I'm now happier than ever that I bought one of the last pure-BIOS motherboards of the i7 era, and a laptop (Thinkpad X60) that can run completely free software (https://www.fsf.org/resources/hw/endorsement/gluglug , although I didn't know that when I bought it several years ago ), and I plan on holding on to these machines and making the most of them for as long as I can, because the future of the PC is looking more and more closed with each new change.
It was only a few decades ago when IBM released the PC AT, complete with a full set of documentation, even the full source code of the BIOS. Now you're lucky if you can even get a datasheet for the SuperI/O chip or processor VRM controller. I've observed this decrease in openness through the years, but it's only most recently (post-Nehalem?) I've noticed this happening at an accelerated pace.
Throughout this time, all the changes that have been made for "security" appear to me as more and more like attempts to secure systems against their users, taking control away from them and forcing them to trust some authority instead. Code signing, secure boot, TPM, patch protection, etc. It is becoming more difficult to stay in control of the hardware you bought.
It is true that several years ago, it was probably much easier to infect systems with malware, but at the same time, the users had more freedom; including the freedom to explore, use, and modify the OSes of their choosing. Is this freedom something we should really be sacrificing? The well-known quote comes to mind: "Those who give up freedom for security deserve neither."
> Throughout this time, all the changes that have been made for "security" appear to me as more and more like attempts to secure systems against their users,
"The Coming War on General Purpose Computing" http://boingboing.net/2012/01/10/lockdown.html, Cory Doctorow, 17 years from now most will realize that Cory was also just as right as RMS was 17 years ago.
I don't think it's fair to group measures that have a valid security justification along with those that do not. Code signing, secure boot (including TPM when used as a part of that), and patch protection do, and can be disabled. Linux distros really should probably have more rigorous protections along those lines, but manage to avoid it because nobody targets Linux (not because it's that much more secure); Chrome OS has them anyway, despite almost everything being open source, including Chromebook bootloaders, and I like that fact.
Meanwhile, proprietary software and closed hardware specifications have nothing to do with security and should be criticized more harshly.
Gluglug is cool but is not a solution for the future - there's only so many working X60's they can salvage. I think the sustainable way is to embrace Linux-friendly companies that cater to general computing.
When my Sandy Bridge laptop dies, I will buy my next computer from System76 who sell Ubuntu laptops. My next laptop may not even be an Intel laptop - I don't need x86, when most programs I use are open source and can be compiled to run natively on anything. I hope we will have a healthy number of Linux ARM laptops to choose from in the near future.
I think it all comes down to the death of what was, in the 90s, called the "power user."
There have always been two kinds of computer users: Administrators--those who can be trusted to administer their own systems; and Users--those who cannot, who need someone else to Administer their system for them.
The Power User emerged as a gross hybrid because of the limitations of Personal Computer OSes. In Windows 98, for example, everyone was implicitly considered an Administrator, even if they had no idea how to Administer anything. (They were Users with the full Power of an Administrator.)
What would frequently happen is that one person in an extended family would have such knowledge as to be capable of actually Administering computers, and would frequently have to drop in to perform Administrative maintenance for relatives, who had no idea they had to do such things themselves. Nobody would be looking out for the computer in the interstice.
This era is thankfully over. What do we have now? No greater number of people capable of Administering their own computers, certainly.
Instead, what happens now is that the hardware manufacturer provides hooks (the Secure Boot certificate store et al.) such that the computer's Owner can delegate Administrative power to the OS distributor (Microsoft, Apple, Canonical, etc.), leaving the Owner as a plain User. "That guy in the family who knows computers" no longer has to be involved--effectively, the OS distributor is "that guy."
This is only really a problem for people who want to Administer their own computers (though in any form-factor where you can buy a motherboard separately, all these protections can be disabled.)
Frankly, though, I see less and less of a need for people to Administer personal computers. PCs (I'm including both desktops and mobiles in this set), these days, are basically the equivalent of VT-100 terminals: fancy screens you buy, take out of the box, and plug directly into the internet.
This is what I would call the "modern tinkerer mindset":
• "Real Software" runs on Impersonal Computers: servers, either racked in your office, or existing nebulously in "the cloud." When you are developing this software, you keep a VM that simulates such an Impersonal Computer running on your Personal Computer, and interact with it as if it were a network resource.
• Development of new Operating Systems occurs using a hardware emulator (really a more precise VM), like qemu. It then moves to ordinary VM software. Everyone else who tries your hobbyist OS will only want to run it in a VM themselves. Getting it running on Real Hardware is a 1.0 feature.
• If you want to fiddle with hardware yourself, you get a Raspberry Pi, or any of innumerable other devices aimed squarely at tinkerers. You could develop an OS using these, too, although it's a much greater hassle than just using emulation software. These devices are open in ways Personal Computers never were, having everything from schematics to JTAG pins available.
