Spanish Linux Group Takes Windows 8 Secure Boot to the EC

A Linux developer group in Spain has kicked the "secure boot" controversy upward to the European Commission (EC), pointing at Microsoft.

A complaint from Hispalinux was sent to the EC's office on Tuesday, according to a Reuter's report. Secure boot is Microsoft's term for an optional security feature that's part of the Unified Extensible Firmware Interface (UEFI) specification. This feature uses certificates to check the firmware, prior to a computer system bootup. It's a security precaution that's missing from present BIOS-based systems. The secure boot process is designed to avoid rootkits or other malware that currently go undetected by most antimalware software during the boot-load process.

Controversy has arisen because Microsoft will require that original equipment manufacturers turn on secure boot by default on new systems. However, this requirement is only mandatory for Windows RT ARM-based systems. It's not a requirement for Windows 8 x86-based systems. UEFI-based Windows 8 systems have an option to turn off secure boot from within the Windows 8 operating system, allowing Linux OSes to be booted on the machine.

The Linux community hasn't been happy at all with secure boot, but it has responded by developing its own digitally signed certificates to facilitate Linux boots on UEFI-based Windows 8 systems. However, Hispalinux is going further in its complaint to the EC. In a blog post, the group indicated that Microsoft is acting "contrary to competition and the rights of consumers" with Windows 8 and that it would "irreparably harm the European software industry" by making it difficult to boot Linux.

It's not clear at this point if Hispalinux's complaint will cause trouble for Microsoft at the EC. Earlier this month, the EC slapped Microsoft with a $728 million fine for failing to comply with providing a browser choice option in Windows 7 software distributions. That incident, as well as past fines from the EC, may put Microsoft into the position of being regarded as somewhat of a scofflaw among the commissioners.

The Reuters article pointed to a comment by Joachín Almunia, vice-president of the European Commission and competition commissioner. A couple of months ago, Almunia issued a comment suggesting that the EC isn't too worried about Microsoft's handling of the UEFI security option with Windows 8.

"The Commission is currently not in possession of evidence suggesting that the Windows 8 security requirements would result in practices in violation of EU competition rules as laid down in Articles 101 and 102 TFEU," Almunia wrote in January, responding to a question. "In particular, on the basis of the information currently available to the Commission it appears that the OEMs can decide to give the end users the option to disable the UEFI secure boot."

However, Almunia noted that the EC was continuing to monitor such "market developments" with an aim toward ensuring fair competition.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Google IDs on Azure Active Directory B2B Service Now at 'General Availability'

    Microsoft announced on Wednesday that users of the Google identity and access service can use their personal log-in IDs with the Azure Active Directory B2B service to access resources as "guests."

  • Top 4 Overlooked Features of a Data Backup Strategy

    When it comes to implementing an airtight backup-and-recovery plan, these are the four must-have features that many enterprises nevertheless tend to forget.

  • Microsoft Bolsters Kubernetes with Azure Confidential Computing

    Microsoft on Tuesday announced various developments concerning the use of Kubernetes, an open source container orchestration solution fostered by Google.

  • Windows Will Have Support for Encrypted DNS

    Microsoft announced this week that the Windows operating system already has support for an encrypted Domain Name System option that promises to add greater privacy protections for Internet connections.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.