Why I don’t use linux (and why you shouldn’t either)

As you may know, I have nothing against open source software. In fact, I am both a user of FreeBSD, and a developer of open source projects. But linux never sat well with me. It’s not so much the software itself, as it is the culture. The GPL is not my idea of free software. I think the BSD license offers considerably more freedom. GPL is more of a political manifest if anything. And I am interested in software development, not politics. Aside from that, the attitude of the linux community does not appeal to me.

Now, back in late September/early October, there was some buzz when word got out that Microsoft wanted to have UEFI secure boot enabled by default for Windows 8 systems. I did not bother to blog about it at that time… But as new ARM-based devices for Windows 8 are being introduced, the issue is being recycled by the linux community. You get over-the-top articles like this one. Where, as usual, linux is trying to play the victim, and blame everything on evil Microsoft.

Excuse me? But linux is doing it to themselves. A far more balanced article that was released earlier, can be found here. The short version is that the GPL (specifically version 3) doesn’t allow any kind of binary code to be distributed without source code. This restriction means that the secure key for booting cannot be kept a secret. So the GPL is locking linux out from participating in UEFI’s trusted boot sequence, which is meant to prevent rootkits from installing on your system unnoticed (is that such an evil thing?)

Now, the simple solution would be to create a license that is compatible with UEFI, so linux too can support secure booting. But no. Pragmatic as always, the linux community feels that their license is holy, and that the rest of the world is wrong, and has to adapt to their ways (which has worked just great so far, hasn’t it?).

And this is the sort of thing that drives me away from linux. I simply don’t want to be associated with these people and their crazy ideas and conduct in any way. I don’t need their software. Choice is important, right? Well good, because I can choose alternatives, such as FreeBSD. It’s free, it’s open source, and it does everything I need it to. But the community seems nicer. It’s just one coherent project, instead of tons of distributions-on-distributions, and the focus is on developing quality software. There are clear goals, a clear vision. If you are a linux user, I suggest you check out FreeBSD. For most types of linux installations, FreeBSD will make a fine alternative, as it is a true UNIX derivative, and most software that is available for linux, is also available for FreeBSD (Apache, mysql, postgresql, KDE, Gnome, VLC, Firefox, Chromium, Thunderbird etc). Under the right circumstances, FreeBSD will even perform better. And you will no longer be involved in all the political nonsense, FUD and distro-wars of the linux community (try asking a question… no matter what the topic, one of the first answers is always going to be: “But distro X sucks. You should try distro Y!” As if that matters…).

Update: Since I originally wrote this, both Fedora and Ubuntu have come forward with solutions to the UEFI secure boot problem (which, surprise suprise, consists of replacing Grub with an alternative bootloader under a license that is compatible with private key signing). Linus Torvalds has expressed moderate support for Fedora’s approach.

Advertisements
This entry was posted in Software news and tagged , , , , , , . Bookmark the permalink.

93 Responses to Why I don’t use linux (and why you shouldn’t either)

  1. Maxx Kilbride says:

    Nice article. I’m sick of people who use Linux acting like Mac owners. They act elitist, and above, and look down on people who DON’T use Linux. It’s really irritating.

    Continue to fight against elitism(which is how I see this blog).

    • Scali says:

      Elitism? Yea I suppose. Moral superiority at any rate. The linux guys seem to think that they can get away with murder, just because Microsoft is this big, evil empire.
      Same with the AMD guys… Intel and nVidia are big evil companies, but AMD gets to lie and cheat as much as they want.

      • Maxx Kilbride says:

        Exactly. I often know people who buy AMD CPU’s and ATi GPU’s simply because they are *not* NVIDIA, and I can’t stand that.

        People who will buy AMD’s Bulldozer versus a Sandy Bridge CPU…because they don’t want to support the big bad Intel. People who, despite evidence, still claim Bulldozer is going to magically become 20% faster in Windows 8…and by that time, Ivy Bridge will be out, perhaps IB-E will be out by then as well, at which point even if it was 50% faster, it wouldn’t be enough.

        Nothing again buying AMD / ATi products…but people who buy them simply cause they don’t want to support Intel / NVIDIA I can’t stand.

