A Doomed Microsoft Again Spins Legal Compliance into Something it’s Not.
A Tivoized PC will look like an ugly TV.
The Windows press is doing damage control to quell a rising realization that the Microsoft demands and will have complete practical control of the next generation of Windows devices. Microsoft cleverly divulged key details over the past months to prevent people from understanding the implications. Free software advocates immediately understood the implications of signed code and some adopted a wait and see attitude believing OEMs would not be foolish enough to make all of their hardware Windows 8 logo compliant. Microsoft’s App Store rules made the intentions clear for Windows users, so Microsoft boosters are Open Washing the program to keep users from bolting. Boosters celebrate a Microsoft limited choice of free software and Microsoft’s cynical license compliance as a “Big win for Open Source.” Microsoft’s demands should trigger anti-trust investigation. Free software developers who still concern themselves with Windows should think carefully about the implications for their code. Windows users should migrate immediately because the PC ecosystem they grew up with is long gone.
The Windows Store will be the exclusive distribution channel for apps that use the Windows 8 “Metro” interface, which is designed for tablets and smartphones, but will also contain some traditional desktop apps. Microsoft wouldn’t confirm if the kill switch applies only to Metro-style apps or if it covers any app in the store. “It’s really the early days yet,” said a spokesperson. “The terms of use applies to apps that people are creating now. More info will be shared as we get closer to release.”
Microsoft’s claim, of course, is ridiculous hair splitting. If Microsoft succeeds in Tivoizing all x86 and ARM hardware, only Microsoft signed code will run on Windows 8. Stopping any program from running will be as easy as revoking the keys no matter how they are installed.
There may be another win for the open source movement today, as there has been some interesting legalese found in the recent publication of the Windows Store Application Developer Agreement. … The section in question states that apps released under a license from the Open Source Initiative (GPL, Apache, etc.) can be distributed in the Windows Store. Further, it says that the OSI license will trump the Microsoft Standard Application License Terms, namely the the restriction on sharing applications.
“Choice” and “Open” code are poor substitutes for software freedom and Tivoizing hardware defeats meaningful software freedom. Microsoft will be able to comfort their users with free software like browsers, image and audio editors. They will dutifully provide users with source code if the license requires as much but it is of no real value to the user because they can never run a modified version. The user gains none of the security, privacy or control of real software freedom from a single free program on top of a malicious OS. Users of Windows 8 will never have the tools to guard themselves.
Both articles are filled with Microsoft’s language about “security” and “legal” reasons for revocation of code. This is a smoke screen. The only security signed code provides is financial security for Microsoft from a lock out of competition.
In the past, I’ve often warned free software developers that porting to Windows is a waste of time and energy better spent making gnu/linux and other really free software better. It was easy enough to point to all of the companies Microsoft ruined by technical sabotage and ask people why they would bother with such an anti-social company. People who ignored that warning should be asking themselves some serious questions about what extra efforts they will now be forced to go through. What process will Microsoft demand for approval? Will a partial distribution be worthwhile? Can they trust Microsoft to distribute code free of modification beyond selection?
Microsoft’s attempt to Tivoize the computing world is far from assured. Vista and Windows 7 were both dismal failures [2] mostly because of Microsoft’s insane anti-competitive and digital restrictions plans. Windows 8 is more of the same with even less to offer the user. Plans to lock out competition by signed code is a sign of desperation born of complete failure to compete on merit. The only real question is how many of their partners they will ruin before they fail. Apple, IBM and Google each have more to offer those partners.
Computerworld’s survey reveals that only one quarter of businesses have migrated to ’7′ and most are still using XP. The reasons are many, but they all boil down to one thing. The migration to ’7′ is not a good investment.
Given my choice of desktops, I’m running Linux, but over the years Windows has gone from being a bad joke of a desktop operating systems–Windows ME and Vista–to being a reasonably good choice-Windows XP SP3 and Windows 7. But Windows 8? What the heck is Microsoft thinking?
After looking at Metro, Windows 8’s default interface, for the last month, all I see a lame, reactionary response to iPad and Android. In a broader sense, it’s Microsoft’s response to the move away from the desktop to smartphones and tablets.
This is why we choose to focus on Apple quite so increasingly. Microsoft is still chasing a form factor that is not quite growing. Within a few years it seems likely that Microsoft won’t be around to hurt Linux/Android as much as Apple does. We used to focus more on Novell as well. The goal has always been the same — to defend software freedom, whoever its greatest foes may be. █
Summary: The largest Free/libre software advocacy group issues a formal statement and call for action against Microsoft’s TiVoization push
ON SEVERAL occasions before we mentioned the situation with regards to UEFI for Vista 8 [1, 2, 3] and we are gratified to see the FSF getting involved because it has a lot of influence, so it can make things happen. From its formal statement:
Microsoft has announced that if computer makers wish to distribute machines with the Windows 8 compatibility logo, they will have to implement a measure called “Secure Boot.” Secure Boot is designed to protect against malware by preventing computers from loading unauthorized binary programs when booting. In practice, this means that computers implementing it won’t boot unauthorized operating systems — including initially authorized systems that have been modified without being re-approved.
