FWIW, As a lawyer, I have a lot of trouble believing that assent to a contract you can't avoid, done specifically for the purpose of removing the contracted software, would ever be held to bind you to the terms and conditions of that contract.
In fact, i'd go so far as to say that if Microsoft ever actually tried to enforce, it would run them into serious regulatory trouble.
If push came to shove, i'm sure they would take the position that this was a hardware issue, and not their legal intention.
(I completely agree this is a ridiculous situation, and you shouldn't have to agree to anything. But it actually makes for great facts to fight a clickwrap fight on)
Thanks for that. That leaves just one legal issue that really needs to be raised:
How is it legal to _deny_ me full access (defined by the removal of all Microsoft software, something the European Commission has repeatedly upheld) until I have completed some Microsoft-controlled procedure? I don't want Windows on the machine.
Assuming I buy from the 3 largest vendors, excluding Apple, is it not anti-competitive to _lock_ me into it since no other option is offered?
Note: I realize that it may seem redundant to beat this dead horse again, but there's a really good reason so many are upset about Secure Boot. Of course, Microsoft mandates that Secure Boot can be disabled for Win8 logo compliance, which is neatly avoided in this case.
> In fact, i'd go so far as to say that if Microsoft ever actually tried to enforce, it would run them into serious regulatory trouble.
And Microsoft probably knows this, and would avoid it at all costs. But having an overly broad EULA helps them push around the n00b Linux installer who doesn't know any better.
Doesn't that directly contradict the hypothetical scenario presented in the article? Additionally, there's Windows 8 hardware out there already. Can the author provide no examples of this happening in real life?
From System.Fundamentals.Firmware.FirmwareSupportsUSBDevices:
The USB controller and USB devices must be fully enumerated when:
* Anything other than the Windows Boot Manager is at the top of the system boot order.
* A boot next variable has been set to boot to something other than the Windows Boot Manager.
* On a system where the Windows Boot Manager is at the top of the list, an error case has been hit, such that the firmware fails over from the Windows Boot Manager to the next item in the list.
* Resuming from hibernate, if the system was hibernated when booted from USB.
* Firmware Setup is accessed.
ie, it's not required for most normal boots on systems that already have Windows installed. System.Fundamentals.Firmware.FirmwareSupportsBootingFromDVDDevice merely states that the system must support booting from DVD, not that it must attempt to by default. And yes, I've observed this behaviour on real hardware.
Additionally, as point (18) on the page you linked to states:
Mandatory. Enable/Disable Secure Boot.
On non-ARM systems, it is required to implement the
ability to disable Secure Boot via firmware setup. A
physically present user must be allowed to disable
Secure Boot via firmware setup without possession of
PKpriv.
Doesn't this mean that (definitely on certified non-ARM systems, and possibly on some ARM systems) you can just enter the UEFI, disable secure boot, and boot your OS of choice?
Could the boot failure mechanism be exploited? I presume that Microsoft has a boot failure mechanism; after N failures to boot, firmware should turn off fast-boot. Is the display of the EULA screen considered a boot success? IOW, can you just reset the machine when you see the EULA screen a few times to get the ability to stop and adjust the firmware?
I suspect the EULA is considered a boot success, as it is bassicly just a program running in userspace. Having said that, you could still power-off during the actuall boot process. Or, if it behaves like BIOS fastboot, making minor changes to hardware configuration should trigger a full boot.
> In fact, i'd go so far as to say that if Microsoft ever actually tried to enforce, it would run them into serious regulatory trouble.
The main interest of Microsoft is to keep their OEMs in control. Even if it is legal for the end-user to circumvent the protection, the following will probably still hold true:
- Microsoft can still contractually bind their OEMs to implement the protection scheme
- Microsoft can still prevent installations on machines without protection
So, in the best case regulatory action will allow users with hardware implementing the protection scheme to install custom OS (i.e. free them from prosecution when cracking the protection scheme). There is no way of forcing Microsoft to allow installations or usage on devices not implementing the protection scheme or on devices where the protection scheme has been circumvented and this circumvention can be detected by the affected Microsoft OS.
Requesting for the linked page I get a message telling this resource is restricted by Russian Government because it "contains information restricted for propagation in Russian Federation". That's Rostelecom ISP. I could get the page using another ISP and don't see any "restricted information". Hm.
JFYI the whole dreamwidth.org is restricted, http://www.zapret-info.gov.ru should contain info what web resources are restricted in Russian Federation but it's taking too much time to load and times out.
