We’ve seen a lot of hysterical comments in the past week or so about how Windows 8 is going to screw Linux by preventing Linux dual boots and installs. To be honest, it has been rather astounding the amount of misinformation that has been peddled.
The core of the issue actually has very little to do with Windows 8. The uproar is over secure boot. Secure boot is a feature of UEFI (Unified Extensible Firmware Interface), and UEFI is the PC firmware that is gradually replacing the antiquated BIOS system in newer PCs.
When enabled, the secure boot feature of UEFI allows only operating systems with a Trusted Certificate to start up. The certificate is generally loaded into the UEFI by the PC manufacturer. It’s kind of like the way that the Xbox will only run code that has been signed by Microsoft; the PC will only run an OS that has a proper encrypted key. A given PC can have certificates for multiple operating systems installed.
The point of this is to prevent boot-time viruses and other nastiness from running. Since the PC will only run authorised OSes, no virus will be able to execute in a pre-OS environment.
Now here’s where Windows 8 comes in. Microsoft’s licensing program for the Windows 8 logo requires that PCs ship with UEFI and secure boot enabled (and obviously with a Windows 8 key installed, though keys for other OSes might also be present). Not locked, just enabled by default.
Now, in theory, this could screw Linux and other non-Windows users, as well as people using older versions of Windows. PC manufacturers could release devices with secure boot locked, meaning that the only OS that the PC will ever run is Windows 8, since that’s the only OS it will boot. We don’t expect many manufacturers to actually do that, however – most will certainly allow you to switch secure boot off in the UEFI interface, or at least load new keys into the UEFI to allow more operating systems to run – but in theory, they might.
Of course, we all know that within five minutes of any such release the device will be jailbroken. More to the point, you don’t have to buy that device. Really, if you want to run Linux, don’t buy a PC that won’t run Linux.
So, for now, we’re seeing this as a storm in a teacup, and not something for most users to worry about. We may change our tune if all the major manufacturers start releasing OS-locked PCs, but there’s no indication so far that that will be the case.