Given that mindset, what do you gain by having Administration rights to your new-age VT-100 Personal Computer?
You might answer "the surety that Microsoft/Apple/etc. will never ban VM software from its platform", but no OS distributor would dream of doing this: after all, how, then, would its first- and third-party developers do their jobs? They rely on VM software just like the rest of us.
I never dual boot. It's a PITA with UEFI or not and has been since the dawn of time. It's Linux -or- Windows. UEFI is not a problem though - people need to stop badmouthing something they really don't understand.
I settled on using Windows as a host OS[1] and use Linux on VMs because to be fair, Windows power management, suspend/resume and hibernate and driver support is miles better i.e. it actually works more than once. Oh and they really don't fuck up the kernel every 2 minutes like on Ubuntu and don't throw out buggy shit like Apple do.
I used a 2011 MBP for the last 6 months or so however (with virtualbox) and I had to go back to an older and slower T400 as it was more reliable as well.
So virtualbox on windows 7 it is. And it works really well. I'm pretty happy and I'm a picky as they come when it comes to hardware and software.
On my desktop (a Dell T3500 with piles of RAM), it's 8.1 with Hyper-V with Linux in it as that works pretty damn well too.
Is suspect the problem here is users rather than hardware and vendors.
Hear my fucked up story of UEFI, Secure Boot and Windows 8:
I have a Windows 8 laptop. It had 2 HDDs, so I easily installed Ubuntu 13.04 to second HDD. However, during a Win8 update process, it hanged for hours and I force closed. Then even my recovery partition was corrupted. So, I wiped my first HDD, and since the OEMs don't give DVDs anymore, I could not install it. I live in Turkey, and there is a special version of Win8 Single Language, not found on internet. You cannot confirm checksum of them because it is not widely used, and depends on the region I think (maybe wrong). Therefore, even If I found a iso on Turkish forum I could not verify it, but tried to install Single Language version anyways. But It could not verify my key, that is burried in my motherboard. I tried to install Windows 8 Pro from MSDNAA, and it said it cannot because of the internal license on my pc. I tried dozens of way to disable it. When I got Windows 8.1 Pro from MSDNAA as well, It installed without problems. That is really f*cked up. I did not like flatness of even windows, I disabled Secure Boot, removed my partioning from GPT to MBR, installed my Ubuntu with Windows 7 as it is used to be, before these dark times.
Now I'm a teaching assitant of operating systems course, students need to use Linux for assignments, and almost all of them uses VirtualBox, which is not a very good replacement for native experience. It is fast, but not fast enough.
I think on a OEM Win8 system with an embedded product key, you are supposed to install Win8 Core first, then enter the Win8 Pro product key after setup. Do you mean that Win8 setup still prompted for a product key? I believe there are utilities to find the embedded ACPI MDSM key if you need to. On the solution you found, your computer comes with only Win8 Core right, so even if you used ei.cfg etc you'd get only Win8.1 Core, not Pro as your MSDNAA subscription allows.
Please note that OpenBSD has no problem handling large disks, greater than 2 TB. The problem is with the horrible Restricted Boot (UEFI) system.
The Asus model 1015E is in violation of the requirement that UEFI (Restricted Boot) can be disabled, and that Legacy Boot can be enabled. I am boycotting all future Asus products, because I had to deal with this problem after I had already purchased one. It was difficult and painful to get my money back.
If any manufacturer purposely builds systems without Restricted Boot, I will patronize them (even for non-Arm products). I am hoping that some manufacturer will build a line of Arm-based devices without Restricted Boot. (Yes, I know about BeagleBone, Raspberry Pi, etc. But these are not full-featured laptops. They are embedded machines aimed at embedded uses. I do use them for that purpose. Also note that the Raspberry Pi has the craptastic Broadcom chip, and it is anything but free [as in liberty] and open. http://permalink.gmane.org/gmane.os.openbsd.misc/192942 Also, the recent release of source code from Broadcom is only open source wrappers that call proprietary binary blobs. Fsck Broadcom.)
With the locked down antics that manufacturers are pulling these days, the only way to protect yourself is to root your device and install your preferred environment on it immediately after you obtain the device. Don't delay or procrastinate with excuses like wanting to try out the manufacturer's experience, waiting until you need the functionality, or wanting to prepare more. Every day you put it off, the more likely you will end up stuck with and dependent on a user-hostile device that you were tricked into.
You need to run into every possible incompatibility or bricking while you're still well within the return and credit card dispute periods. And if you're actually unsure of how to proceed in making sure that shiny new device actually works for you, please please ask a technical friend for help. The future of society very much depends on it.