My motherboard is Windows 8 certified and my USB keyboard works perfectly fine during boot. Additionally you can get Windows 8 to give you more boot options if you just keep rebooting while it is trying to start up. Eventually it will give up and attempt to repair your computer before asking what you want to do next.
Has anyone experienced the problems described in the article actually in practice or is the article purely theoretical?
The requirements only apply to systems that are Windows 8 certified, not individual components. If you built your system then it may support Fast Boot but not have it enabled out of the box. Motherboard manufacturers are unlikely to turn it on by default because it requires you to have a graphics card with a UEFI option ROM rather than a traditional VGA BIOS, and there's something of a chicken and egg problem in turning it off if you're using an older card.
I paid money (I don't know how much, but will be close to 50-100 dollars) for Windows 8 when I bought my Dell Inspiron Special Edition because it had good hardware, but Dell didn't provide an option to get it without the OS. It was the only affordable laptop available with 1080p screen. After a week of many annoyances, I decided to delete all the Windows partitions. After installing Ubuntu using Legacy boot, I tried to install a pirated Windows, but couldn't because there it couldn't be installed on a GPT partition. Installing an OS used to be easy.
There will always be an option to install Linux on x86 somehow. But I found really disturbing growing number of locked ARM systems. Perhaps we could start 'green' campaign; freely installing Linux on such devices expands their moral life-time and causes less emission.
See: Lenovo K800, Lava XOLO X900, or any of the new-ish X86 phones (Atom SoCs) with locked bootloaders that will only boot the pre-installed Android, or whatever originally came with the phone. You may revise and say "Sure, but I meant on the desktop..." but if current trends continue, tablets and phones will continue to supplant if not replace desktops/laptops for most users. Unless consumers put on the breaks and steer strongly towards open hardware, we're looking at a future with a lot of single-purpose/corporate-owned appliances IMHO. As usual, money talks, so: buy freedom.
Locked down ARM systems have far longer history than this fairly recent Win8 debacle. One of the most notable examples is TiVo, which led to the phrase "tivoization". I'd argue that the number of "open" ARM devices is what is growing with RasPi and others like it.
"always". What is this always scenario look like if MS decides to drop the "must allow legacy boot / disabling SB / enrolling key" requirement and only enroll theirs?
Not saying that will happen, I honestly don't think Microsoft cares that much (my own opinion, speculation based on Linux's market share despite my own love of it).
Just... "always" is a strong word. People used that word when talking about secure bootloaders on devices like Droid2, etc. Things that were ultimately only circumvented by kexec. Something that would be much different in a SecureBoot scenario.
I will try to verify this with the next Win 8 Ultrabook I get for testing. I am not sure, though, at least on my desktop (with EFI Bios), my USB keyboard gets initialized right away - might be different on notebooks.
How can Microsoft prove that you agreed to the EULA? AFAIK, they don't upload your acceptance to a server (accepting works without a network connection). So once you wipe the system and install another OS, you've also eliminated any evidence that you accepted the EULA, so how could Microsoft start a legal action against without evidence that you accepted the EULA?
I've always been very annoyed by the firmware initialize -> kernel reinitialize delay. If only we had open source standardized firmware on x86 there could be a common data structure to pass through validated firmware and its associated memory ranges to the payload. Maybe even an OS could write its device initialization library to ROM so the firmware could do diagnostic checks on all the present hardware before trying to do dangerous disk reads (hey coreboot).
The legal implications or the initial setup are not what worry me. But rather the issue when the OS gets hosed, and you have no method of booting into a recovery media.
I shouldn't have to agree to a contract for an OS I don't care to use in order to boot into the OS of my choice. Nor should I have to read the thing in order to see what I'm agreeing to just to boot into the OS of my choice.
Make no mistake, I have not been one of the hand-wringers over this whole secure boot thing. But this recent development could turn me into one.
What's wrong with me setting my user-agent to "By allowing me access, you waive all rights and policies regarding my access." and then viewing your website? Hint: it's about as enforceable as a EULA, but just as obnoxious and offensive because it presumes too much and oversteps bounds. Still, in the grand scheme of things, my UA string makes more sense, as putting something online is practically tantamount to putting it in the public domain, whereas you can't perform perfectly reasonable and otherwise legal acts with your legally owned property unless you violate most EULAs.
I don't see why this comment is being downvoted. Certainly, agreeing clicking through the EULA isn't ideal, but is it anything other than a theoretical nuisance?
I'm genuinely curious - does there exist some relevant and concerning precedent here?
If this turns out to actually become an issue, it would probably harm Microsoft more than anyone - and would be a boon to manufacturers willing to bundle Linux on pre-built machines (such as the Alienware x51 or "developer" x13). However, I sincerely can't see anything coming of this threat.