        For example, NVIDIA rebranded cards for their next lineup. ATi fans called foul and touted how great AMD was, making new cards each gen. ATi rebranded some 5xxx cardscto 6xxx, and

      • Maxx Kilbride says:

        ATi fans said that it wasn’t a big deal, but when NVIDIA did it, it was SUCH a HUGE deal that they said NVIDIA was dead and couldn’t think of new stuff to make. AMD does it and “Well, it just makes sense, why build whole new architectures for your low and mid-range series”

        At least NVIDIA had the decency to do die shrinks and minor improvements…

        I will go where the performance is. I chose my cases based off performance, not looks, all my parts, performance, not looks.

        It’s just the syndrome where people feel they’re cool because they support the underdog, or that they are part of elite little club because they did not “conform” like others and buy NVIDIA / Intel.

      • Scali says:

        Yea, I can separate things better than most people I suppose. I mean, I don’t like AMD’s business practices, and I don’t like AMD’s fanbase. But if they have a better product than the competition, I will buy the product. I’m not going to let political issues cloud my judgement. Because in the end it’d just mean I’d get less value for money, so I’d be punishing myself.
        Likewise, I may have used linux if there were compelling reasons… but there aren’t. I only see reasons why I don’t want to use it.

        But supporting the underdog is just silly. I mean, it may look ‘noble and just’ for a while… but in the case of AMD, what has it brought them? AMD hasn’t had competitive high-end CPUs since 2006, and it seems they are only getting less competitive with every new architecture. So we’ve long passed the point of supporting the underdog, rewarding failure is what it is now.

        As for linux, that’s even worse. Ever since the early 90s I’ve been hearing about how great linux is, and how it is going to take over the world. Windows is just lousy bloated commercial software. Lean and mean open source is the future. Every year they’d repeat the same thing: “This is going to be linux’ year. We will reach critical mass, and a snowball-effect is going to take the world by storm”. The fairytale is long over. Linux was never lean and mean to begin with. At this point it’s at least as horrible and bloated as Windows or MacOS. But it lacks the polish that other OSes have. And critical mass never happened, and probably never will. Linux has been stuck at about 1% of the OS market for years. They could not even take advantage of the poor reception of Windows Vista. So I don’t know how many people still believe in the fairytale of linux, but I have long given up on it.
        If you want a lean and mean OS, linux is not it: http://www.youtube.com/watch?v=0_1PjOEFPTk

    • euhill says:

      Not every body that uses Linux acts in this arrogant, unfriendly, and uncooperative manner that you call Elite. Those that do not are really caught in the middle by those that do. I use Slackware myself and I prefer a cooperative and helpful approach. I am like this regardless of what computer platform is being discussed. I also use Windows and I am just as helpful and friendly there as well. Although I have dissagreed a bit on some of the solutions offered there, but that is life unfortunately. I deal with it in a responsible manner.

    • eunderhill says:

      Not everybody who uses Linux are that way. Sure there are a lot of people that do use Linux that are that way. It’s annoying. However, there are plenty of people that use Windows who are not much better either. From my perspective, regardless of which platform we are talking about in general, the attitude just needs to go period.

  2. ignorante says:

    Without actually veirfying wheter or not you are right about the GPL3 and UEFI incompatibility, Linux is not GPL3 so it is totally irrelevant. In fact there’s a big chance Linux will not be GPL 3 ever.

    • Scali says:

      If you read the article I linked, it explains it in more detail.
      Short version: GRUB2 is GPLv3.
      And although GPLv2 doesn’t strictly forbid it, it is obviously not in the spirit of the GPL to release binaries without source and/or a means to recompile/modify yourself. Which can be traced back to TiVo and the whole reason why GPLv3 exists in the first place.
      Irrelevant, you say? Nope. Next time RTFA instead of wasting our time.

  3. flatlinr says:

    Some misunderstandings here. All the talk about source code is completely irrelevant, such as this muddle of confusion:

    “The short version is that the GPL (specifically version 3) doesn’t allow any kind of binary code to be distributed without source code. This restriction means that the secure key for booting cannot be kept a secret. So the GPL is locking linux out from participating in UEFI’s trusted boot sequence”

    GPL (v3 or other) is not preventing a secure boot sequence, especially not by requiring the release of source code. I mean, I seriously hope you don’t think any secret key is embedded in the bootloader, right?