Kernels 3.3+ can be loaded from EFI partition directly without additional bootloader, no need to wrestle with grub-efi. This blog explains required configuration: http://wolfwings.dreamwidth.org/224805.html
The real problem is that most motherboard manufacturers have absolute garbage bloated proprietary messes of EFI implementations, and we are stuck with Intel jamming this shit down our throats in the first place rather than opening up their chipset documentation so we could have coreboot support on these boards.
I learned my lesson long ago. Linux is for VMs. I run vanilla Windows as my boot OS and then use Linux from within a VM, thus getting the benefits of Windows hardware compatibility where I need it. This lets me do things like run nine monitors when my laptop is docked by chaining DisplayLink adapters. Note that Windows with DisplayLink will only support eight monitors so for the ninth I bind the DisplayLink adapter to the VM for dual monitors with my Linux VM. Going above more than two monitors with a Linux host OS is akin to beating one's head into a wall, especially if you move between monitor configurations often, but just works in Windows.
Thus far, with the ability for the VM to bind specific hardware directly and not shared via the host OS I get all the benefits of a Linux host OS without the hassle of broken driver implementations taking me down for long stretches at a time. As an example, I can bind my ALFA WiFi adapter directly to the Linux VM and run aircrack-ng all day long.
Yes, there are drawbacks. You will need a bigger hard-drive (best if you can fit two in your laptop) and more memory, but those are cheap these days. The benefits, however are massive. I keep multiple VM versions and can instantly recover from anything stupid that I might do in the Linux kernel without impacting my ability to actually get my work done.
I have the problem that in my windows os I need to run hyper-v to use the emulator of windowsphone and windowstablets for work purposes.
Why is it a problem?
Because if you active hyper-v (and you need a reboot to change from active/deactive) all other VM, if started, will crash your os, show a blue page of death, restart your machine and show a "I am trying to recover your system" for like 20 minutes.
And hyperv is like the shittest VMm ever to run linux over it, also with the "officially supported" linux versions.
I do the same thing, it works well. Do you use Windows 7 or 8 as your parent OS?
I use VirtualBox and have found it reliable for years.
The Windows host OS can then be kept very clean and it remains fast and relatively secure.
Then in those rare instances when you need to download something insecure or that you don't want cluttering your Windows install you can put it in a virtual machine that acts as a sandbox.
If you organize your files right you can even wipe your windows partition and reinstall with very little downtime and setup (other than the several gigs of updates that will be needed during the first few boots).
Have you considered/tried using hypervisor and putting Windows in VM, too? If so, what were drawbacks?
I ask because, considering popularity of Windows as malware/spyware target, running it as bare-metal host OS doesn't sound like a completely good idea to me, even if owner's really cautious.
I really don't understand all these people having issues booting in UEFI mode. Fine, disable Secure Boot (or boot Fedora/Ubuntu if you care about it), load a recent distro and get on with your work/play.
Same here, I boot Linux from UEFI on several computers and it works fine. It boots faster and uses native display resolution instead of VESA. I dual boot Win 8, chainloading from GRUB.
I think there are just a lot of people who don't know how to install GRUB to the EFI partition, or don't know how to edit their EFI boot menu with efibootmgr. UEFI is more complex than BIOS booting and if the only mental model you have is of a boot sector, you will have trouble understanding why a misbehaving system is acting as it is.
I don't enjoy needing to fix my boot loader when I install Linux or update Windows, but I'm always able to make it work. I always had boot loader issues when I dual-booted BIOS systems too, so although it's still unpleasant, it's not any worse. It's just different and requires learning some new concepts and command-line tools.
If you disable UEFI, you need to install your system again, and you cannot use your old license to install it, at least in Win8. So you either buy another Win8. So disabling UEFI is not an option, for dual boot.
I have a Windows 8 Sony Vaio. If I disable Secure Boot and install Linux on a partition, the Bios doesn't work. Period. I've seen that a number of people got it to work for a while by modifying the grub loader and other hackery but then try updating Linux. Why? Buggy UEFI that is not "standards" compliant.
If I try to use UEFI with a Linux distro that supports UEFI, I get a message saying something like "Can't find Windows."
There's another insane thing I've recently heard about - that Intel intends to lock the OS to their own (new) chips, and you can't dual-boot or install another OS. If they do this, yes I expect them to say that "the OEM has the choice" to allow for dual-booting or whatever, but I bet you 90 percent of PCs will be locked to Windows, when this arrives on Windows machines:
I like how they use antivirus/antimalware software as an example, because it's what is almost universally considered "a good thing".
The flip side of it is that this security software can also be used as a tool for mass censorship, and I certainly don't want something like that being impossible to remove and running in "ring -1".
Well, once they do that, the same way that one should avoid Windows 8 if he wants to have a chance of running Linux, one will also be recommended to avoid an Intel processor if he wants control of his system.
Except that Intel has less of a monopoly than Microsoft, so that's way easier.
