Microsoft is killing Linux shops with Secure Boot

So Microsoft demands(!) that all x86 PCs and laptops which are sold in its certification program have to have Secure Boot easily disable-able in the BIOS/uEFI by the end user...

So these Linux-computer companies either buy laptops from manufacturers directly or produce their own, but somehow the laptops they're buying are unable to have Secure Boot turned off even though that is the industry standard and literally what every single laptop retailer's laptops do?

This whole thing makes no logical sense at all.

I totally doubt that anyone is producing x86 laptops where you cannot disable Secure Boot, if for no other reason that it would make these laptops ineligible for Windows/Microsoft certification which consumers care about.

These companies might be going out of business, but trying to tie it to Secure Boot is nonsensical.

Plus on top of everything I just said several Linux distributions now support Secure Boot out of the box. So these companies don't even have to go into the BIOS/uEFI and change the settings, just install Ubuntu like they always have.

So OP: PROVE that Secure Boot is the cause of these companies going under? Or at least explain the logic to it.

- It used to be that most technical people ( and some non-technical) would buy desktops. You can sidestep the Windows tax and attendant issues by building a desktop (from parts you know work well with Linux), and maybe hit a competitive price in the high end. Now that desktops are a tiny sliver of the market, these stores are enslaved by OEMs, reboxing existing laptop designs.

- Starting from the same wholesale price, Linux resellers 'add value' by installing Linux. But this value-add isn't really apparent to a large enough audience - there isn't enough public awareness, and people aren't willing to pay a premium. Especially if they're competent enough to install Linux themselves. In my experience people expect ANY OS to be free; when we used to try and sell Win XP as an upgrade (over 2K), people were aghast that the software cost money.

- People want free support if you sell them on Linux. If they nuke the system, you either scare them off with your hourly service rate, or you eat the cost of the labour and go broke.

- So the vendor either charges a higher sticker price and doesn't sell many, or eats the labour cost for developing Linux support, fixing and reboxing laptops and tries to make up the tiny (or even negative) gross margin on volume.

When I moved to a bigger chain store, they subsidized the low-margin laptop market by aggressively pushing house-brand accessories: cables, cases, blank media, printer ink. These small stores are typically much less aggressive about selling high-margin commodities along with a system (it's harder to do with less capital, space and by mail).

So it isn't a problem of freedom and choice. It isn't a problem of Microsoft crushing little independents (not consciously). The computer business is very hard to do well at small scale, and you should expect that on a medium time-scale most will die. This is only exacerbated by the rush to laptops, then tablets and smartphones, where it's impossible to differentiate.

1) SecureBoot on WART (windows on ARM) 2) SecureBoot on x86/64

The first issue (WART) is easily explained. Microsoft stipulates that ARM vendors may not accept any other operating system than Windows to run. This is a case where one company (Microsoft) colludes with other companies (Asus etc.) to create a product that is closed to the competition.

The second issue (x86/64) is more nuanced. Microsoft stipulates that other OSes need to be able to run on these devices. However to do so one has to obtain a boot key from microsoft. The bios mechanism to restrict boot also has to work. There are a couple issues with this: 1) microsoft so far has issued barely any secure boot keys 2) Obtaining a secure boot key costs money 3) Microsoft can revoke those keys at any time 4) The implementation of secure boot on some devices is hardcoded to windows and won't work otherwise

Both topics are not a "market issue" because there are multiple companies involved, many of which are monopoly holders in an area or other. Dell/HP/Asus etc. are monopoly holders to personal computing hardware. And Microsoft is a monopoly holder to personal computing operating systems. When you get multiple monopoly holders banding together forming one company, you are talking of a syndicate. Syndicates are explicitely forbidden to be formed under monopoly laws. Thus Microsoft and its OEMs are in deep shit, at least in theory.

Perhaps the market is just too small to make financial sense, or these Dutch shops have no money.

