dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4739
share rss forum feed


FF4m3

@rr.com

Complaint Against MS 'Secure Boot' Filed By EU Linux Group

Linux users file EU complaint against Microsoft:

A Spanish association representing open-source software users has filed a complaint against Microsoft Corp to the European Commission, in a new challenge to the Windows developer following a hefty fine earlier this month.

The 8,000-member Hispalinux, which represents users and developers of the Linux operating system in Spain, said Microsoft had made it difficult for users of computers sold with its Windows 8 platform to switch to Linux and other operating systems.

In its 14-page complaint, Hispalinux said Windows 8 contained an "obstruction mechanism" called UEFI Secure Boot that controls the start-up of the computer and means users must seek keys from Microsoft to install another operating system.

The group said it was "a de facto technological jail for computer booting systems ... making Microsoft's Windows platform less neutral than ever".

"This is absolutely anti-competitive," Lancho told Reuters. "It's really bad for the user and for the European software industry."

A spokesman for EU Competition Chief Joaquin Almunia declined to comment.

The European Commission has fined Microsoft, the global leader in PC operating systems, 2.2 billion euros ($2.83 billion)over the past decade, making it the world's biggest offender of European Union business rules.

Microsoft broke its 2009 pledge and was fined 561 million euros by the EU Commission on March 6 for failing to offer users a choice of web browser.



GILXA1226
Premium,MVM
join:2000-12-29
Dayton, OH

1 recommendation

Isn't this as easy as 1. 'turn off secure boot', 2. install linux. Unless they mean the ARM version, in which case I could understand only if they've also filed a complaint against Apple for the IPad.
--
We don't give a d@mn for the whole state of Michigan... we're from OHIO! O!H! ... I!O!



FiReSTaRT
Premium
join:2010-02-26
Canada
Reviews:
·Velcom

1 recommendation

said by GILXA1226:

Isn't this as easy as 1. 'turn off secure boot', 2. install linux. Unless they mean the ARM version, in which case I could understand only if they've also filed a complaint against Apple for the IPad.

Which is WAAAAY over the head of your typical user of the "Ubuntu operating system"
--
If you have an apple and I have an apple and we exchange these apples then you and I will still each have one apple. But if you have an idea and I have an idea and we exchange these ideas, then each of us will have two ideas.
—George Bernard Shaw


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to FF4m3

The EU apparently hopes to solve its debt crisis by constantly dreaming up ways to sue Microsoft. Who they somehow believe is still a dominant player. Despite the constant and dire suggestions that it is rapidly becoming irrelevant.

--
My place : »www.schettino.us


dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8

The EU executive is doing it under pressure from member country Finland, which owns most of Linus Torvalds.



Woody79_00
I run Linux am I still a PC?
Premium
join:2004-07-08
united state

2 recommendations

I for one have NEVER been in support of Secure Boot. Secure Boot shouldn't even exist at all. This suit has plenty of merit.

listen it comes down to "property right" either you "own" the physical hardware in the computer or you don't...which one is it?

Microsoft, or any other software vendor for that matter has the right to sell you software with whatever terms they want, they DONT however have the right to "modify" hardware settings they don't nor ever owned to begin with without the owners permission.

Secure Boot is not about security, its about MS doing anything they can to lock out competitors. MS just thinks like any other monopoly which is:

"Add 1 more step to the complexity of installing another OS and 8 out of 10 people won't understand or bother to do so"

Its important to understand, folks like us that make up this forum are the minority....80% of the population probably doesn't even know how to get into the BIOS, let alone understand or change UEFI Secure Boot...they will be intimidated and not mess with it.

also, messing with BIOS settings can render the computer unbootable depending on the hardware if you don't know what your doing.

If they were so adamant about this Secure Boot thing...it should have shipped with Secure Boot DISABLED by default...if the user wants to use it, it should have to be turned on....and only those who know what they are doing will use it.

By default when you buy a PC, the hardware belongs to you, and it should ship with ZERO restrictions or settings needing to be changed to install the software of your choice...this Secure Boot stuff is just nonsense...systems shouldn't even ship with it on...

its all about MS locking in users then about security....purely a marketing decision....The choice should be left up to the user, but the user should not be locked out by default....if he/she wants to lock themselves in, then that should be their choice...not MS and the OEM's making that choice for them.



GILXA1226
Premium,MVM
join:2000-12-29
Dayton, OH

said by Woody79_00:

Its important to understand, folks like us that make up this forum are the minority....80% of the population probably doesn't even know how to get into the BIOS, let alone understand or change UEFI Secure Boot...they will be intimidated and not mess with it.

And rightfully or wrongly so, those 80% wouldn't/couldn't care less whether they can install Linux/*BSD/*nix on there computer.