    The worry expressed by those Linux people is the same worry you ought to feel about FreeBSD, because certainly if disabling secure boot is impossible (and apparently Microsoft requires this for Windows 8 on the ARM architecture) and the only secure boot key available is the Microsoft key, then gosh darn, only Microsoft’s software will boot. GPL, BSD, or what-have-you license be damned.

    The worry is precisely about hardware vendors being averse to include more keys than the bare minimum required (ie Microsoft’s).

    But, as a pragmatist, who do you think will have the greater success with convincing hardware manufacturers to include their key? Linux vendors such as Red Hat, Novell, Canonical? Or the FreeBSD team? 😉

    • Scali says:

      Oh dear, ignorance rears its ugly head again.
      Ever heard of Tivoization? http://en.wikipedia.org/wiki/Tivoization
      That is exactly what is going on here:
      You may have the source, but if you can’t sign it, you can’t compile and run your own kernel. GPL goes further than just distributing source code, it is about the freedom of modifying the code, and GPLv3 specifically prevents the distribution of sourcecode that cannot be run on the actual device (which means it cannot be modified).
      So UEFI secure boot is a case of Tivoization, as far as GPLv3 is concerned. So yes, GPL is locking out trusted boot (unless they distribute the key along, which voids the security in the first place, because everyone can sign anything then. So keys need to remain ‘secret’/private).

      Same worry with BSD? Nope. BSD license doesn’t prevent anything. Different worry, which is not a worry.
      Because you seem to think that you need SPECIFIC keys… which I doubt. I assume there will be a few trusted CAs in the UEFI database (and this can be updated via flashing). As long as your specific key is distributed by one of those trusted CA’s, your key will be trusted (they know where it came from, and who’s using it, that’s all that matters).
      I don’t see a problem with the larger OS developers to obtain a key that is supported by most devices.
      But to answer your question: Yes I think FreeBSD has a much larger chance of getting a trusted boot going, as they are far more pragmatic than the linux community.

      • flatlinr says:

        Thanks for the lecture but I am already aware of “Tivoization”. UEFI secure boot is not a case of it, except if the worry of the so-called “Linux community” comes true, that is, if authority is taken from the computer owner over what software they may run and placed with some other party. UEFI secure boot is certainly not in conflict with the GPLv3 license as long as that does not happen.

        You talk about a UEFI database of trusted CAs, but there really is no such thing. It’s up to individual hardware manufacturer’s to include whatever certificate they want. Certainly some kind of CA infrastructure is technically possible, but what evidence for it is there?
        Microsoft says to UEFI implementers to include their certificate for Windows 8 compatibility, and the question has been raised what incentive they would have for including any other. But anyway, these kind of details are kind of beside the point.

        It’s apparent that you think it’s enough that FreeBSD (somehow) gets its bootloader signed and that’s that, and that Linux is prevented from doing the same because GPLv3. But that’s such an extremely myopic view. I mean, seriously, GPLv3 is _not_ the issue here.

        Let’s talk about the heart of the matter instead:

        Do you want to be able to decide what software your computer runs?

        Red Hat and Canonical have investigated and come up with a proposal[1] that allows the computer owner to be the final authority over what software is allowed in their computer. That’s great in my book, and I hope they will succeed. Don’t you?

        [1] http://ozlabs.org/docs/uefi-secure-boot-impact-on-linux.pdf

      • Scali says:

        You fail to argue your case. Secure boot requires a signed bootloader. Since not every linux user has the ability to sign a bootloader, they cannot compile their own (compiling, in the broad sense of the GPL license, means that the software is not only built, but also deployed on the target system. Deployment is not possible). Why would this NOT be Tivoization?
        And yes, by definition, secure boot takes some authority away from the computer owner, obviously. Since you go from being able to boot anything, you go to booting anything signed with a trusted certificate.
        How much authority is taken from the user depends on how many OSes will become available which qualify for secure boot, and on which devices.