The article claims: "One reason all PC's that come preinstalled with a Microsoft operating system is cheaper than regular laptop is that Microsoft subsidizes the cost of the hardware."
I had always thought that PC makers paid Microsoft for Windows. The article claims that, instead, Microsoft pays the PC makers to install Windows. I don't see how this could possibly be true if most copies of Windows are sold pre-installed on PCs.
I've never heard that Microsoft pays OEMs but they certainly do give them a discounted price. Also it is my understanding that they do have some contract terms that either forbid sale of the same hardware with other OSes preinstalled or forbid sale at a lower price with other OS or no OS.
This is all from years ago, I don't know what terms are these days. Obviously Dell, HP, etc. do have a few preinstalled Linux systems in their catalogs now.
I too don't think this is accurate. What Intel and Microsoft have done is contributed marketing support dollars which, from a pure business analysis point, might be considered part of the cost of the system but it isn't what you or I would consider subsidizing the hardware. In marketing support programs Microsoft pays for a television advertisement for your product (very expensive) which points out how great it is because uses Microsoft Windows. Similarly with the Intel inside advertisements.
Microsoft charges for OEM licenses. PC manufacturers, however, will include other software with Windows for a fee (e.g. Imagine Adobe pays Dell for Adobe Reader to be included on Dell consumer systems).
It is also plausible that Microsoft has a patent agreement with PC manufacturers so that they have to pay Microsoft a fee to ship systems with Linux installed. I know we've seen similar situations with companies that run Linux servers or sell Android devices.
What they probably meant is that Windows is a profit center for HP because of the 3rd party crapware/bloatware loaded with Windows. They don't have similar deals for Linux, and that would probably chase off their Linux customers.
Here's my rant on how Secure boot should be done. Currently, you have Microsoft's public key certificates in the firmware, and you can either boot with secure boot on or off. I would rather that the certificates be treated similar to a web browsers, where you have a list of "official" certs belonging to multiple independent entities. In addition, when in secure mode, you shouldn't be able to boot from unsigned media.
Now here's where I think this can be improved. Usually, hitting something like F12 at boot time gives you a list of devices to boot from (internal drive, USB devices, DVD, network, etc). What I'd like to see added to this is an item labeled "Boot from unsigned DVD/USB/Network [for OS installation mode]". Once this is selected, whatever you boot would have access to adding additional certificates to the firmware. Or, more appropriately, you should be able to select 3 boot options: 1) boot from signed media; 2) boot from unsigned media; 3) boot from unsigned media with write access to certificate key store [OS installation mode]. That way, the end user can still maintain complete control over their hardware, yet still get the benefits of protection against boot sector malware / low level root kits.
This sounds like secure boot's "Custom Mode." 'Certified for Win8' requires that all non-ARM machines support either Secure Boot Custom Mode or SB disabled. I would hope they would support custom, but that's the manufacturer's prerogative.
I have a simpler solution: the bootloader is kept on a separate storage device, which can only be written to if the computer is booted up in a special mode. No signing needed, prevents common bootloader viruses, respects user freedom.
OpenBSD doesn't support UEFI, and will never boot from it.
UEFI (better called Restricted Boot) takes away the user's freedom.
I want to own my hardware. I don't want the manufacturer to own it. I don't truly own it unless I can run whatever software I want on it. I don't own it if it prevents me from doing anything I want to do -- no matter what that is.
For me precisely this was the final reason I needed to simply erase Windows 8 64bit Professional (which I paid for half a year earlier) and install Ubuntu 13.10.
I was worried about driver issues and spending too much time adminstering my system instead of using it for being productive. I cannot emphasize enough how unnecessary those worries were - I f love it! As an IT guy using R, Git, Python and further Linux tools this made actually a lot of tasks way easier!
My recommendation - f* dual boot - get rid of Windows and switch to Linux!
If you mention what your system is, then it could help others in making buying decisions. This would then send a message to hardware vendors that linux support gives them visibility and appreciation.
"My journey into hell began about two months ago when I purchased a new HP laptop computer..." That'll teach you. Next time don't buy HP. Those super cheap laptops come at the price of quality and decent support. You pay for it one way or another. As for the UEFI being bad or not working well with Linux, I disagree. I think you just don't know what you're doing and HP support is bad with no documentation.
This isn't about UEFI, I've had no issues with it. Primarily because I don't use Windows on it. Microsoft is up to it's old tricks here. Then again, try to run OSX on a Dell. I just wish all these guys would get their heads out of there asses.
I have come to the decision just not to buy anything HP.
I had two horrid experiences with two HP laptops, and
two printers that went too soon--1 less than a year--the
other less than a week. Off subject, but when ever I hear HP I cringe.
Back when I did dual boot, I found I seldom used the Windows partition because, for the reasons I'd need a Windows machine, it wasn't a very good one.
