Fedora pays M$ boot tax to access consumer’s hardware

Posted on Monday, June 4th, 2012 in Linux, News by the machinegeek

According to an article posted on BoingBoing, Fedora Linux has agreed to pay Microsoft what amounts to an access tax which will allow Fedora products to run on MS locked down hardware.

A quiet announcement from the Fedora Linux community signals a titanic shift in the way that the computer market will work from now on, and a major threat to free/open operating systems. Microsoft and several PC vendors have teamed up to ensure that only operating systems bearing Microsoft’s cryptographic signature will be able to boot on their hardware, meaning that unless Microsoft has blessed your favorite flavor of GNU/Linux or BSD, you won’t be able to just install it on your machine, or boot to it from a USB stick or CD to try it out.

Microsoft’s practice is facilitated by the UEFI, or Unified Extensible Firmware Interface, which allows a manufacturer to lock down the boot process so that it will only work on their specified conditions. (For an explanation of the UEFI in general, see Sebastian Anthony’s ExtremeTech article.)

We don’t judge Fedora for doing what they felt was necessary to facilitate their operations. However, the implications of Microsoft taking advantage of the UEFI to exclude open source products from being installed on the hardware you own are huge.

Update from the comments:

The Boing Boing article is inaccurate about the $99 going to Microsoft. The actual article that they link to states that the $99 actually goes to Verisign to get a code signing certificate and you can sign as much stuff as you want after that within the validity of the certificate.

Via BoingBoing.

This entry was posted on Monday, June 4th, 2012 at 1:48 pm and is filed under Linux, News. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

14 Responses to “Fedora pays M$ boot tax to access consumer’s hardware”

  1. Tiersten says:

    The Boing Boing article is inaccurate about the $99 going to Microsoft. The actual article that they link to states that the $99 actually goes to Verisign to get a code signing certificate and you can sign as much stuff as you want after that within the validity of the certificate.

  2. anachronator says:

    Yes, that is my understanding also. They have to pay $99 *total* … to Verisign. For just one signing cert that can be used to sign their boot loader such that it will work on the “default” UEFI config. And anyone is free to go into the config and add their own cert or delete the default one(s). Actually this seems reasonable, and perhaps is overdue.

    So much FUD spreading about essentially nothing. You’d think Fedora had switched to supporting windows from all the hubub.

  3. Bender B. Rodriguez says:

    If MicroShaft gets to control all motherboards which have UEFI on them; then I will simply never buy a ‘UEFI compatible’ motherboard.

    Simple enough, vote with your dollars.

    • Matt says:

      If you’re not going to buy a UEFI motherboard, what type will you buy?

      AFAIK UEFI is the new standard “BIOS”

      Myself I’d just buy a UEFI motherboard that allows me to disable secureboot, or use my own key.

      • oliver says:

        And with that foot in the door, MS can start ‘requiring’ all UEFI’s to enable secure boot, as they will do on ARM.

        nofi, but who the fuck decided that MS is in charge what can be run on a motherboard? Who made them the ones who decide which bootloaders gets signed?

        I sure hope that Nellie Kroes does some magic against this BS. Because this reeks of unfairness everywhere.

  4. someone says:

    “Fedora pays M$ boot tax to access consumer’s hardware”

    Hum, really? Are you sure?

  5. Drone says:

    I have to study this subject to understand fully; especially given the comments so-far to this post.

    However, I do have two aversion to products that do the following:

    1. “Phone Home” over the Internet to function. A simple example is my (essentially) dead Chumby. (Yeah, I could spend ages breaking the shackles, but it isn’t easy – yet).

    2. Devices with batteries the user cannot replace. This is a big one with me. As an EE I understand different battery chemistry and charging technologies are important for a particular product, but a product that closes the battery replacement issue forever by making the battery next to impossible to replace over years of use renders the product (for me at-least) unsustainable over the long term. Not to mention the ecological impact to the environment that this causes – planned obsolescence IMO (Hello Apple, are you listening?)

  6. LA says:

    What a load of crap. Why in the world would you need to sign your operating system for it to boot? I do this: and I can see UEFI is just basically another tool to try stop users from having a choice.

    • Adam Shea says:

      The point of signed bootloaders is so you don’t have to worry about boot-ransom malware. It’s a good idea from that point of view. The problem comes in when you let Microsoft’s near monopoly of the desktop PC market near it.

  7. Torsten says:

    For all the details, check Matthew Garrett’s Blog at – that’s where the “real” information is…

  8. Trev says:

    This “news” article need to be fixed. It is blatant anti-MS and wrong to boot :-) The $99 all goes to Verisign for the certificate, nothing goes to MS.

    • Oliver says:

      The actual cash doesn’t, but they surely don’t care much about a few thousand dollars. They are in charge of what runs on an x86 PC, and could theoretically at some point revoke your license and make your PC un-bootable after an bios update, if it can’t be done ‘over the web’.

  9. Trev says:

    More exaggeration.

    “all x86 Windows machines will be required to have a firmware option to disable this or to permit users to enrol their own keys”

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • Joe Desbonnet: Ya, I can recommend the low melting point solder. I used brand 'ChipQuik' and it's amazingly easy to use.
  • Jerome: I need a new BusPirate for the Fablab ;) Many thanks!
  • Max: Seems like an unexpectedly violent way to remove the chip indeed. A hot air station should of course do the job just fine, but in...
  • jose: Part removal described here is pure butchery, the cheapest hot air station will do a fast and clean job removing the QFP, heat air to...
  • Cody: Yes please