Microsoft has been discovered to have changed its requirements for the upcoming ARM version of Windows 8. The change essentially will prohibit ARM devices, including PCs, from running operating systems other than Windows 8 after they ship to customers.
Specifically, Microsoft recently amended its requirements for ARM Windows 8 System Builders. Unlike Windows 8 for Intel-compatible (x86 & x64) machines, the ARM version of Windows 8 will not be sold to the public. To purchase an ARM version of Windows 8, you will have to purchase a device with it pre-loaded (similar to Windows CE devices today, such as Windows Phone). The new requirement calls for utilizing UEFI Secure Boot, a technology that forces manufacturers to instruct devices to boot code certified by the manufacturer for the device.
For consumers, this is similar to locking the bootloader on a smartphone. This is a common practice on mobile phones that secures the device, but blocks running modified or alternative operating systems. Many manufacturers now allow consumers to bypass (or “unlock”) the bootloader lock on select devices (and at times, wireless providers).
In settlements with the Department of Justice during the mid 1990s, Microsoft agreed to not block or prevent PCs from running alternative operating systems, such as Linux. If Microsoft allows Windows 8 for ARM to ship on any device that could be considered a Personal Computer, they could be in violation of this. Such settlements called for other, more trivial actions, such as Microsoft agreeing to laughable acts such as giving away copies of Linux software.
This move even comes after Microsoft specifically noted in the Windows 8 ARM announcements that they would not provide any interruption of ARM’s hardware to boot and access other platforms. Manufacturers are still free to do so if they choose, and often do on embedded devices.
Still, the consumer has been free to make the decision to purchase such a device or not. In the enthusiast community, it is commonplace to replace ARM-based Windows Mobile 6 with Google’s Android.
It is quite likely even without the PC requirement that Microsoft would still be in violation of the United States v. Microsoft settlement. The requirement of UEFI Secure Boot would require Linux and other operating systems to be securely signed by the device’s manufacturer, making them complicit with Microsoft in helping the company maintain its monopoly on UEFI based hardware. The only other EFI machines common in the industry today, are Apple Macintosh computers, which hold a small fraction of the marketplace, arguably below ten percent.
Fears of Microsoft demanding UEFI Secure Boot had persisted since the announcement that Windows 8 ARM would utilize UEFI, a technology pioneered by Intel and first used in mainstream computing by Apple. Repudiation of the move by consumer groups has been almost instantaneous, but if the move is actually a form of antitrust or settlement-breach has been less consistent.
Some argue that Windows 8 ARM does not, at this point, present itself as a solution for mainstream personal computing. These arguments are similar with those that Apple’s iPad, and other ARM tablets, are not personal computers, but rather complimentary to the PC ecosystem.
Apple, which now holds the largest single-manufacturer share of the smartphone market, does lock its bootloader on ARM devices, prohibiting users from selecting another operating system. On the Mac, it’s a different story, the company embraces users installing, or even replacing Mac OS X with Windows, via the Boot Camp initiative. Hackers have also managed to install Android on many Apple iOS devices, however Apple routinely thwarts exploits which enable the process, resulting in a continual cat-and-mouse game.
For Microsoft to comply with the rules of UEFI Secure Boot, and allow for compliance with US v. Microsoft settlements, Windows 8 for ARM would have to provide its own ability in its bootloader to allow for other operating systems to load. Such a move is highly unlikely, and would require complex and major modifications to other’s operating systems… possibly including utilizing open technologies that Microsoft has repeatedly claim infringe on their patents. Microsoft has demanded royalties for using the FAT file system on Android devices, as well as Google Chrome OS devices, for example.
Many, if not all of the terms of the settlement expire this year at the latest. This could indicate that Microsoft was waiting until the expiration of the settlement terms to make such a move. However, Microsoft is clearly aware of the antitrust ramifications that prompted such a settlement, and refusing to allow a PC-like device to boot other operating systems could create for a second wave of breaches of the same antitrust statutes.
Securing bootloaders, UEFI Secure Boot aside, remains controversial. Many in the technology industry insists it is necessary to secure machines from rootkits and other low-level hacking tools that undermine device security. Others however view it as security through obscurity, citing vulnerabilities in bootloaders, and planned obsolescence in hardware’s firmware. UEFI Secure Boot does allow for manufactures to sign multiple operating systems, but updates or other modifications that are common can break such security, leading to a perpetual need for firmware updates, testing, and certification of software.
In the Linux world, software is maintained in a free, open source state, making such certification nearly impossible to offer on a widespread basis. Solutions that rely on Linux, such as Google’s Android and Canonical’s Ubuntu, provide managed/customized versions of these open platforms, but mandating UEFI Secure Boot would prevent up-and-coming platforms from starting up altogether. This stifles innovation, and applied globally, would make building a Linux startup nearly impossible as the world moves to a primarily a two-architecture universe (x86 and ARM).
Windows 8 will mark the first version of the operating system where Microsoft will have a single, monolithic kernel that spans nearly all device form factors. It is all but assured that at least some form of Windows 8 Phone will share the Windows 8 kernel, but will likely not be released until mid or even late 2013. Less clear is the future for Windows Embedded Compact (aka Windows CE), the embedded alternative to mainstream Windows, which will likely continue to exist for lower-end hardware and embedded solutions.
It’s no surprise that everyone at PhoneNews.com opposes the demand for Secure Boot in Windows 8. Manufacturers have always been free to require Secure Boot on devices, based on the clients wants, needs, and requests when ordering them. There is no need from an architectural standpoint that we can see for this demand.
No comments:
Post a Comment