Reply to post: Re: application windows just show up like normal in your Windows session

Windows Subsystem for Linux to debut in Windows 10 Fall Creators Update

Updraft102 Silver badge

Re: application windows just show up like normal in your Windows session

EFI was developed by Intel to do away with the limitations of BIOS for its Itanium CPUs; they found that they could not do the preboot things they wanted to do within BIOS. BIOS is limited to 16-bit processor mode, with a maximum addressable space of 1MB. There are a lot of things it cannot do, which isn't surprising when we're using 286-level technology. BIOS' MBR partition system is unnecessarily fragile, is limited to maximum 2TB partitions, and the extended partition containing logical partitions schema is a kludge at best. GPT does away with these, and it's a part of the EFI standard. There are hacks to get GPT bootable disks with MBR, but they're just that. UEFI was designed with them as part of the standard. BIOS is simply obsolete-- it works, but it is far more restricted than makes sense with modern hardware.

Intel still owns the rights to EFI, but its successor, UEFI, is in the public domain. It is not owned by Microsoft, and Microsoft can't unilaterally dictate changes for UEFI. What MS is able to do is to demand that OEMs who wish to receive Windows to sell with their new PCs configure that PC in a certain way, but that's not an indictment of the technology itself, but in a monopolist behaving as such (with governments that have made quite a hobby out of looking the other way at each and every opportunity). This configuration is, of course, "secure boot."

UEFI is not the same as secure boot. The PC I am using now uses UEFI, and it doesn't have the ability to perform a secure boot. The concept of letting Microsoft have the keys that decide if a PC may boot with a given bootloader is, of course, insane, but that's a deal between the BIOS makers/motherboard OEMs and Microsoft, not a predefined part of UEFI. UEFI contains the tools for secure boot, but there's no inherent requirement that MS have any say in the matter.

For most PCs, if you don't like secure boot, you can turn it off. It does have a legitimate security use, though... rootkits do exist, they do overwrite the bootloader with their own code, and secure boot would prevent this from working. That's not a scam to let MS decide what OS gets to run-- that's a real security issue with real benefits to the user. Some Linux distros do have secure-boot functionality; I don't know about the other Unix-like OSes. Still, if you want to use a bootloader that isn't MS-approved, turn it off and be done with it.

On some devices, secure boot can't be turned off. You'll have to talk to the makers of those devices and ask them what kind of deal with Microsoft they made to block off a whole category of potential customers (those who wish to use another OS beside or instead of Windows). You can vote with your feet on these... just don't buy anything that has mandatory secure boot. It does mean more research before purchasing, but that's necessary anyway if you don't want to be unpleasantly surprised.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020