Please go ahead and sign the statement.
This just helps show that the FSF was right all along about TiVoization. It had insight and foresight. Speaking of the FSF, its founder Richard Stallman has just told me that “My feelings regarding Jobs are about his work, not about him personally. What I said about Jobs was about his work.” This is worth clarifying for all those who took his words out of context (and we chose not to feed these by doing an article about it). █
Financial security to Microsoft, environmental disaster for the rest
Summary: The lesser-realised problem with machines that are made to include TiVoization for Microsoft compliance; more “security” FUD from Microsoft
IT has been a while since we last wrote about the UEFI scandal [1, 2]. Nothing has actually been resolved, despite the comforting sense that the authorities have been informed and Microsoft issued a statement (which was no reassurance).
Several years ago we wrote some articles about the impact of Windows Vista on the environment, but it wasn’t until someone from Asia pointed this out that we realised TiVoization seriously impedes reuse:
Consumers Don’t Own Computers “Designed for Windows 8″, and They Go to Landfills Earlier (Side Effects of “Trusted Computing”)
Microsoft Windows 8 alpha is released and downloadable. But no, I am not recommending it. Nor am I denouncing it in favor of GNU/Linux (well, not in this article anyway). What you should be aware of and concerned about as a consumer is those machines labeled as “Designed for Windows 8″. Much more so if you care about the environmental and humanitarian problems caused by e-wastes, for these machines will end up much faster as e-wastes than the ordinary machines manufactured now.
Machines labeled as “Designed for Windows 8″ have to support UEFI. UEFI is said to have many nice features, which I am not knowledgeable about and will not discuss. But I can assure you that one of those features is a downright hoax, scam, and lie. The “secure boot” feature in UEFI is claimed to make your computer more secure by disallowing intrusions from untrusted sources. This and certain other features in UEFI are important elements of Trusted Computing, a mechanism advocated by Microsoft and other big IT companies. The claim is that booting a computer from an untrusted source (such as a tux usb key which has applications in tourism, education, environment preservation, LOHAS, and ethics) is a security threat and should be avoided.
There is just one tiny problem: it’s not you, the consumer, who gets to decide who is to trust. The propaganda claims that the consumers are too dumb (well, ok, actually phrased in a much more polite way) to make their own decisions about whom to trust. (“Microsoft or Chao-Kuei?”) Software booting from an untrusted source may contain rootkit, for example, which would gain absolute control of your computer. The real, unsaid intention, however, is to prevent consumers from using alternative players and readers on alternative operating systems to circumvent the human-right infringing and infamous Digital Rights Management. If the big IT companies let you decide whom to trust, then they cannot trust you as a DRM-abiding consumer. With the secure booting mechanism in UEFI, the IT companies finally can trust that you will not be able to ask your computer to do what is best in your interest, for example exercising your fair use right and other rights requested in the digital consumer bill of right.
This abusive behaviour from Microsoft (and Apple) should not be tolerated silently because it is yet another example of using “security” to pass new and self-serving rules that harm everyone’s freedom. In a similar vein, Microsoft is smearing the free Web browsers/competition, very much as usual (although the competition does not quite do that itself). This latest attack too uses “security” and to quote The Register:
Microsoft has unveiled a website aimed at raising awareness of browser security by comparing the ability of Internet Explorer, Mozilla Firefox, and Google Chrome to withstand attacks from malware, phishing, and other types of threats.
Your Browser Matters gives the latest versions of Firefox and Chrome a paltry 2 and 2.5 points respectively out of a possible score of 4. Visit the site using the IE 9, however, and the browser gets a perfect score. IE 7 gets only 1 point, and IE 6 receives no points at all. The site refused to rate Apple’s Safari browser in tests run by The Register.
Summary: Microsoft’s unwanted changes to the basis of Windows are likely to backfire in a major way
THE NEEDS of users aside, too little attention is being paid to what Microsoft does to de facto standards. Christine Hall takes a look at the booting scandal we recently wrote about, stating that there might be an agenda (which would upset OEMs):
Secure boot is the sort of security solution Microsoft loves. Back in the days when Windows was even less secure than it is now, one of their security solutions was to have software vetted and signed. Although this might have helped enterprise customers a bit, it did little to make the home user more secure, as any software would still install normally after clicking through an “are you sure” warning. If this scheme did anything, it hurt small vendors who couldn’t afford to go through the process of having their software approved by Redmond.
