Fedora pays M$ boot tax to access consumer’s hardware

According to an article posted on BoingBoing, Fedora Linux has agreed to pay Microsoft what amounts to an access tax which will allow Fedora products to run on MS locked down hardware.

A quiet announcement from the Fedora Linux community signals a titanic shift in the way that the computer market will work from now on, and a major threat to free/open operating systems. Microsoft and several PC vendors have teamed up to ensure that only operating systems bearing Microsoft’s cryptographic signature will be able to boot on their hardware, meaning that unless Microsoft has blessed your favorite flavor of GNU/Linux or BSD, you won’t be able to just install it on your machine, or boot to it from a USB stick or CD to try it out.

Microsoft’s practice is facilitated by the UEFI, or Unified Extensible Firmware Interface, which allows a manufacturer to lock down the boot process so that it will only work on their specified conditions. (For an explanation of the UEFI in general, see Sebastian Anthony’s ExtremeTech article.)

We don’t judge Fedora for doing what they felt was necessary to facilitate their operations. However, the implications of Microsoft taking advantage of the UEFI to exclude open source products from being installed on the hardware you own are huge.

Update from the comments:

The Boing Boing article is inaccurate about the $99 going to Microsoft. The actual article that they link to states that the $99 actually goes to Verisign to get a code signing certificate and you can sign as much stuff as you want after that within the validity of the certificate.

Via BoingBoing.

Join the Conversation

14 Comments

  1. The Boing Boing article is inaccurate about the $99 going to Microsoft. The actual article that they link to states that the $99 actually goes to Verisign to get a code signing certificate and you can sign as much stuff as you want after that within the validity of the certificate.

  2. Yes, that is my understanding also. They have to pay $99 *total* … to Verisign. For just one signing cert that can be used to sign their boot loader such that it will work on the “default” UEFI config. And anyone is free to go into the config and add their own cert or delete the default one(s). Actually this seems reasonable, and perhaps is overdue.

    So much FUD spreading about essentially nothing. You’d think Fedora had switched to supporting windows from all the hubub.

  3. If MicroShaft gets to control all motherboards which have UEFI on them; then I will simply never buy a ‘UEFI compatible’ motherboard.

    Simple enough, vote with your dollars.

    1. If you’re not going to buy a UEFI motherboard, what type will you buy?

      AFAIK UEFI is the new standard “BIOS”

      Myself I’d just buy a UEFI motherboard that allows me to disable secureboot, or use my own key.

      1. And with that foot in the door, MS can start ‘requiring’ all UEFI’s to enable secure boot, as they will do on ARM.

        nofi, but who the fuck decided that MS is in charge what can be run on a motherboard? Who made them the ones who decide which bootloaders gets signed?

        I sure hope that Nellie Kroes does some magic against this BS. Because this reeks of unfairness everywhere.

  4. “Fedora pays M$ boot tax to access consumer’s hardware”

    Hum, really? Are you sure?

  5. I have to study this subject to understand fully; especially given the comments so-far to this post.

    However, I do have two aversion to products that do the following:

    1. “Phone Home” over the Internet to function. A simple example is my (essentially) dead Chumby. (Yeah, I could spend ages breaking the shackles, but it isn’t easy – yet).

    2. Devices with batteries the user cannot replace. This is a big one with me. As an EE I understand different battery chemistry and charging technologies are important for a particular product, but a product that closes the battery replacement issue forever by making the battery next to impossible to replace over years of use renders the product (for me at-least) unsustainable over the long term. Not to mention the ecological impact to the environment that this causes – planned obsolescence IMO (Hello Apple, are you listening?)

    1. The point of signed bootloaders is so you don’t have to worry about boot-ransom malware. It’s a good idea from that point of view. The problem comes in when you let Microsoft’s near monopoly of the desktop PC market near it.

  6. This “news” article need to be fixed. It is blatant anti-MS and wrong to boot :-) The $99 all goes to Verisign for the certificate, nothing goes to MS.

    1. The actual cash doesn’t, but they surely don’t care much about a few thousand dollars. They are in charge of what runs on an x86 PC, and could theoretically at some point revoke your license and make your PC un-bootable after an bios update, if it can’t be done ‘over the web’.

  7. More exaggeration.

    “all x86 Windows machines will be required to have a firmware option to disable this or to permit users to enrol their own keys”

Leave a comment

Leave a Reply to Bender B. Rodriguez Cancel reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail. You can also subscribe without commenting.