Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 07 May 2015 17:43

Microsoft's new secure boot strategy will suit Linux firms Featured


Linux companies Red Hat, SUSE and Canonical will benefit from the decision by Microsoft to suggest that OEMs not provide a means of turning off secure boot on PCs running Windows 10.

Microsoft made its intentions known during its WinHEC conference in Shenzhen, China, in March, when it announced that in the case of hardware that was installed with Windows 10, it would be leaving the choice of having a means to turn off secure boot up to the vendor.

When secure boot was introduced by Microsoft, along with Windows 8, ostensibly as a means to improve security, it mandated that OEMs had to provide a means for turning it off on the x86 platform. It could not do otherwise as it has in the past been convicted of monopolistic trade practices.

Secure boot is a part of the specification for the Unified Extensible Firmware Interface (UEFI), the replacement for the motherboard firmware or BIOS.

When a machine running Windows 8 installed by a PC vendor boots, an exchange of cryptographic keys takes place so that there can be verification that the operating system attempting to boot is the same that was installed. There are further key exchanges before the machine becomes usable.

When Microsoft implemented secure boot for Windows 8, it assigned the task of handling the key-signing authority to VeriSign. But since it controls this authority, any operating system that one attempts to boot on hardware which comes installed with Windows 8, will also have to support secure boot.

Else, one has to get into the UEFI interface and turn off secure boot.

The three main Linux companies Red Hat, SUSE, and Canonical — the last-named being the parent firm of the Ubuntu distribution — have each devised ways (1, 2, 3) to support secure boot. While some other distributions also do so, using the same code as that used by these three, many do not.

Thus, if it was impossible to turn off secure boot on a PC and one wanted to install Linux on it, then the only option would be to use a distribution that supported secure boot.

While the commercial offerings from these three companies come at a cost, all three have free distributions too – Red Hat has its community distribution Fedora, SUSE has openSUSE and Ubuntu is free for download and use.

That may be one reason why they are reluctant to offer any comment on Microsoft's new strategy. The strategy underlines the fact that Microsoft's old extend-embrace-extinguish methodology is still very much part of the company, no matter that the new chief executive Satya Nadella has made plenty of nice noises since he took over from the aggressive Steve Ballmer.

All three companies were asked about their reactions to the new Microsoft strategy. Red Hat's response through a PR person, after being reminded, was "Unfortunately, there is no available spokesperson to provide a comment at the moment."

SUSE's initial response, through its PR person, was: "The SUSE guys have been travelling a fair bit, hence the delay in responding to you on this. Can I find out if you're still planning to write a story on this or if you've decided to put this on the backburner as it'll determine how much I need to pursue this with SUSE."

When I confirmed that I was not asking questions of them to pass the time of day, the PR person responded: "Will get back to you in the next two days max with some responses." That was on April 1, hence one is unsure whether it was said in jest or not.

Canonical, the parent company of Ubuntu, appeared to be somewhat disoriented about the query. While their PR person said they would "come back with a response when we can", the next response seemed a bit odd: "We can't comment on forthcoming updates but we'll be in touch later on in April to advise on the features of the next update."

Microsoft was as evasive as it is usually. Initially, it was "I've passed this onto the Microsoft team who will be in touch." After a reminder, there was a response, again, curiously, on April 1, "...apologies – I believe my colleague ....... was reaching out to you." Apparently, the latter individual's reach was not long enough.

Back in 2011, when it was known that Microsoft was planning to implement secure boot, the Linux companies and the so-called Linux community too, turned a blind eye and got agitated much later on. This time is no different.

And you can always trust Linux companies and the Linux Foundation to stay mum whenever Microsoft ups the ante. Whether this is due to a lack of a backbone or just apathy is difficult to tell.

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News