Speaking of the EULA, couldn't I just lie to my tablet?
Assume there's no communication back to Microsoft and no need for a license under copyright law. Couldn't I just click the "I agree" button while not actually accepting the EULA? Surely, the tablet itself can't be a party to a contract, right?
At least in previous versions of Windows you could click "no" to the EULA and you could use the draconian terms as an argument to get a Windows refund.
Secure Boot is ostensibly a security feature, making it impossible to load kernel-level code that hasn't been signed by an authority recognized by the device's hardware. The idea is that this makes it harder for nefarious actors to do nefarious things to your system, because they'll be blocked from the most basic access to the system hardware and be forced through normal OS security channels.
In practice, of course, it's just about solidifying lock-in with a cover story that's obviously weak to those with technical experience but is justifiable to politicians and regulators who would otherwise be all over MS for facilitating this kind of funny business.
It means you can have a crazy BIOS screen heavy with customised images that looks all 3li7e and stuff for the gamer crowd.
My PC has one such thing, and it's garbage. I managed to find out how to put it into some sort of 'information' mode with less graphics and more info... but isn't a BIOS screen supposed to be a wholly info thing anyway?
It shouldn't take all that long to set up USB. Getting the host controller running is probably a few hundred microseconds of initialization. After that, it's all about enumerating hubs and finding devices; there isn't much there that requires delays. You're probably gated by the firmware on the keyboard.
I imagine the USB stacks are full of paranoid "let things settle for 200ms" sleeps that make more crappy devices work, or that give external HDDs time to spin up. I'll bet you could remove those if all you care about is a keyboard.
I don't understand why Linux users want Win8- or WinRT Pads.
Not only are they pretty expensive but there already are many cheap good Android Pads running a Linux kernel. There are also plain Linux pads on the market, and even Ubuntu plans to sell a Ubuntu pad soon.
[+] [-] DannyBee|13 years ago|reply
In fact, i'd go so far as to say that if Microsoft ever actually tried to enforce, it would run them into serious regulatory trouble.
If push came to shove, i'm sure they would take the position that this was a hardware issue, and not their legal intention.
(I completely agree this is a ridiculous situation, and you shouldn't have to agree to anything. But it actually makes for great facts to fight a clickwrap fight on)
[+] [-] sounds|13 years ago|reply
How is it legal to _deny_ me full access (defined by the removal of all Microsoft software, something the European Commission has repeatedly upheld) until I have completed some Microsoft-controlled procedure? I don't want Windows on the machine.
Assuming I buy from the 3 largest vendors, excluding Apple, is it not anti-competitive to _lock_ me into it since no other option is offered?
Note: I realize that it may seem redundant to beat this dead horse again, but there's a really good reason so many are upset about Secure Boot. Of course, Microsoft mandates that Secure Boot can be disabled for Win8 logo compliance, which is neatly avoided in this case.
[+] [-] Supermighty|13 years ago|reply
And Microsoft probably knows this, and would avoid it at all costs. But having an overly broad EULA helps them push around the n00b Linux installer who doesn't know any better.
[+] [-] kogir|13 years ago|reply
Doesn't that directly contradict the hypothetical scenario presented in the article? Additionally, there's Windows 8 hardware out there already. Can the author provide no examples of this happening in real life?
[+] [-] mjg59|13 years ago|reply
The USB controller and USB devices must be fully enumerated when: * Anything other than the Windows Boot Manager is at the top of the system boot order. * A boot next variable has been set to boot to something other than the Windows Boot Manager. * On a system where the Windows Boot Manager is at the top of the list, an error case has been hit, such that the firmware fails over from the Windows Boot Manager to the next item in the list. * Resuming from hibernate, if the system was hibernated when booted from USB. * Firmware Setup is accessed.
ie, it's not required for most normal boots on systems that already have Windows installed. System.Fundamentals.Firmware.FirmwareSupportsBootingFromDVDDevice merely states that the system must support booting from DVD, not that it must attempt to by default. And yes, I've observed this behaviour on real hardware.
[+] [-] morpher|13 years ago|reply
[+] [-] bryanlarsen|13 years ago|reply
[+] [-] gizmo686|13 years ago|reply
[+] [-] _pmf_|13 years ago|reply
The main interest of Microsoft is to keep their OEMs in control. Even if it is legal for the end-user to circumvent the protection, the following will probably still hold true:
- Microsoft can still contractually bind their OEMs to implement the protection scheme
- Microsoft can still prevent installations on machines without protection
So, in the best case regulatory action will allow users with hardware implementing the protection scheme to install custom OS (i.e. free them from prosecution when cracking the protection scheme). There is no way of forcing Microsoft to allow installations or usage on devices not implementing the protection scheme or on devices where the protection scheme has been circumvented and this circumvention can be detected by the affected Microsoft OS.