If you boot Windows for games, you are far better off buying or building a rig designed for gaming. Conversely, if you need a fast Linux software development system, swap out the hard disk of any decent Core i7 machine for an SSD, which will usually be smaller than the rotating media, which makes dual booting less attractive. And if you are shopping for a Linux machine that's less likely to be a hassle in any way, look for one that uses Intel graphics and has no 3rd party GPU.
This is why you should buy machines meant to run Linux, or known to run it well... System76, Dell dev laptop, ThinkPads, and custom parts for a desktop.
If you do your homework, you'll always have a perfectly functioning system. My ThinkPad runs Ubuntu (and Suse) like they were meant for each other.
And dual booting is always a PITA... Just delete Windows...
Dual-booting with UEFI is entirely possible, provided that your hardware allows entering EFI vars manually, in a SIGNED OS ENVIRONMENT. Every comment I've seen thus far doesn't seem to grasp that this is MANDATORY before you have the ability to finish installing a new bootloader. This is how UEFI protects itself from unauthorized OS signing!
I have my own custom EFI vars set up with grub2 running on a GPT partition table, all booting beside windows, as purely as the air you breathe, and I'm loading custom Linux kernels daily and haven't ran into an issue since I originally set it up. Grub2 itself is my primary boot partition, which can then jump into the windows boot manager on the other disk.
Grub2 itself has the capacity to act as a custom-signed EFI boot partition (Not sure if I've got the wording on that correct -- but the gist is there!). This means grub can be what your bios looks for the signature from. You don't absolutely need your kernel to be signed, provided you can get a signature produced from grub, OR you have the ability to write one while in a signed O/S.
IF you want the easiest approach, look no further than any Linux distribution that purchased a key to find such a signed environment that permits the further writing of EFI variables.
Or, even easier -- just write then boot grub 2's EFI-signed bootloader to a usb key to get started. After that, writing a new OS entry to UEFI should be the most straightforward thing to do in the world!
*(You can even boot any kernel in the world with such a signed grub2 USB disk!)
[+] [-] userbinator|12 years ago|reply
It was only a few decades ago when IBM released the PC AT, complete with a full set of documentation, even the full source code of the BIOS. Now you're lucky if you can even get a datasheet for the SuperI/O chip or processor VRM controller. I've observed this decrease in openness through the years, but it's only most recently (post-Nehalem?) I've noticed this happening at an accelerated pace.
Throughout this time, all the changes that have been made for "security" appear to me as more and more like attempts to secure systems against their users, taking control away from them and forcing them to trust some authority instead. Code signing, secure boot, TPM, patch protection, etc. It is becoming more difficult to stay in control of the hardware you bought.
It is true that several years ago, it was probably much easier to infect systems with malware, but at the same time, the users had more freedom; including the freedom to explore, use, and modify the OSes of their choosing. Is this freedom something we should really be sacrificing? The well-known quote comes to mind: "Those who give up freedom for security deserve neither."
[+] [-] pwg|12 years ago|reply
"The right to Read": http://www.gnu.org/philosophy/right-to-read.html RMS was right all along.
"The Coming War on General Purpose Computing" http://boingboing.net/2012/01/10/lockdown.html, Cory Doctorow, 17 years from now most will realize that Cory was also just as right as RMS was 17 years ago.
[+] [-] comex|12 years ago|reply
Meanwhile, proprietary software and closed hardware specifications have nothing to do with security and should be criticized more harshly.
[+] [-] null_ptr|12 years ago|reply
When my Sandy Bridge laptop dies, I will buy my next computer from System76 who sell Ubuntu laptops. My next laptop may not even be an Intel laptop - I don't need x86, when most programs I use are open source and can be compiled to run natively on anything. I hope we will have a healthy number of Linux ARM laptops to choose from in the near future.
[+] [-] derefr|12 years ago|reply
There have always been two kinds of computer users: Administrators--those who can be trusted to administer their own systems; and Users--those who cannot, who need someone else to Administer their system for them.
The Power User emerged as a gross hybrid because of the limitations of Personal Computer OSes. In Windows 98, for example, everyone was implicitly considered an Administrator, even if they had no idea how to Administer anything. (They were Users with the full Power of an Administrator.)
What would frequently happen is that one person in an extended family would have such knowledge as to be capable of actually Administering computers, and would frequently have to drop in to perform Administrative maintenance for relatives, who had no idea they had to do such things themselves. Nobody would be looking out for the computer in the interstice.
This era is thankfully over. What do we have now? No greater number of people capable of Administering their own computers, certainly.
Instead, what happens now is that the hardware manufacturer provides hooks (the Secure Boot certificate store et al.) such that the computer's Owner can delegate Administrative power to the OS distributor (Microsoft, Apple, Canonical, etc.), leaving the Owner as a plain User. "That guy in the family who knows computers" no longer has to be involved--effectively, the OS distributor is "that guy."