        And yes, technically it’s enough for FreeBSD to sign their bootloader, since ‘signing’ implies that it is signed with an accepted certificate. Anything else wouldn’t make sense. If you sign something with a useless certificate, is it really signed? Not for practical intents and purposes at any rate.

        And what the heart of the matter is to YOU, is not the heart of the matter to ME. I am a software developer, you are trying to discuss politics and religion.
        I suggest you read some of my other blogs, regarding the Amiga for example.
        Then ask yourself this question: Is it important to decide what software my computer runs? Or would I rather want to decide which hardware I use to run my software on?
        I think people like you are completely missing the point of being locked into x86/PC hardware, and yapping about some silly niche OSes that nobody really cares about. An OS is just an OS, who cares, as long as it gets the job done? It’s the hardware that matters. That determines how fast your software can run, and what your software can do.

  4. flatlinr says:

    First off, secure boot (and specifically UEFI secure boot) does not, emphatically NOT, “by definition” strip the hardware owner of any authority. Sure, it can be implemented in such a way, which is what some people are worried about, and yes, then it is exactly Tivoization. Which apparently you don’t have a problem with because you are a software developer and don’t care what software you are allowed to run(!) [1] but realize that other people do care and don’t want to be locked in. You don’t exactly refute their arguments by claiming they are “niche” and no one cares about them anyway, you know?

    Secondly, you feel very secure that the FreeBSD team will get their certificate used by most motherboard manufacturer. I hate to break it to you, but FreeBSD is infinitely more niche than the major Linux distributions 😉

    But even if they did manage with this (decidedly political!) feat, that is NOT the end of issues with the UEFI secure boot process. Please see [2] and realize that FreeBSD faces the same issues. Except for the license part, but if you read carefully, you’ll see that this is not the major problem for Linux either; in fact, currently it’s not a problem at all, because the current situation meets the GPLv3 requirements, although people would like a more stable solution.

    Of course, once again I suspect that you will retort by saying that you don’t care about any of that stuff, and you are very happy with FreeBSD delivering a signed system that can’t be modified. But try to look past your own nose and realize that others want to do more than browse the web (even if that’s probably all that the majority wants or needs.) Or in your case, use a compiler (but once again see [1].)

    Why antagonize people who are trying to come up with solutions that will make everyone happy (except, I suppose, those who want to use the UEFI for “evil deeds”…)?

    [1] Beware the day your compiler is taken away because only malware authors and other “niche” people use them 😉
    [2] http://mjg59.dreamwidth.org/9844.html

    • Scali says:

      “First off, secure boot (and specifically UEFI secure boot) does not, emphatically NOT, “by definition” strip the hardware owner of any authority.”
      Again: Arguments, do you have any?
      Or are you somehow mistaking the fact that secure boot can be disabled on some devices with secure boot itself?
      Secure boot is obviously the feature itself, when it is enabled. A system that supports secure boot, but doesn’t have it enabled, is not booting securely. I really hope that the argument you are basing it on is not THIS poor.

      “Secondly, you feel very secure that the FreeBSD team will get their certificate used by most motherboard manufacturer. I hate to break it to you, but FreeBSD is infinitely more niche than the major Linux distributions”

      Boy, don’t you make a fool out of yourself? 🙂
      Firstly, it’s not about numbers. If FreeBSD is pro-active enough, they will probably pull it off. Linux isn’t pro-active about anything, and projects generally fail to cooperate with eachother (such as the United Linux initiative… Working together with linux/GPL people generally comes down to: “This is our list of demands, you will meet each and every one of them, no negotiation”… Even though clearly linux/GPL are not in a position to negotiate).
      Secondly, you mistakenly assume that I care whether or not FreeBSD will survive the secure boot thing. I don’t, I’ve seen too many platforms come and go in my time to get attached to them. If FreeBSD ceases to exist, something else will come along. I will adapt, as I always have.
      Perhaps one day you will understand (same as with the hardware lock-in, which you chose to ignore, very telling).

      • flatlinr says:

        [I wrote]: “First off, secure boot (and specifically UEFI secure boot) does not, emphatically NOT, “by definition” strip the hardware owner of any authority.”
        [Your reply: ]Again: Arguments, do you have any?
        Or are you somehow mistaking the fact that secure boot can be disabled on some devices with secure boot itself?
        Secure boot is obviously the feature itself, when it is enabled. A system that supports secure boot, but doesn’t have it enabled, is not booting securely. I really hope that the argument you are basing it on is not THIS poor.