Secure boot is the same sort of scheme, except this time there’s no “are you sure” screen to click through. If a user is trying to install an operating system (or even run one from a live CD) on a machine with secure boot enabled, that operating system will have to have unlock keys to enable hardware devices. These keys are provided to the creator of the operating system at the whim of the hardware makers.
I can’t begin to explain the number of things wrong with this system. To begin with, for this feature to fulfill its intended purpose, the keys must be kept secret. Nobody but the hardware maker and, perhaps, the OS distributor, can have access to them – meaning they probably must be kept in binary form with no source code being made available.
Dr. Dobbs is meanwhile expressing scepticism about Vista 8 for the following reason:
Redmond once again pushes developers to forgo existing technologies and adopt a new UI and APIs — despite the lack of compelling benefits.
Techrights no longer covers Windows as much as it used to. Windows seems like it is already on its way out (gradual exit) because form factors change and Microsoft cannot keep up. But just worth noticing is this alienation of developers. Remember what Microsoft’s CEO was sweating about. All those developers who embraced KIN, SideKick, Windows Mobile, WP7, XAML/Silverlight and so on got seriously screwed. The next post will cover the death of the Zune. █
Summary: UEFI is Microsoft’s latest excuse for leaving GNU/Linux out in the cold
MICROSOFT loves blocking or suppressing GNU/Linux installations, typically using a process it keeps describing as a feature. Microsoft has been sabotaging the MBR using the excuses that it is hardto support it (funny how one or two GRUB developers can handle it just fine). There is antitrust evidence about it going decades back and there there is the war on fastbootingsystems and battles against Linux using VM restrictions (fighting Linux with a Windows EULA). We have covered many such examples, even those that extend to ACPI.
Computer scientists warn that proposed changes in firmware specifications may make it impossible to run “unauthorised” operating systems such as Linux and FreeBSD on PCs.
Proposed changes to the Unified Extensible Firmware Interface (UEFI) firmware specifications would mean PCs would only boot from a digitally signed image derived from a keychain rooted in keys built into the PC. Microsoft is pushing to make this mandatory in a move that could not be overridden by users and would effectively exclude alternative operating systems, according to Professor Ross Anderson of Cambridge University and other observers.
“Microsoft could lock out Linux with Tivoization” was Homer’s (Slated.org) explanation. He pointed out that “The upshot is that in order to run Linux on machines with UEFI secure boot enabled, the new bootloader, kernel and all other binaries must be signed by a key that is accepted and distributed by the OEM. In practice this means Linux will only run on machines that are either preinstalled with Linux by the OEM, or on machines where UEFI secure boot is not enabled. Given Microsoft’s demands, the latter seems unlikely, and the former would essentially spell an end to Linux (or any other OS) users having any sort of autonomy WRT which distro they use, on the extremely rare occasion Microsoft’s subjugated “partners” even bothered to preinstall Linux at all. On most machines, Linux would simply be locked out entirely.
“If this does pan out the way I’m sure Microsoft would like it to, our only hope is for antitrust regulators step in and force OEMs to allow consumers to opt-out of UEFI secure boot, to enable them to install whatever they want on their own damned property.
“This is by far the biggest threat to consumers’ freedom and choice we’ve yet seen on PCs. It literally turns the keys to the entire PC industry over to Microsoft.
“I wonder how much Linus “likes Tivoization” now?”
Is Microsoft finally resigned to the fact that Windows can never again be the dominant operating system on our planet? Or is the behemoth planning to make one final attempt to control what you use?
Sean Michael Kerner has good coverage, whereas Sam Dean apologises somewhat or gives the benefit of the doubt to Microsoft by writing: “It’s highly doubtful this will end up being a concern when the final version of Windows 8 comes to fruition. Microsoft has become increasingly aware that IT administrators are interested in heterogenous environments where many people want to use multiple operating systems. We’ve also noted that Windows 8 is taking some of its cues from Linux. It’s not in Microsoft’s best interest to box out alternative operating systems.”
Well, gentle headlines exist as well and they come from the expected sources. Microsoft boosters try to belittle the problem, whereas Linux advocates do not. Based on antitrust material we know that Microsoft often does this knowingly and deliberately, citing internal communication.
According to other articles, this debacle “was discovered by Linux developer Matthew Garrett, who’s been doing a lot of work with EFI booting in general for his day job. Recent UEFI specifications have allowed for “secure boot” that requires an OS to have a signed key in system firmware to work.”
Mr. Corbet summarises Garrett’s article as follows:
Matthew Garrett has posted an article about the UEFI “secure boot” feature and its potential impact on Linux.
