Lockdown: free/open OS maker pays Microsoft ransom for the right to boot on users' computers

A quiet announcement from the Fedora Linux community signals a titanic shift in the way that the computer market will work from now on, and a major threat to free/open operating systems. Microsoft and several PC vendors have teamed up to ensure that only operating systems bearing Microsoft's cryptographic signature will be able to boot on their hardware, meaning that unless Microsoft has blessed your favorite flavor of GNU/Linux or BSD, you won't be able to just install it on your machine, or boot to it from a USB stick or CD to try it out. There is a work-around for some systems involving a finicky and highly technical override process, but all that means is that installing proprietary software is easy and installing free/open software is hard.

This is a major reversal. For many years now, free/open OSes have been by far the easiest to install on most hardware. For example, I have installed Ubuntu on a variety of machines by just sticking in a USB stick and turning them on. Because the OS and its apps are free, and because there are no finicky vendor relationships to manage, it Just Works. On some of those machines, installing a Windows OS fresh from a shrinkwrapped box was literally impossible -- you had to order a special manufacturer's version with all the right drivers to handle external CD drives or docking stations or what-have-you. And the free/open drivers also handled things like 3G USB adapters better than the official drivers (not least because they didn't insist on drawing a huge "WELCOME TO $SOME_STUPID_PHONE_COMPANY" box on the screen every time you connected to the Internet.)

At issue is a new facility called UEFI, which allows a computer's bootloader to distinguish between different operating systems by examining their cryptographic signatures. Read the rest