Again, I will ask where the complaint against Apple is.
--
We don't give a d@mn for the whole state of Michigan... we're from OHIO! O!H! ... I!O!


jimkyle
Btrieve Guy
Premium
join:2002-10-20
Oklahoma City, OK
kudos:2
Reviews:
·AT&T Southwest
reply to Woody79_00

said by Woody79_00:

Microsoft, or any other software vendor for that matter has the right to sell you software with whatever terms they want, they DONT however have the right to "modify" hardware settings they don't nor ever owned to begin with without the owners permission.

While I share your distaste for Secure Boot, the fact is that Microsoft did not modify any hardware setting on your computer. What they did do is require that the manufacturer build the machine with that setting turned on, in order to qualify for the "Win 8 compatible" logo.

They also require that the hardware include the ability to turn it off, for x86-based systems, but this requirement isn't present for ARM-based systems.

As the buyer, you have the option not to purchase a system that includes Secure Boot. Unfortunately, systems without this "feature" seem to be rarer than hens' teeth!

And some, if not most, manufacturers seem to have taken great pains to obscure that required "turn off" capability. To top it off, the claimed security doesn't exist, since a "shim" loader has been published and could be included in any malware!!!
--
Jim Kyle

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS
reply to Woody79_00

said by Woody79_00:

Ilisten it comes down to "property right" either you "own" the physical hardware in the computer or you don't...which one is it?

Neither. What you wrote is completely irrelevant (on intel hardware).

There's an on/off switch in the BIOS. If the switch is off, you can boot anything. If the switch is on, you can only boot signed binaries. The switch is under your control.

If the switch is on, the signing key must be known to the BIOS. Microsoft has said that if the vendor wants a Windows logo, there needs to be a Microsoft key. Microsoft has not said that there cannot be other keys.

Now, how does any of this mean you have lost control over the hardware?

and it should ship with ZERO restrictions or settings needing to be changed to install the software of your choice.

Right. So I shouldn't need to tell the BIOS if I want to use modern SATA disks on an operating system that doesn't support AHCI mode, because that somehow infringes my right of ownership?


Steve
I know your IP address
Consultant
join:2001-03-10
Foothill Ranch, CA
kudos:5

said by dave:

and it should ship with ZERO restrictions or settings needing to be changed to install the software of your choice.

Right. So I shouldn't need to tell the BIOS if I want to use modern SATA disks on an operating system that doesn't support AHCI mode, because that somehow infringes my right of ownership?

I agree with him; it's totally unreasonable to require you to set the boot-from-CD option in the BIOS when it could just figure it out from your intentions.


FF4m3

@rr.com
reply to FF4m3

Microsoft hit with competition complaint over Windows 8 UEFI Secure Boot

Hispalinux lawyer Jose Maria Lancho told Reuters that UEFI Secure Boot was a "de facto technological jail for computer booting systems" and that the feature was "absolutely anti-competitive".

In a blog post, Hispalinux points to what it considers potential breaches of Europe's antitrust laws and consumer laws.

Windows 8 obstructs competition by preventing any rival operating system to boot directly on the hardware, while the choice of the system on the hardware reflected an agreement between hardware manufacturers and Microsoft, not the consumer, it says.

According to Hispalinux, the agreements between Microsoft and hardware makers were prohibited under the European Union's Treaty Article 81.1 and 82, dealing with competition law, and several articles covering European consumer laws.

The European Commission is obliged to investigate any complaint it receives, and take action of any anti-competitive behaviour is found.

ZDNet has not received a response from Microsoft.



rexbinary
Mod King
Premium
join:2005-01-26
Plano, TX
Reviews:
·Verizon FiOS
reply to GILXA1226

said by GILXA1226:

Again, I will ask where the complaint against Apple is.

Apple supports loading other operating systems onto their Macintoshes, and even offers a free tool to assist.

»www.apple.com/support/bootcamp/
--
Verizon FiOS subscriber since 2005 | Mac owner since 1990 | Fedora user since 2006 | CentOS user since 2007 | "Anyone who is unwilling to learn is entitled to absolutely nothing." - graysonf | EDIT: I seldom post without an edit.

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8

All that bootcamp stuff is much easier than setting the 'secure boot' switch off in the BIOS, which is alleged to be beyond the capability of most Linux users.



GILXA1226
Premium,MVM
join:2000-12-29
Dayton, OH
reply to rexbinary

said by rexbinary:

said by GILXA1226:

Again, I will ask where the complaint against Apple is.

Apple supports loading other operating systems onto their Macintoshes, and even offers a free tool to assist.

»www.apple.com/support/bootcamp/

Goes back to my original question... if the group is complaining that Windows RT cannot be removed, then they also need to file suit against Apple. If they are just complaining about x86 based models, all they have to do is turn it off. This complaint seems very frivolous.
--
We don't give a d@mn for the whole state of Michigan... we're from OHIO! O!H! ... I!O!


