As most PC users know by now, Microsoft has given us a glimpse into what will one day be the Windows 8 operating system. Leaving aside the many changes in the new OS – it's a major shift from what we've previously seen from Microsoft – there's an extra feature included with Windows 8 that has some of us concerned.
The new feature in question is called Secure Boot. It's designed to act as a security tool for PC users. However, there's some concern as to whether this function will be enabled without a clear way of disabling it should someone wish to do so.
In other words, with Secure Boot enabled, you wouldn't be able to install your favorite Linux distro on that machine.
Turning off Secure Boot
Over the past few days, some Linux enthusiasts on the Web have wondered: why can’t a user can't simply turn it off?
This is difficult to answer since the final call is with the OEM and not with Microsoft. The problem with this is that we don't know how each OEM using Secure Boot is going to handle the option to disable it. I think we'd like to believe that most OEM computer sellers are wise enough to make this a readily available option, but the reality is that it's all speculation at this point.
Another issue is that most casual PC users aren't going to be too enthused about having to do anything extraordinary just to get their computers ready to install Linux. Even with an off switch in computer BIOS, Secure Boot could still be a significant stumbling block for some.
And even if disabling Secure Boot in the BIOS is simple to do, the fact is that Linux newbies who aren't aware that Secure Boot even exists will only find themselves frustrated when their distribution won't install as expected.
Dangers of a Windows sticker
One of the future requirements of a PC OEM offering a Windows sticker on their new Windows 8 PCs will be making sure Secure Boot is enabled by default. Perhaps that’s not a big deal.
As I mentioned above, all one might have to do is turn this feature off. But what if some OEMs only allow Secure Boot to be disabled once per boot up?
I realize that this might seem unlikely, however if this security feature is to be taken seriously, there is a very real possibility that any disabling feature might be limited to a single boot up.
Do you think that I'm overreacting? Consider the possibility that some OEM providers might see the option to permanently disable the Secure Boot as a security risk. And because the Windows sticker clearly says the PC is made for Windows 8, the idea that an older version of Windows could be installed is not officially supported anyway.
These two things together could demonstrate that a "per boot failsafe" for Secure Boot might make sense. After all, the feature isn't doing anyone any good if it's disabled!
So the big question is: will we be able to bypass Secure Boot as easily as Microsoft is currently indicating? I think that it's going to be a mixed set of circumstances, considering every OEM is bound to handle Secure Boot a little differently.
Then again, perhaps this will open new opportunities for smaller computer vendors?
Opportunities for Linux-only vendors
I must admit that to a small degree, I "almost" hope that Microsoft-friendly OEMs shoot themselves in the foot by only allowing per-boot disabling of the Secure Boot function.
This would open brand new opportunities for existing Linux-only PC vendors. Short of someone building their own computer out of purchased parts, these Linux-only vendors would then become the only logical choice for existing Linux enthusiasts.
The obvious downside to this is that owners of existing Windows 8 computers may not be able to try Linux themselves on their existing PCs. This may only be speculation at this point, but I believe this could be a likely possibility.
This development could put a real slow down on Windows 8 users’ move toward trying Linux for the first time. The problem is that I don't know who the responsible party would be should this Secure Boot effort go badly.
Blaming OEMs or Microsoft
I hesitate to put the blame anywhere yet as Secure Boot isn't even an issue yet. However, at the same time, it's clear that Microsoft has devised something brilliant for themselves here.