that computers implementing it
won't boot unauthorized operating systems -- including initially
authorized systems that have been modified without being re-approved.
This could be a feature deserving of the name, as long as the user
is able to authorize the programs she wants to use, so she can run
free software written and modified by herself or people she trusts.
However, we are concerned that Microsoft and hardware manufacturers
will implement these boot restrictions in a way that will prevent users
from booting anything other than Windows. In this case, we are better
off calling the technology Restricted Boot, since such a requirement
would be a disastrous restriction on computer users and not a security
feature at all.
Theoretically yes but in practice more likely no. Only one percent is not
enough users to make the OEM and hardware people care about us.
Read a good example here.
http://www.birdhouse.org/beos/byte/30-bootloader/He Who Controls the Bootloader
End of an Era
Scot Hacker, August 2001
Yes I am a fundamentalistisk Pessimist. I trust that if something can get worse it sure will."Be offered BeOS for free to any major computer manufacturer willing to pre-install BeOS on machines alongside Windows. Although few in the Be community ever knew about the discussions, Gassée says that Be was engaged in enthusiastic discussions with Dell, Compaq, Micron, and Hitachi. Taken together, pre-installation arrangements with vendors of this magnitude could have had a major impact on the future of Be and BeOS. But of the four, only Hitachi actually shipped a machine with BeOS pre-installed. The rest apparently backed off after a closer reading of the fine print in their Microsoft Windows License agreements. Hitachi did ship a line of machines (the Flora Prius) with BeOS pre-installed, but made changes to the bootloader -- rendering BeOS invisible to the consumer -- before shipping. Apparently, Hitachi received a little visit from Microsoft just before shipping the Flora Prius, and were reminded of the terms of the license."
In same way as did happen 2001 with BEOS the Linux big guys will buy exceptions for Suse and for Fedora and for Ubuntu but for Puppy we don't have the money to buy these certificates.
The hardware will be set to not allow anything else than certified software to boot and I am sure of that Microsoft will sell this idea to
European Union and them make a law to ISP to not allow us to
use uncertified Linux to reach internet.
Every sign points in that direction. Prove me wrong
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
hardware
Then use non-MS hardware like 32-bit ARM (as MS will choose 64-bit) and Puppy will run happily there.
Puppy user since Oct 2004. Want FreeOffice? [url=http://puppylinux.info/topic/freeoffice-2012-sfs]Get the sfs (English only)[/url].
Ifr they have a large business customer base that resists Windows 8 they may react one way...if their customer base is made of up retail consumers, they will go for the numbers....it's all about the money.8-bit wrote:Imagine PC manufacturers that are told by MS that they have to implement the MS version of a BIOS jumping en-mass to linux.
nooby wrote:I found this.
Stand up for your freedom to install free software
https://www.fsf.org/campaigns/secure-bo ... /statement
Has anyone actually tried to run Puppy on one of these machines and failed? I don't have any new machines readily available to try myself.Most Lenovo, HP, and Dell computers ship with UEFI, and other manufacturers are not far behind.
[b]Tahr Pup 6 on desktop, Lucid 3HD on lappie[/b]
My impression has been that the restricted bootloader process that M$ has developed will not function without signed keys, and that it would therefore be impossible to use even a new motherboard that was "Ready for Win8!"
If the BIOS won't boot without a signed key for the OS bootloader, then no CD will boot the machine, no DVD will boot the machine, no usb flash drive will boot the machine, and it would therefore be impossible to install Linux or BSD or Gnu/Hurd to the new computer.
In fact, it would be impossible to run a live distro at all, which means, as someone has already mentioned, forget about using Puppy or Parted Magic to fix someone's Windows 8 box if they get loaded down with little nasties...
Develop a new bootloader for Linux? It could not be open source. No open source license that I know of would allow such a restricted signature which locks out the bootloader from being changed at the source code level. It seems to me we would be talking about introducing a proprietary program to boot our open source OS, and that's a contradiction of all the freedoms we have fought for in all of our communities.