        No, I am not mistaking disabling secure boot with anything. I meant exactly what I said: UEFI secure boot is perfectly capable of preserving the hardware owner’s authority of her own goods while allowing a secure boot to take place. How? By simply letting the hardware owner manage the keys. Didn’t I write just this before? Is the concept difficult to grasp? It simply means that instead of using (say) only the Microsoft certificate, the device let’s the owner say “I want to use this (say) Linux certificate”. Get it? The owner of the hardware, not someone else, decides what software is allowed on their machine.

        In fact, as the situation currently stands (at least on x86) this is exactly what even Microsoft’s requirements specify (apparently). Hence why there is also no conflict with the GPLv3 (right now). But there are still problems remaining! Some of which you would have learned of if you had read the the link I posted.

        But, ok, so you don’t care about FreeBSD. Is your point that you don’t care about any OS, as long as (presumably) you get to compile and run your own user-land applications?

        Again, why not raise your gaze and realize that other people care about different things? I mean, you can’t really be thinking that everyone ought to be interested only in the things you care about, right?

        Don’t you think, for example, that some people might be interested in building their own hardware gizmos and write their own hardware drivers for them? Something they cannot do if they can’t produce the necessary signatures for their drivers (presuming a secure environment). Pick your choice of OS: all would be facing the same issue here, which is exactly what those you criticize for political and religious zealotry are trying to come up with solutions for. Your “solution” (getting a signed bootloader) is simply not sufficient.

      • Scali says:

        “By simply letting the hardware owner manage the keys. Didn’t I write just this before? Is the concept difficult to grasp? It simply means that instead of using (say) only the Microsoft certificate, the device let’s the owner say “I want to use this (say) Linux certificate”. Get it? The owner of the hardware, not someone else, decides what software is allowed on their machine.”

        I think you are overlooking the obvious here: You still need something that is signed with a valid certificate in the first place. So you no longer have the authority to run unsigned code, which by extension also means you no longer get to compile your own bootloaders/kernels (depending on how they are interwoven/interacting).
        Which was my point: you will give up SOME authority by default.

        “Is your point that you don’t care about any OS, as long as (presumably) you get to compile and run your own user-land applications?”

        I’ve mentioned it a few times already, but I guess it just doesn’t register with you.

        “Again, why not raise your gaze and realize that other people care about different things? I mean, you can’t really be thinking that everyone ought to be interested only in the things you care about, right?”

        I think you should practice what you preach first (see also above).

      • eunderhill says:

        Here are my concerns on UEFI Secure Boot. Anything that involves Microsoft is were the problem lies. Microsoft is infamous on not following standards and even go as far as to intentionally break the standards in order to gain the advantage. They did it with BIOS code by encouraging the various PC makers to see to it that Windows had the advantage with ACPI in the BIOS and no other OS. The end result was that ACPI stuff such as processor scaling didn’t work in non Windows OS’es but did work in Windows. Sure not all PC’s were affected by this, but there were enough that were. Sadly I have one of those such machines. I used Intel BIOS tools to decompile the BIOS code and have a look at it. I also got a hold of the Intel BIOS docs. It became quite clear to me that the BIOS was written intentionally to break Intel’s specifications and ensure that ACPI would only work flawlessly with certain Windows versions and nothing else. Since standards were broken with BIOS’s, what to stop Microsoft from doing it with UEFI standards and ensure that only Microsoft keys will only be recognized. In fact, there are some PC’s that are being made right now that are implementing just that. Having a key will do you no good if you can’t add in a new key.

      • Scali says:

        The story about ACPI and “processor scaling” sounds weird. What is that even supposed to mean?
        Also, ACPI is a low-level interface, and there is no way you can make such stuff OS-specific. What *does* happen however, is that vendors only develop Windows-drivers for certain features. But that is nothing to do with Microsoft. The linux-world has the problem that their market-share is not large enough for most IHVs to develop drivers for it. This means that the linux community has to build in support by themselves. Which can be difficult if the IHVs do not publish specs.