[+] [-] Ayabashi|13 years ago|reply
[deleted]
[+] [-] pyxy|13 years ago|reply
[+] [-] pyxy|13 years ago|reply
[+] [-] anonymfus|13 years ago|reply
It because http://stervozzinka.dreamwidth.org/15580.html contains information that it is possible to kill itself by shooting into head.
[+] [-] pyxy|13 years ago|reply
[+] [-] Tomdarkness|13 years ago|reply
Has anyone experienced the problems described in the article actually in practice or is the article purely theoretical?
[+] [-] mjg59|13 years ago|reply
[+] [-] dheerosaur|13 years ago|reply
[+] [-] qwerta|13 years ago|reply
[+] [-] vy8vWJlco|13 years ago|reply
[+] [-] zokier|13 years ago|reply
[+] [-] drivebyacct2|13 years ago|reply
Not saying that will happen, I honestly don't think Microsoft cares that much (my own opinion, speculation based on Linux's market share despite my own love of it).
Just... "always" is a strong word. People used that word when talking about secure bootloaders on devices like Droid2, etc. Things that were ultimately only circumvented by kexec. Something that would be much different in a SecureBoot scenario.
[+] [-] jagermo|13 years ago|reply
[+] [-] Osiris|13 years ago|reply
[+] [-] cjg|13 years ago|reply
[+] [-] ars|13 years ago|reply
What happens if you crtl-alt-del at the EULA prompt?
[+] [-] lifeguard|13 years ago|reply
[+] [-] zanny|13 years ago|reply
[+] [-] zokier|13 years ago|reply
[+] [-] pfraze|13 years ago|reply
[+] [-] mikestew|13 years ago|reply
Make no mistake, I have not been one of the hand-wringers over this whole secure boot thing. But this recent development could turn me into one.
[+] [-] glesica|13 years ago|reply
[+] [-] npsimons|13 years ago|reply
[+] [-] caf|13 years ago|reply
[+] [-] doktrin|13 years ago|reply
I'm genuinely curious - does there exist some relevant and concerning precedent here?
If this turns out to actually become an issue, it would probably harm Microsoft more than anyone - and would be a boon to manufacturers willing to bundle Linux on pre-built machines (such as the Alienware x51 or "developer" x13). However, I sincerely can't see anything coming of this threat.
[+] [-] ddinh|13 years ago|reply
[+] [-] dlitz|13 years ago|reply
Assume there's no communication back to Microsoft and no need for a license under copyright law. Couldn't I just click the "I agree" button while not actually accepting the EULA? Surely, the tablet itself can't be a party to a contract, right?
[+] [-] zurn|13 years ago|reply
[+] [-] raylu|13 years ago|reply
[+] [-] cookiecaper|13 years ago|reply
In practice, of course, it's just about solidifying lock-in with a cover story that's obviously weak to those with technical experience but is justifiable to politicians and regulators who would otherwise be all over MS for facilitating this kind of funny business.
[+] [-] wmf|13 years ago|reply
[+] [-] wes-exp|13 years ago|reply
[+] [-] unknown|13 years ago|reply
[deleted]
[+] [-] sliverstorm|13 years ago|reply
https://en.wikipedia.org/wiki/Windows_8#Secure_boot
[+] [-] Qantourisc|13 years ago|reply
[+] [-] vacri|13 years ago|reply
My PC has one such thing, and it's garbage. I managed to find out how to put it into some sort of 'information' mode with less graphics and more info... but isn't a BIOS screen supposed to be a wholly info thing anyway?
[+] [-] shmerl|13 years ago|reply
[+] [-] kabdib|13 years ago|reply
I imagine the USB stacks are full of paranoid "let things settle for 200ms" sleeps that make more crappy devices work, or that give external HDDs time to spin up. I'll bet you could remove those if all you care about is a keyboard.
[+] [-] bitcracker|13 years ago|reply
Not only are they pretty expensive but there already are many cheap good Android Pads running a Linux kernel. There are also plain Linux pads on the market, and even Ubuntu plans to sell a Ubuntu pad soon.
So, what's the gain?
[+] [-] unknown|13 years ago|reply
[deleted]
[+] [-] unknown|13 years ago|reply
[deleted]