Of course, there will always be old machines to play with. But even the option of building a brand new machine will change as the motherboard manufacturers bring out their "Ready for Win8" products: the best we could hope for is a diminished list of options, and in the worst case, all the i686 mobos in the world will become useless to us.
This is now war, and M$ has shown its true face --again. Remember the leaked Halloween memo of the late 90's? Micro$ was making a bid to re-engineer the standards of the Internet so that only a Windows machine could access the Web. That didn't succeed, but it shows that they only care about making sure that every computer user MUST use their product, so they can continue to become richer and more powerful.
The computers and parts that are available right now are very powerful, and should be useful for a reasonably long time. I say we persevere for as long as we can, and if they let us continue to use the Internet in the future, at least we can smirk as we think of how little of our systems resources are being drained just to run an OS.
If the BIOS won't boot without a signed key for the OS bootloader, then no CD will boot the machine, no DVD will boot the machine, no usb flash drive will boot the machine, and it would therefore be impossible to install Linux or BSD or Gnu/Hurd to the new computer.
In fact, it would be impossible to run a live distro at all, which means, as someone has already mentioned, forget about using Puppy or Parted Magic to fix someone's Windows 8 box if they get loaded down with little nasties...
Develop a new bootloader for Linux? It could not be open source. No open source license that I know of would allow such a restricted signature which locks out the bootloader from being changed at the source code level. It seems to me we would be talking about introducing a proprietary program to boot our open source OS, and that's a contradiction of all the freedoms we have fought for in all of our communities.
Of course, there will always be old machines to play with. But even the option of building a brand new machine will change as the motherboard manufacturers bring out their "Ready for Win8" products: the best we could hope for is a diminished list of options, and in the worst case, all the i686 mobos in the world will become useless to us.
This is now war, and M$ has shown its true face --again. Remember the leaked Halloween memo of the late 90's? Micro$ was making a bid to re-engineer the standards of the Internet so that only a Windows machine could access the Web. That didn't succeed, but it shows that they only care about making sure that every computer user MUST use their product, so they can continue to become richer and more powerful.
The computers and parts that are available right now are very powerful, and should be useful for a reasonably long time. I say we persevere for as long as we can, and if they let us continue to use the Internet in the future, at least we can smirk as we think of how little of our systems resources are being drained just to run an OS.
arcanis thanks for confirming what I read in IDG. I fail to find itr again.
But it was about what you say this way.
some success selling it to European Union to make a law that not a single ISP
would allow a computer to go out on internet without those signatures of approval from MS.
That is how I remember it but my brain has a poor memory access.
But it was about what you say this way.
As I get it them renewed this and talked about it lately and that them hadThis is now war, and M$ has shown its true face --again.
Remember the leaked Halloween memo of the late 90's?
Micro$ was making a bid to re-engineer the standards of
the Internet so that only a Windows machine could access the Web.
some success selling it to European Union to make a law that not a single ISP
would allow a computer to go out on internet without those signatures of approval from MS.
That is how I remember it but my brain has a poor memory access.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
So, will this also mess with dual-boot setups, or setups like Boot Camp on Macs? I'd imagine virtualization might have a little difficulty with it, at first (though they'll probably have a work-around, in time...).
[ Puppy 4.3.1 JP, Frugal install ] * [ XenialPup 7.5, Frugal install ] * [XenialPup 64 7.5, Frugal install] * [ 4GB RAM | 512MB swap ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Interesting article
http://arstechnica.com/business/news/20 ... launch.ars
Directly from Microsoft
http://blogs.msdn.com/b/b8/archive/2011 ... -uefi.aspx
http://arstechnica.com/business/news/20 ... launch.ars
Directly from Microsoft
http://blogs.msdn.com/b/b8/archive/2011 ... -uefi.aspx
At the end of the day, the customer is in control of their PC. Microsoft’s philosophy is to provide customers with the best experience first, and allow them to make decisions themselves. We work with our OEM ecosystem to provide customers with this flexibility. The security that UEFI has to offer with secure boot means that most customers will have their systems protected against boot loader attacks. For the enthusiast who wants to run older operating systems, the option is there to allow you to make that decision.