      • eunderhill says:

        “The story about ACPI and “processor scaling” sounds weird. What is that even supposed to mean? Also, ACPI is a low-level interface, and there is no way you can make such stuff OS-specific. What *does* happen however, is that vendors only develop Windows-drivers for certain features. But that is nothing to do with Microsoft. The linux-world has the problem that their market-share is not large enough for most IHVs to develop drivers for it. This means that the linux community has to build in support by themselves. Which can be difficult if the IHVs do not publish specs.”

        First of all what I am referring to is the older Intel ACPI 6.0 specification as that is what my machine was designed to use. It’s a single core Dell laptop hailing from around 2002. The specification was published and was easily accessable through Intel’s website. Not sure if it is still available anymore though. Intel does remove items from their website after a certain period of time passes. Processor scaling is a general term for what Intel refers to under their brand name of SpeedStep. AMD Has their own name for it. Processor scaling is the correct term for it however. I’ve never had an ADM machine so I can’t comment on it. I’ve only had Intel machines so I’ll be restricting my comments to Intel. The Intel ACPI 6.0 specification required the BIOS to store what was called a DSDT (Differentiated System Description Table) in the BIOS. Here’s an Arch linux Wiki on it and should help with what i am discussing here https://wiki.archlinux.org/index.php/DSDT When an ACPI compliant OS boots up, it reads the BIOS’s DSDT table to determine the machines’s ACPI capabilities. For this to work properly, the BIOS must relay the information to the OS in a standard way. This is were Microsoft and it’s various vendors stepped in and broke it. They didn’t follow Intel’s specification 100 percent and did some things their own way. The result is that an OS that follows the specification 100 percent will have some problems with ACPI and some things just will not work. In my machine’s case it was the processor scaling that they broke. Windows (Windows XP in my case) was given a driver that was supplied by Dell to read the DSDT and get the correct information for processor scaling. When you boot Linux or any of the BSD’s processor scaling won’t work as the information the DSDT has is either not correct or is not being given to the OS at all. For all I know they may have been doing both. I do know that the section of the DSDT where the processor scaling information was stored was not written to Intels specs. I also know that the DSDT was looking for four Windows OS’s which were Windows 98, Windows ME, Windows 2000, and Windows XP. Some people had discovered that Linux was being blocked intentionally in there machine’s DSDT. That wasn’t the case with my machine’s DSDT though. In order to get processor scaling to work, I ended up getting the Intel Specs to my processor and added in my processor to the deprecated speedstep-centrino processor scaling driver. That driver works by providing the processor frequency and voltages to linux’s ACPI process and by passing the BIOS’s DSDT. I did try the DSDT linux kernel override method, but since I am not up on AML code that the DSDT is written in, I was not successful with this method.

      • Scali says:

        SpeedStep is not “processor scaling” but “dynamic frequency scaling”.
        And indeed, the capabilities of CPUs and chipsets often go above and beyond standardized interfaces such as ACPI, and require specific drivers, as I already said.
        The DSDT is just a table, so I’m not sure how a table would be able to check for an OS. The OS checks for the table, not the other way around.

        At any rate, whatever happens here, is related to the ACPI implementation in the firmware and the drivers provided by the IHV, and is not Microsoft’s doing.

      • eunderhill says:

        “SpeedStep is not “processor scaling” but “dynamic frequency scaling”.
        And indeed, the capabilities of CPUs and chipsets often go above and beyond standardized interfaces such as ACPI, and require specific drivers, as I already said.
        The DSDT is just a table, so I’m not sure how a table would be able to check for an OS. The OS checks for the table, not the other way around.

        At any rate, whatever happens here, is related to the ACPI implementation in the firmware and the drivers provided by the IHV, and is not Microsoft’s doing.”

