Secureboot

Thanks to a tip from a colleague - Anshu, I found out further confirmation that the Secureboot issue, that I blogged about earlier, is going to bite us badly just as we expected. According to this post of the Software Freedom Law Center, Microsoft has recently revised it’s Windows 8 Hardware Certification requirements to lock out all alternative OSes from the ARM-based mobile devices that it ships on. The Certification Requirements define (on page 116) a “custom” secure boot mode, in which a physically present user can add signatures for alternative operating systems to the system’s signature database, allowing the system to boot those operating systems.

For those who aren’t aware of this, FSF (Free Software Foundation) has been running a campaign for the last few months about Microsoft’s malicious Secureboot initiative (which FSF calls restricted boot). Given the mostly Microsoft friendly corporate IT environments out there, I think this is one topic on which most employees should be very aware. A nice summary of the issue can be read up at: http://www.theregister.co.uk/2011/10/18/fsf_windows_8_campaign/ Apparently, Microsoft is practically arm-twisting OEM manufacturers to implement Secureboot to be able to install Windows 8 on their systems - it is a Windows 8 requirement.