Microsoft made its intentions known during its WinHEC conference in Shenzhen, China, in March, when it announced that in the case of hardware that was installed with Windows 10, it would be leaving the choice of having a means to turn off secure boot up to the vendor.
When secure boot was introduced by Microsoft, along with Windows 8, ostensibly as a means to improve security, it mandated that OEMs had to provide a means for turning it off on the x86 platform. It could not do otherwise as it has in the past been convicted of monopolistic trade practices.
Secure boot is a part of the specification for the Unified Extensible Firmware Interface (UEFI), the replacement for the motherboard firmware or BIOS.
When Microsoft implemented secure boot for Windows 8, it assigned the task of handling the key-signing authority to VeriSign. But since it controls this authority, any operating system that one attempts to boot on hardware which comes installed with Windows 8, will also have to support secure boot.
Else, one has to get into the UEFI interface and turn off secure boot.
The three main Linux companies Red Hat, SUSE, and Canonical — the last-named being the parent firm of the Ubuntu distribution — have each devised ways (1, 2, 3) to support secure boot. While some other distributions also do so, using the same code as that used by these three, many do not.
Thus, if it was impossible to turn off secure boot on a PC and one wanted to install Linux on it, then the only option would be to use a distribution that supported secure boot.
While the commercial offerings from these three companies come at a cost, all three have free distributions too – Red Hat has its community distribution Fedora, SUSE has openSUSE and Ubuntu is free for download and use.
That may be one reason why they are reluctant to offer any comment on Microsoft's new strategy. The strategy underlines the fact that Microsoft's old extend-embrace-extinguish methodology is still very much part of the company, no matter that the new chief executive Satya Nadella has made plenty of nice noises since he took over from the aggressive Steve Ballmer.
All three companies were asked about their reactions to the new Microsoft strategy. Red Hat's response through a PR person, after being reminded, was "Unfortunately, there is no available spokesperson to provide a comment at the moment."
SUSE's initial response, through its PR person, was: "The SUSE guys have been travelling a fair bit, hence the delay in responding to you on this. Can I find out if you're still planning to write a story on this or if you've decided to put this on the backburner as it'll determine how much I need to pursue this with SUSE."
When I confirmed that I was not asking questions of them to pass the time of day, the PR person responded: "Will get back to you in the next two days max with some responses." That was on April 1, hence one is unsure whether it was said in jest or not.
Canonical, the parent company of Ubuntu, appeared to be somewhat disoriented about the query. While their PR person said they would "come back with a response when we can", the next response seemed a bit odd: "We can't comment on forthcoming updates but we'll be in touch later on in April to advise on the features of the next update."
Microsoft was as evasive as it is usually. Initially, it was "I've passed this onto the Microsoft team who will be in touch." After a reminder, there was a response, again, curiously, on April 1, "...apologies – I believe my colleague ....... was reaching out to you." Apparently, the latter individual's reach was not long enough.
Back in 2011, when it was known that Microsoft was planning to implement secure boot, the Linux companies and the so-called Linux community too, turned a blind eye and got agitated much later on. This time is no different.
And you can always trust Linux companies and the Linux Foundation to stay mum whenever Microsoft ups the ante. Whether this is due to a lack of a backbone or just apathy is difficult to tell.