This is only really a problem for people who want to Administer their own computers (though in any form-factor where you can buy a motherboard separately, all these protections can be disabled.)
Frankly, though, I see less and less of a need for people to Administer personal computers. PCs (I'm including both desktops and mobiles in this set), these days, are basically the equivalent of VT-100 terminals: fancy screens you buy, take out of the box, and plug directly into the internet.
This is what I would call the "modern tinkerer mindset":
• "Real Software" runs on Impersonal Computers: servers, either racked in your office, or existing nebulously in "the cloud." When you are developing this software, you keep a VM that simulates such an Impersonal Computer running on your Personal Computer, and interact with it as if it were a network resource.
• Development of new Operating Systems occurs using a hardware emulator (really a more precise VM), like qemu. It then moves to ordinary VM software. Everyone else who tries your hobbyist OS will only want to run it in a VM themselves. Getting it running on Real Hardware is a 1.0 feature.
• If you want to fiddle with hardware yourself, you get a Raspberry Pi, or any of innumerable other devices aimed squarely at tinkerers. You could develop an OS using these, too, although it's a much greater hassle than just using emulation software. These devices are open in ways Personal Computers never were, having everything from schematics to JTAG pins available.
Given that mindset, what do you gain by having Administration rights to your new-age VT-100 Personal Computer?
You might answer "the surety that Microsoft/Apple/etc. will never ban VM software from its platform", but no OS distributor would dream of doing this: after all, how, then, would its first- and third-party developers do their jobs? They rely on VM software just like the rest of us.
[+] [-] bananas|12 years ago|reply
I settled on using Windows as a host OS[1] and use Linux on VMs because to be fair, Windows power management, suspend/resume and hibernate and driver support is miles better i.e. it actually works more than once. Oh and they really don't fuck up the kernel every 2 minutes like on Ubuntu and don't throw out buggy shit like Apple do.
I used a 2011 MBP for the last 6 months or so however (with virtualbox) and I had to go back to an older and slower T400 as it was more reliable as well.
So virtualbox on windows 7 it is. And it works really well. I'm pretty happy and I'm a picky as they come when it comes to hardware and software.
On my desktop (a Dell T3500 with piles of RAM), it's 8.1 with Hyper-V with Linux in it as that works pretty damn well too.
Is suspect the problem here is users rather than hardware and vendors.
[1] On my Lenovo T400.
[+] [-] CSDude|12 years ago|reply
I have a Windows 8 laptop. It had 2 HDDs, so I easily installed Ubuntu 13.04 to second HDD. However, during a Win8 update process, it hanged for hours and I force closed. Then even my recovery partition was corrupted. So, I wiped my first HDD, and since the OEMs don't give DVDs anymore, I could not install it. I live in Turkey, and there is a special version of Win8 Single Language, not found on internet. You cannot confirm checksum of them because it is not widely used, and depends on the region I think (maybe wrong). Therefore, even If I found a iso on Turkish forum I could not verify it, but tried to install Single Language version anyways. But It could not verify my key, that is burried in my motherboard. I tried to install Windows 8 Pro from MSDNAA, and it said it cannot because of the internal license on my pc. I tried dozens of way to disable it. When I got Windows 8.1 Pro from MSDNAA as well, It installed without problems. That is really f*cked up. I did not like flatness of even windows, I disabled Secure Boot, removed my partioning from GPT to MBR, installed my Ubuntu with Windows 7 as it is used to be, before these dark times.
Now I'm a teaching assitant of operating systems course, students need to use Linux for assignments, and almost all of them uses VirtualBox, which is not a very good replacement for native experience. It is fast, but not fast enough.
[+] [-] yuhong|12 years ago|reply
[+] [-] ntakasaki|12 years ago|reply
[+] [-] kefka|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] yuhong|12 years ago|reply
[+] [-] yc-kjh|12 years ago|reply
Please note that OpenBSD has no problem handling large disks, greater than 2 TB. The problem is with the horrible Restricted Boot (UEFI) system.
The Asus model 1015E is in violation of the requirement that UEFI (Restricted Boot) can be disabled, and that Legacy Boot can be enabled. I am boycotting all future Asus products, because I had to deal with this problem after I had already purchased one. It was difficult and painful to get my money back.
If any manufacturer purposely builds systems without Restricted Boot, I will patronize them (even for non-Arm products). I am hoping that some manufacturer will build a line of Arm-based devices without Restricted Boot. (Yes, I know about BeagleBone, Raspberry Pi, etc. But these are not full-featured laptops. They are embedded machines aimed at embedded uses. I do use them for that purpose. Also note that the Raspberry Pi has the craptastic Broadcom chip, and it is anything but free [as in liberty] and open. http://permalink.gmane.org/gmane.os.openbsd.misc/192942 Also, the recent release of source code from Broadcom is only open source wrappers that call proprietary binary blobs. Fsck Broadcom.)
