Recent Features
| |||||||||||||
Garrett: UEFI secure bootingGarrett: UEFI secure bootingPosted Sep 20, 2011 20:37 UTC (Tue) by cesarb (subscriber, #6266)In reply to: Garrett: UEFI secure booting by kleptog Parent article: Garrett: UEFI secure booting
> I think it would be worthwhile thinking about what an acceptable solution would look like.
Make it easy to temporarily allow anything to both boot and add new keys to the trusted store. For instance, the same key combination you already have to use to boot from the install DVD could do this. Then it is a simple matter of changing the OS installer to add its key to the trusted store (either a fixed one or a new one generated on the fly). This keeps the install of a new operating system almost as easy as it currently is (it would only break Windows-based OS installers), while completely blocking software-only malware (the only way to bypass would be with hardware pretending to be an USB keyboard).
It could also have a disable switch on the firmware setup screen, much like the on every system I have seen so far with a TPM (but that is much less discoverable for users who just want to install from a DVD).
> Now Linux is big enough that it will merely be worrysome.
Linux might be big enough, but Linux hardware OEMs are not that big AFAIK. With the exception of Asus netbooks, every Linux desktop/laptop computer I have personally seen either originally had Windows installed by the OEM or was built from components (including a blank HD). And when the big OEMs have a Linux option, it is as far as I have seen only on lower-end hardware (as if the only reason to use Linux were lower prices!), or on servers.
That is, most people end up buying a computer with Windows preinstalled, even if they end up using Linux. If this makes it impossible to install Linux on these computers, it would for instance make it much harder for new people to try Linux.
(Log in to post comments)
In this particular case it's good thing :-) Posted Sep 20, 2011 22:36 UTC (Tue) by khim (subscriber, #9252) [Link] Linux might be big enough, but Linux hardware OEMs are not that big AFAIK. Right - but in this particular case it's good thing. With the exception of Asus netbooks, every Linux desktop/laptop computer I have personally seen either originally had Windows installed by the OEM or was built from components (including a blank HD). Right. That's because big companies have no interest in such an offers. They buy a lot of computers (groups of 100 or so) and then selectively install Windows or Linux on them. For that to work they need system with Windows preinstalled (yes, even if you install your own "Corporate" version of Windows you still need computer with Windows pre-installed). Microsoft forbids dual-use models, and pure Linux system is pretty useless for said companies. What does it mean? Few things. And when the big OEMs have a Linux option, it is as far as I have seen only on lower-end hardware (as if the only reason to use Linux were lower prices!), or on servers. It's not the only reason, but only people who are conting every penny buy these "Linux options". Everyone else just pays the "Microsoft tax" for their Linux computers (see above).
In this particular case it's good thing :-) Posted Sep 21, 2011 1:11 UTC (Wed) by Trelane (subscriber, #56877) [Link]
> Everyone else just pays the "Microsoft tax" for their Linux computers (see above).
And they're the reason we can't have nice things. I swear, some days it seems like the smartest thing Apple ever did was make it so you could only install OSX on known-good computers.
In this particular case it's good thing :-) Posted Sep 21, 2011 1:12 UTC (Wed) by Trelane (subscriber, #56877) [Link]
I find it amusing that, as perhaps pointed out above, locking down *everything else* is equivalent to locking down Linux (namely, if you can't use Linux on it, you're forced to buy Linux PCs to run Linux). :)
In this particular case it's good thing :-) Posted Sep 21, 2011 1:15 UTC (Wed) by Trelane (subscriber, #56877) [Link]
Just realized something else:
Consumer and Business computers are not the same now; there's no reason to expect that this will cease to be the case.
In this particular case it's good thing :-) Posted Sep 22, 2011 3:20 UTC (Thu) by dps (subscriber, #5725) [Link]
My office has dual uses boxes---they come with windows but the first thing that happens is replacing it with Linux. In some circumstances we will run windows via kvm, and a windows licence maybe useful for doing this.
The boxes are not strictly dual boot---the BIOS always loads ubuntu. Nobody ever runs windows on the bare metal, except perhaps a separate (and lower spec) windows laptop.
Trying Linux Posted Sep 22, 2011 11:10 UTC (Thu) by NRArnot (subscriber, #3033) [Link]
Actually, the best way to try Linux on a Windows system these days is to run it as a VM under Windows. If you are doing this for a friend, colleague or casual acquiantance, it also has the advanatage that you don't have to do anything like repartitioning the disk, that might break Windows or lose their data, and make them very unhappy with you.
Download VMware player (free beer).
Download a ready-to-go trial Linux image, or install the Linux of your choice into a new VM.
I'm assuming that the machine has enough RAM. These days, most do, and many of the rest or older systems are upgradeable for peanuts (which will also make Windows run faster).
There's a significant class of users who won't ever break away from Windows, because they are tied to some piece of Windows-only software by their employer (for example a VPN "solution"), their professional body, their kids' school, their choice of hobby, etc. etc. Running Linux as a VM is superior to dual-boot for anyone in this situation. The other option is running Windows in a VM under Linux.
|
|||||||||||||