EUS
Kill cancer
Premium
join:2002-09-10
canada
Reviews:
·voip.ms

1 edit
reply to dave

said by dave:

All that bootcamp stuff is much easier than setting the 'secure boot' switch off in the BIOS, which is alleged to be beyond the capability of most Linux users.

While your remark is sarcastic, and while it doesn't bother me to turn off secure boot, or self-sign a certificate, if I change "most" to "new" in your sentence, then I can understand why some are flustered by the added hoops to jump through.
Whether it's actionable, dunno.
--
~ Project Hope ~

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS

1 recommendation

OK, but to a large extent, what people are buying are computers that are sold as Windows systems with installed Windows software. We seem to be discussing a hypothetical person who's going to buy a Windows PC and then install Linux, but not be confident enough to crack open the BIOS setup.

I think we can ignore the bare-motherboard category of purchasers here, since they will have no difficulty with this.

That seems to leave us with PCs that are sold without software but which nevertheless have secure-boot enabled so they can get the designed-for-Windows logo. Will there be any of these?



EUS
Kill cancer
Premium
join:2002-09-10
canada
Reviews:
·voip.ms

Good question, my guess is no.
Personally, I fell into camp #1, and looking back, it was daunting enough to install a new o/s without having to think about BIOS.

That being said, Google wasn't around then, I relied on the thick book that came with a RH6 disk, and still couldn't get my modem to dial, because as you pointed out, it was built for windows.

Perhaps there's a trade off between amount of knowledge required to get things set up vs. the ease of getting the answers.
--
~ Project Hope ~



Steve
I know your IP address
Consultant
join:2001-03-10
Foothill Ranch, CA
kudos:5

said by EUS:

Good question, my guess is no.
Personally, I fell into camp #1, and looking back, it was daunting enough to install a new o/s without having to think about BIOS.

We're not talking about requiring a hex debugger here; it's hitting <F2> and using some arrow keys. This is not even in the same magnitude as installing an operating system.

Those who suggest that it's so daunting to change a BIOS setting are either intentionally being inflammatory, or are too dumb to use a computer in the first place.


EUS
Kill cancer
Premium
join:2002-09-10
canada
reply to dave

NM, thought it was eaten.



EUS
Kill cancer
Premium
join:2002-09-10
canada
Reviews:
·voip.ms
reply to Steve

said by Steve:

said by EUS:

Good question, my guess is no.
Personally, I fell into camp #1, and looking back, it was daunting enough to install a new o/s without having to think about BIOS.

We're not talking about requiring a hex debugger here; it's hitting <F2> and using some arrow keys. This is not even in the same magnitude as installing an operating system.

Those who suggest that it's so daunting to change a BIOS setting are either intentionally being inflammatory, or are too dumb to use a computer in the first place.

I don't see a problem with wanting to run a new O/S without having to learn everything about every single piece of the box.
--
~ Project Hope ~


Steve
I know your IP address
Consultant
join:2001-03-10
Foothill Ranch, CA
kudos:5

said by EUS:

I don't see a problem with wanting to run a new O/S without having to learn everything about every single piece of the box.

I don't see a problem with wanting to date Angie Harmon either, but I don't throw a whiney hissy fit when it doesn't happen.


EUS
Kill cancer
Premium
join:2002-09-10
canada
Reviews:
·voip.ms

1 recommendation

said by Steve:

said by EUS:

I don't see a problem with wanting to run a new O/S without having to learn everything about every single piece of the box.

I don't see a problem with wanting to date Angie Harmon either, but I don't throw a whiney hissy fit when it doesn't happen.

Who's whining?
You're the only one acting like a jackass.
--
~ Project Hope ~


Steve
I know your IP address
Consultant
join:2001-03-10
Foothill Ranch, CA
kudos:5

said by EUS:

Who's whining?

Huh? Suggesting that a single BIOS setting is that daunting is beyond ridiculous compared with installing an operating system, and it shows the heights (depths?) of petty that many go through just to complain about Microsoft.

Sheesh.


EUS
Kill cancer
Premium
join:2002-09-10
canada
Reviews:
·voip.ms

1 recommendation

It's a personal experience, on my first computer where I
Installed disk
Followed instructions
Reboot

I didn't want to think about BIOS, and more importantly didn't have to think about BIOS.

I do not see my complaint about MS.
But I guess that makes me dumb, or inflammatory, or a whiner, or a petty MS basher.
--
~ Project Hope ~


OZO
Premium
join:2003-01-17
kudos:2

1 recommendation

reply to FF4m3

This is not about security, it's about some company tries to silently grab and own computers, pushing other OS products away from customers.