[+] [-] mindslight|12 years ago|reply
You need to run into every possible incompatibility or bricking while you're still well within the return and credit card dispute periods. And if you're actually unsure of how to proceed in making sure that shiny new device actually works for you, please please ask a technical friend for help. The future of society very much depends on it.
[+] [-] zyztem|12 years ago|reply
And http://www.rodsbooks.com/efi-bootloaders/
Kernels 3.3+ can be loaded from EFI partition directly without additional bootloader, no need to wrestle with grub-efi. This blog explains required configuration: http://wolfwings.dreamwidth.org/224805.html
[+] [-] zanny|12 years ago|reply
efibootmgr -c -l /vmlinuz-linux -L "Archlinux" -u "initrd=/initramfs-linux.img root=<root partition uuid> ro quiet splash security=tomoyo"
Assuming /boot is my efi system partition.
The real problem is that most motherboard manufacturers have absolute garbage bloated proprietary messes of EFI implementations, and we are stuck with Intel jamming this shit down our throats in the first place rather than opening up their chipset documentation so we could have coreboot support on these boards.
[+] [-] patcheudor|12 years ago|reply
Thus far, with the ability for the VM to bind specific hardware directly and not shared via the host OS I get all the benefits of a Linux host OS without the hassle of broken driver implementations taking me down for long stretches at a time. As an example, I can bind my ALFA WiFi adapter directly to the Linux VM and run aircrack-ng all day long.
Yes, there are drawbacks. You will need a bigger hard-drive (best if you can fit two in your laptop) and more memory, but those are cheap these days. The benefits, however are massive. I keep multiple VM versions and can instantly recover from anything stupid that I might do in the Linux kernel without impacting my ability to actually get my work done.
[+] [-] yulaow|12 years ago|reply
Why is it a problem? Because if you active hyper-v (and you need a reboot to change from active/deactive) all other VM, if started, will crash your os, show a blue page of death, restart your machine and show a "I am trying to recover your system" for like 20 minutes.
And hyperv is like the shittest VMm ever to run linux over it, also with the "officially supported" linux versions.
[+] [-] dm2|12 years ago|reply
I use VirtualBox and have found it reliable for years.
The Windows host OS can then be kept very clean and it remains fast and relatively secure.
Then in those rare instances when you need to download something insecure or that you don't want cluttering your Windows install you can put it in a virtual machine that acts as a sandbox.
If you organize your files right you can even wipe your windows partition and reinstall with very little downtime and setup (other than the several gigs of updates that will be needed during the first few boots).
[+] [-] jmnicolas|12 years ago|reply
[+] [-] drdaeman|12 years ago|reply
I ask because, considering popularity of Windows as malware/spyware target, running it as bare-metal host OS doesn't sound like a completely good idea to me, even if owner's really cautious.
[+] [-] kyriakos|12 years ago|reply
[+] [-] voltagex_|12 years ago|reply
[+] [-] oofabz|12 years ago|reply
I think there are just a lot of people who don't know how to install GRUB to the EFI partition, or don't know how to edit their EFI boot menu with efibootmgr. UEFI is more complex than BIOS booting and if the only mental model you have is of a boot sector, you will have trouble understanding why a misbehaving system is acting as it is.
I don't enjoy needing to fix my boot loader when I install Linux or update Windows, but I'm always able to make it work. I always had boot loader issues when I dual-booted BIOS systems too, so although it's still unpleasant, it's not any worse. It's just different and requires learning some new concepts and command-line tools.
[+] [-] CSDude|12 years ago|reply
[+] [-] wheaties|12 years ago|reply
I have a Windows 8 Sony Vaio. If I disable Secure Boot and install Linux on a partition, the Bios doesn't work. Period. I've seen that a number of people got it to work for a while by modifying the grub loader and other hackery but then try updating Linux. Why? Buggy UEFI that is not "standards" compliant.
If I try to use UEFI with a Linux distro that supports UEFI, I get a message saying something like "Can't find Windows."
[+] [-] higherpurpose|12 years ago|reply
https://plus.google.com/+GuidoStepken/posts/bD2VHB4LcEU
[+] [-] userbinator|12 years ago|reply
The flip side of it is that this security software can also be used as a tool for mass censorship, and I certainly don't want something like that being impossible to remove and running in "ring -1".
[+] [-] marcosdumay|12 years ago|reply
Except that Intel has less of a monopoly than Microsoft, so that's way easier.
[+] [-] varkson|12 years ago|reply
[+] [-] ganeumann|12 years ago|reply
I had always thought that PC makers paid Microsoft for Windows. The article claims that, instead, Microsoft pays the PC makers to install Windows. I don't see how this could possibly be true if most copies of Windows are sold pre-installed on PCs.
