Spanish Linux users launch legal challenge to Microsoft’s secure boot

The problem is that it is difficult to buy a mainstream computer that does not already have Windows 8 installed – but once installed, the secure boot mechanism makes it difficult if not impossible to install an alternative operating system such as Linux.

The problem and issues are most easily understood by analogy with Apple’s iOS. This, along with other mobile devices other than Android, operates a secure boot mechanism; that is, once purchased, only the installed operating system will work. This makes the device attractive to business because of the increased security it provides; but makes it less attractive to those individuals who want to use the device in a manner not allowed by the operating system. Secure boot is effectively what lies behind the jailbreaking movement for iOS – the Spanish Linux users effectively want to jailbreak Windows 8 so that they can add Linux to the device.

It is both a challenge to the rights of ownership, and “is absolutely anti-competitive," lawyer and Hispalinux head Jose Maria Lancho told Reuters. "It's really bad for the user and for the European software industry."

At start-up, the secure boot mechanism uses keys registered in firmware to confirm that the operating system’s bootloader and kernel have not been altered. “The idea is to avoid situations where malware modifies the operating system or boot process itself as part of its camouflage mechanisms,” explains Heise Online. “Microsoft requires that machines sold with Windows 8 pre-installed are configured to use this mechanism to validate the operating system.” But since the majority of PCs are sold with Windows already installed, those computers are basically forever tied to Windows.

Microsoft spokesman Robin Koch does not believe that this is anti-competitive. "We are happy to answer any additional questions but we are confident our approach complies with the law and helps keep customers safe,” he told Reuters.

For now, the official European Commission view seems to support this. In a written answer to a parliamentary question on March 4 this year EU Competition Chief Joaquin Almunia said, “The Commission is monitoring the implementation of the Microsoft Windows 8 security requirements. The Commission is however currently not in possession of evidence suggesting that the Windows 8 security requirements would result in practices in violation of EU competition rules as laid down in Articles 101 and 102 of the Treaty on the Functioning of the European Union. In particular, on the basis of the information currently available to the Commission it appears that the OEMs are required to give end users the option to disable the UEFI secure boot.”

It now remains to be seen whether Hispalinux can change his opinion.

What’s Hot on Infosecurity Magazine?