I used the Wayback machine to have a look at the products and the results are not too exciting. For example, a year ago, the 1.9kg Mingos LT-13-2 laptop had a 1.3GHz Pentium, 2GB of RAM and a 160GB hard drive for €540.00 ($708) with Ubuntu.

http://web.archive.org/web/20120603005911/http://www.mingos....

I can't see how any rational person would buy that, even if they were totally clueless, rabid anti-Microsoft fanboys. It's not like installing Ubuntu is hard ...

This whole thing makes no sense.

> http://linuxcomputers.nl/

They don't appear to even mention secure boot as the reason, but pricing, margin and lack of interest, both from consumers as from vendors.

Previously they could buy branded laptops (HP, Lenovo, and such) without Windows. Consumers can already buy such laptops with Windows, and then install Linux on them. These shops made it possible to buy laptops free of Windows, so without having to pay "Windows-tax".

Hettes.nl have received an outpouring of support and have started a petition with the intent to get this practice of product tying discussable in the Dutch House of Representatives and in a well known Dutch consumers' rights television show, and raise awareness of this to the European Union.

They write (my translation):

"At this moment we are receiving many comments about the stopping of Hettes.nl, also on the Internet we are mentioned multiple times and many visitors of Hettes.nl are disappointed that we are stopping. Because of these comments we want to start a petition to make the Dutch government and the European union see that this product tying should stop and that it should be possible to buy computers (any brand) without Windows. So that we can offer computers without Windows to consumers that prefer other operating systems!"

The petition is the link in the last paragraph on this page: http://www.hettes.nl/hettes-stopt

Edit: added translation of Hettes.nl paragraph about their petition.

https://www.system76.com/home/shippinginformation

My words in your ears, dear friends. We have to stop the engine of slavery, the software that limits our hardware, it will limit our horizon when we allow it mature and manifest itself within our technology. Viva Freedom!

Secure boot is evil until we can provide our own key. Even if GNU keys are permitted, it is still bad enough.

[1] https://www.system76.com/

simple issue of hardware and operating system separation.

First, I completely fail to see what this has to do with Secure Boot. If you're a System Builder and you're able to install Linux but are unable to turn off a checkbox in the settings, then you're a shitty system builder and deserve to have your business shut down.

Second, I completely fail to see what this has to do with Windows 8. The main complaint seems to be that the big OEMs are not shipping laptops without Windows being already installed. Wasn't this true with Windows 7 too?

It looks like the magic words "Windows 8 Secure Boot" were included in the headline and post only to gain HN karma points.

If you're a business and want laptops without an OS, you need to go to the ODMs like Clevo, Compal, Asus, MSI, Quanta, Wistron, Mitac, Arima and Invente. http://en.wikipedia.org/wiki/Original_design_manufacturer

They will happily sell you laptops in bulk without an OS installed. For example http://www.system76.com does exactly that.

Looks like the computer shops linked seem to just want Lenovo to sell them bare laptops so they can skim a profit by just loading Linux on them and then selling them for a higher price. Guess what, Lenovo doesn't want to increase their costs by creating a separate assembly line process which won't make them any money.

Asus sells barebones laptop kits if I am not mistaken.

It's interesting how yelling "OMG WINDOWS 8 SECURE BOOT!!!" gets you a lot of karma here even though it has nothing to do with the issue at hand.

The user is in control of the PC. They can load any key they trust or roll their own personal key and even remove Microsoft's key to prevent Windows from booting on their computer.

I don't see why tens of millions of PCs used by non-technical people should be susceptible to undetectable rootkits out of the box just to appease some stupid system builders who can't find the setting to turn it off in the BIOS menu.

Speaking for myself, I sent a private e-mail to Neelie Kroes saying that I support the position of HispaLinux and that I regard it as an anticompetitive, exclusionary practice for there to be only microsoft's encryption key by default on all new motherboards, to the exclusion of say the GNU/Linux community's key.

But there's only so much one private e-mail can do.

The winner is always who has the big money. They don't need to put an encryption key in motherboards. They do this f.cking shit already without key.