[+] [-] ams6110|12 years ago|reply
This is all from years ago, I don't know what terms are these days. Obviously Dell, HP, etc. do have a few preinstalled Linux systems in their catalogs now.
[+] [-] ChuckMcM|12 years ago|reply
[+] [-] naner|12 years ago|reply
It is also plausible that Microsoft has a patent agreement with PC manufacturers so that they have to pay Microsoft a fee to ship systems with Linux installed. I know we've seen similar situations with companies that run Linux servers or sell Android devices.
[+] [-] Zigurd|12 years ago|reply
[+] [-] derekp7|12 years ago|reply
Now here's where I think this can be improved. Usually, hitting something like F12 at boot time gives you a list of devices to boot from (internal drive, USB devices, DVD, network, etc). What I'd like to see added to this is an item labeled "Boot from unsigned DVD/USB/Network [for OS installation mode]". Once this is selected, whatever you boot would have access to adding additional certificates to the firmware. Or, more appropriately, you should be able to select 3 boot options: 1) boot from signed media; 2) boot from unsigned media; 3) boot from unsigned media with write access to certificate key store [OS installation mode]. That way, the end user can still maintain complete control over their hardware, yet still get the benefits of protection against boot sector malware / low level root kits.
[+] [-] Locke1689|12 years ago|reply
[+] [-] betterunix|12 years ago|reply
[+] [-] jrockway|12 years ago|reply
The reality is: Windows boots fine with Secure Boot disabled. Linux boots fine from UEFI; the Debian installer sets everything up perfectly.
[+] [-] yc-kjh|12 years ago|reply
UEFI (better called Restricted Boot) takes away the user's freedom.
I want to own my hardware. I don't want the manufacturer to own it. I don't truly own it unless I can run whatever software I want on it. I don't own it if it prevents me from doing anything I want to do -- no matter what that is.
[+] [-] joyofdata|12 years ago|reply
I was worried about driver issues and spending too much time adminstering my system instead of using it for being productive. I cannot emphasize enough how unnecessary those worries were - I f love it! As an IT guy using R, Git, Python and further Linux tools this made actually a lot of tasks way easier!
My recommendation - f* dual boot - get rid of Windows and switch to Linux!
[+] [-] dopkew|12 years ago|reply
[+] [-] lunulata|12 years ago|reply
[+] [-] keithpeter|12 years ago|reply
In the future, I suppose I'll need to look to a Chromebook as a cheap platform for my GNU/Linux.
Unless people actually start making open hardware...
[+] [-] codelap|12 years ago|reply
[+] [-] marincounty|12 years ago|reply
[+] [-] buro9|12 years ago|reply
Their office laser printers are great, and their workstations (e.g. the Z820) are pretty awesome.
Their cheap stuff on the other hand... I agree with you on every point.
[+] [-] Zigurd|12 years ago|reply
If you boot Windows for games, you are far better off buying or building a rig designed for gaming. Conversely, if you need a fast Linux software development system, swap out the hard disk of any decent Core i7 machine for an SSD, which will usually be smaller than the rotating media, which makes dual booting less attractive. And if you are shopping for a Linux machine that's less likely to be a hassle in any way, look for one that uses Intel graphics and has no 3rd party GPU.
[+] [-] Mikeb85|12 years ago|reply
If you do your homework, you'll always have a perfectly functioning system. My ThinkPad runs Ubuntu (and Suse) like they were meant for each other.
And dual booting is always a PITA... Just delete Windows...
[+] [-] xarball|12 years ago|reply
Dual-booting with UEFI is entirely possible, provided that your hardware allows entering EFI vars manually, in a SIGNED OS ENVIRONMENT. Every comment I've seen thus far doesn't seem to grasp that this is MANDATORY before you have the ability to finish installing a new bootloader. This is how UEFI protects itself from unauthorized OS signing!
I have my own custom EFI vars set up with grub2 running on a GPT partition table, all booting beside windows, as purely as the air you breathe, and I'm loading custom Linux kernels daily and haven't ran into an issue since I originally set it up. Grub2 itself is my primary boot partition, which can then jump into the windows boot manager on the other disk.
Grub2 itself has the capacity to act as a custom-signed EFI boot partition (Not sure if I've got the wording on that correct -- but the gist is there!). This means grub can be what your bios looks for the signature from. You don't absolutely need your kernel to be signed, provided you can get a signature produced from grub, OR you have the ability to write one while in a signed O/S.
IF you want the easiest approach, look no further than any Linux distribution that purchased a key to find such a signed environment that permits the further writing of EFI variables.
Or, even easier -- just write then boot grub 2's EFI-signed bootloader to a usb key to get started. After that, writing a new OS entry to UEFI should be the most straightforward thing to do in the world!
*(You can even boot any kernel in the world with such a signed grub2 USB disk!)