If it was about security of the boot process, they would offer a vendor neutral solution. For example, 20 years ago I already had computers, that offered secure boot by protecting MBR. If some process was trying to make changes in it - I was asked to allow it or restrict. That was the way to protect from boot viruses and it worked very well.

Now, this "Secure Boot" offer is completely different. It's locks computer to specific OS and doesn't allow to boot any other OS's, unless you go deeply into BIOS settings and find out an option, that may change that (and for how long? the option may silently disappear one day in new computers)...

I'm sick and tired form bricked devices around me (modems, locked to one ISP, cell phones, required to pay third parties to unlock it from specific provider, etc). I realize, that it's all about money, the extra money they want to silently grab from consumers. I just don't like to be that fooled by their marketing consumer...
--
Keep it simple, it'll become complex by itself...



Steve
I know your IP address
Consultant
join:2001-03-10
Foothill Ranch, CA
kudos:5

1 recommendation

reply to EUS

said by EUS:

But I guess that makes me dumb, or inflammatory, or a whiner, or a petty MS basher.

"or" ?


FF4m3

@rr.com
reply to FF4m3

Article 81 of the EC Treaty (ex Article 85):

1. The following shall be prohibited as incompatible with the common market: all agreements between undertakings, decisions by associations of undertakings and concerted practices which may affect trade between Member States and which have as their object or effect the prevention, restriction or distortion of competition within the common market, and in particular those which:

(a) directly or indirectly fix purchase or selling prices or any other trading conditions;

(b) limit or control production, markets, technical development, or investment;

(c) share markets or sources of supply;

(d) apply dissimilar conditions to equivalent transactions with other trading parties, thereby placing them at a competitive disadvantage;

(e) make the conclusion of contracts subject to acceptance by the other parties of supplementary obligations which, by their nature or according to commercial usage, have no connection with the subject of such contracts.

2. Any agreements or decisions prohibited pursuant to this Article shall be automatically void.

3. The provisions of paragraph 1 may, however, be declared inapplicable in the case of:

- any agreement or category of agreements between undertakings;

- any decision or category of decisions by associations of undertakings;

- any concerted practice or category of concerted practices,

which contributes to improving the production or distribution of goods or to promoting technical or economic progress, while allowing consumers a fair share of the resulting benefit, and which does not:

(a) impose on the undertakings concerned restrictions which are not indispensable to the attainment of these objectives;

(b) afford such undertakings the possibility of eliminating competition in respect of a substantial part of the products in question.
Article 82 of the EC Treaty (ex Article 86):
Any abuse by one or more undertakings of a dominant position within the common market or in a substantial part of it shall be prohibited as incompatible with the common market insofar as it may affect trade between Member States.

Such abuse may, in particular, consist in:

(a) directly or indirectly imposing unfair purchase or selling prices or other unfair trading conditions;

(b) limiting production, markets or technical development to the prejudice of consumers;

(c) applying dissimilar conditions to equivalent transactions with other trading parties, thereby placing them at a competitive disadvantage;

(d) making the conclusion of contracts subject to acceptance by the other parties of supplementary obligations which, by their nature or according to commercial usage, have no connection with the subject of such contracts.


EUS
Kill cancer
Premium
join:2002-09-10
canada

1 edit
reply to Steve

Ah, nevermind.


dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS
reply to OZO

said by OZO:

For example, 20 years ago I already had computers, that offered secure boot by protecting MBR.

Which won't protect at all against something that (unknown to the system owner) overwrites the OS kernel file while running as root.

The only solutions I'm aware of to changing critical system files are:

(a) a return to disk drives with write-protect buttons, which requires an OS file system structure that never mixes writeable files with critical readonly-except-for-sanctioned-updates files.

(b) protecting the chain of control with crypto; which in turn leads to a key-handling problem [the MS solution to which is what I suppose most people are really objecting to]

It's locks computer to specific OS and doesn't allow to boot any other OS's,

You're misrepresenting the true situation here. The mechanism does not distinguish between specific operating systems. It restrict booting to OSes signed with a known key.

You surely know this, so I think this must be FUD.


firephoto
We the people
Premium
join:2003-03-18
Brewster, WA

2 recommendations

said by dave:

You surely know this, so I think this must be FUD.

The results in the real world differ greatly from how this secure boot and UEFI thing is touted in this forum. The hardware that is designed around windows that has no restrictions from disallowing it to work with other operating systems doesn't have any requirement that mandates that it works with other operating systems and I believe you were the one that finely worded your sentence to reflect this fact. MS allows some features with secure boot and UEFI but does not in any way require those features that can assist other operating systems or non-customers and that has left a a wide range of hardware that is microsoft friendly and buggy for other operating systems.

It's a money grab, a control grab, and a corporate ego that uses any method to stay relevant in a market they created through manipulation and deception.
--
Say no to astroturfing. actions > Ignore Author