Katherine Noyes, a great GNU/Linux advocate, challenges this move by Microsoft and Steven J. Vaughan-Nichols says that “Microsoft tries to block Linux off Windows 8 PCs” (he does not give Microsoft the benefit of the doubt).
If this wasn’t so sad, it would be funny. After Microsoft recently declared victory over Linux, it turns out that Microsoft appears is still trying to arrange it so that Linux won’t even boot on the next generation of PCs that come with Windows 8. Yeah, Linux isn’t on your enemy list anymore right Microsoft? Sure.
Matthew Garrett, a Red Hat engineer, gets the credit for spotting Microsoft’s latest anti-Linux move. In a blog posting, Garrett explains that Windows 8 logo guidelines require that systems have Unified Extensible Firmware Interface (UEFI) secure boot enabled. This, in turn, would block Linux, or any other operating system, from booting on it.
There’s nothing in UEFI that’s wrong. Indeed there’s a lot of good in UEFI. It’s a 21st century replacement for your PC’s basic input/output system (BIOS). Its job is to initialize your hardware and then hand over control over to the operating system.
Microsoft cheered Windows users earlier this month when it demonstrated the upcoming Windows 8 operating system booting in eight seconds. Part of the technology behind the fast boots, however, could enable Microsoft and its PC vendor partners to block users from loading Linux on a Windows 8 PC, according to a Matthew Garrett, a mobile Linux developer at Red Hat, writing in a Sept. 20 blog post.
We also covered this issue in tonight’s episode of TechBytes (to be published shortly). “Microsoft must clarify the Windows 8 boot spec and how it impacts Linux” says this last article we that we wanted to mention:
This is not a small issue. If Microsoft does attempt to make it impossible for the average consumer to install and run Linux aside of Windows 8, it will lose whatever inroads that it has made with developers in the past few years. Even more, it’s restrictive and could open the company to even more anti-trust scrutiny.
Perhaps there is no issue. It could be that Microsoft has foreseen this issue and has a workaround (at worst). But we don’t know, because Microsoft won’t tell us. They will, but the company will have suffered from its reticence to not pipe up with the truth.
The bottom line is, Microsoft is already under a lot of pressure and it’s unlikely to get away with this trick ‘by surprise’. Same ol’ Microsoft is up to no good. █
“I’ve been thinking long and hard about this, and the only conclusion I can come to is that this is ethically indistinguishable from bribery. Even if no quid-pro-quo is formally required, the gift creates a social obligation of reciprocity. This is best explained in Cialdini’s book Influence (a summary is here). The blogger will feel some obligation to return the favor to Microsoft.”
Summary: Dubious ‘gifts’ from Microsoft (to the only users Microsoft sees as valued) are being converted into cash through eBay
IT MIGHT be years before Vista 8 is available for use, so we try not to mention it. Just mentioning it would help Microsoft, but it is already failing, so we thought we should make a quick post without linking to any promotional material.
“Microsoft calls it a “gift”, but we just call it a bribe and we are not alone.”As we expected all along, Microsoft was bound to bribe some bloggers or influential people for positive coverage (see this previous time). Microsoft does this every time and some days ago it gave 5,000 free Samsung-built tablets. According to reports, some of these ended up on eBay because recipients were not impressed and preferred turning Microsoft’s tablet bribe into cash. Microsoft calls it a “gift”, but we just call it a bribe and we are not alone.
Summary: Microsoft copies more of KDE4, even several years after KDE 4.0 was released
IN ORDER to push aside discussions about the declining sales of Windows, Microsoft likes to bring up Windows 8, which we sometimes refer to as “Vista 8″ because it’s merely a succession of Vista, just a better-looking version of it. Technically, it is more retarded than predecessors (like a phone). It’s also a catchup job based on this Microsoft booster who admit that Vista 8 “will combine file download dialogue boxes into a single box, you’ll be able to stop and pause downloads, and rather than trying to estimate how long a download has left to run, the new operating system will instead feature a graph that shows the data transfer speed, transfer rate trend, and how much data is left to transfer.”
So basically, Microsoft copies KDE 4 about 4 years late. Back in 2005 or 2004 I found in the KDE sites (maybe KDE-Look) a suggestion for this in the form of a mockup, so the idea goes a long way before KDE4 development, even before KDE 4.0 was out.
Vista 8 will be little different above the surface (still mimicking GNU/Linux) and mostly the same under the hood, i.e. a slow piece of junk, especially for file transfers (I/O in Windows is notoriously poor). Some time in the future there will be a poor man’s (or woman’s) GNU/Linux and it will be called “Windows 8″. Can anybody explain what Windows can do that GNU/Linux cannot? We are talking about operating system features here, not applications. Real innovation happens in GNU/Linux; neither Apple nor Microsoft, which mass-market and take credit for other people’s work. █