        Dynamic frequency scaling is just yet another name for the same thing. Processor scaling is yet another one. I’ve seen them both. The only thing that generally requires a specific driver is SMBIOS which Linux does have. Otherwise the chipsets and processor are handled by ACPI which shouldn’t require a specific driver if the specs are followed. Some other stuff may be handled by ACPI or SMBIOS such as fan control, laptop lid switch, laptop function keys etc. The DSDT is more than just a table. It is an interactive table. Code is loaded by the OS ACPI handler and run. The OS then sends queries to the DSDT code and gets a response back. There is a whole language called AML that the DSDT is written in. It is similar to other programming languages. The only difference is it is a bit on the cryptic side and not very easy to understand unless you know AML. Even if you don’t know AML, with the aid of the ACPI spec docs, you can gleem some information from the DSDT AML code. The docs also show how the code should be written. As for OS checks, it is built into the ACPI specs. The rationale is that certain OS’es require a different response from another OS. An example is that Windows 98 ACPI support does not have some things that Windows XP has. So windows 98 will get one type of a reply on the system capabilities and XP will get another. The problem is that this OS check can be abused as well. AML code can be written to ensure that either no response or a bogus response is given. It can also be written to where if an OS is not being looked for then no response or a bogus response is given.

        Quite to the contrary, Microsoft is involved with this. They have the majority of the PC market and that gives them an incentive to discourage people from running other OS’es on these systems or as it appears today to exclude them. They tell the various companies what they expect from them in return for the privilege of including Microsoft products on their systems. Since Microsoft has the controlling interest in the PC market these companies for the most part have to do at least the bare minimum of what Microsoft says if they want to be in the PC industry. As a result the BIOS’s of various machines include varying degrees of problems for OS’es that are not Microsoft’s depending on how much that company gave in to Microsoft’s demands. From what I gather from the various news articles, UEFI Secure Boot appears to be going down the same road in the recent past as ACPI. However with the release of Windows 10 and Microsoft’s intentions of forcing everyone to use Windows 10, I feel that Microsoft will try and lock out non Microsoft OS’es as well. I’ve seen news online that indicates that future PC’s will not be able to run past Microsoft OS’es at all. Only Windows 10 will be allowed to run. That makes me think that Microsoft will use this to lock out all of the non Microsoft OS’es as well. As it is,Microsoft has already succeeded in doing this on their non Intel ARM processor based tablets.

      • Scali says:

        Dynamic frequency scaling is just yet another name for the same thing. Processor scaling is yet another one.

        No, it isn’t. Dynamic frequency scaling is a very clear description: The frequency of the CPU is scaled (up/down) dynamically.
        Processor scaling is a very vague term, and can mean any number of things. I have mainly seen that phrase used in multi-core/multi-CPU contexts, where it was clear that it meant scaling up the workload with parallelism.

        Quite to the contrary, Microsoft is involved with this. They have the majority of the PC market and that gives them an incentive to discourage people from running other OS’es on these systems or as it appears today to exclude them.

        This is a completely baseless accusation. Something the linux-community is very good at. It’s always Microsoft’s fault. I don’t waste my time on useless crackpot theories like these.

  5. flatlinr says:

    Seriously, this is getting ridiculous. Obviously we are having a communications breakdown here. Perhaps I’m not understanding you; perhaps you are not understanding me, but something’s got to be done if we are going to have progress rather regress. So, without further a do, here is my patronizing explanation:

    Technically you are correct that with secure boot, a computer owner indeed cannot boot unsigned (=unauthorized) code. This by definition, the raison d’être of secure boot (ie to prevent unauthorized code), so it ought to be neither controversial nor surprising.

    And in itself it is not a loss of authority; loss of authority only comes if the computer owner is subsequently denied the ability to authorize software!

    And here’s the key point: there is absolutely no (technical) reason for why the computer owner must lack that ability! I really don’t understand why this last part seems to be so elusive?

    All that is required for this is that the computer owner has the ability to manage (add/remove) certificates that the secure boot uses to differentiate between authorized and un-authorized software.

    But since I already explained the above before, in vain as far as I can tell, here comes a really ridiculous, plentifully patronising, but hopefully illustrative story:

    We have a “normal” user (such as yourself perhaps) who is not interested in any of this alternative-OS stuff, nothing special is required of them. They simply boot and let eg Windows be authenticated by the pre-installed Microsoft certificate and they can enjoy the benefits of secure boot (ie malware prevented from overtaking the system.)

    Then let’s say that we have a more “adventerous” user who wants to try one of them Linux distros. If it is one of the big ones, perhaps they have convinced the motherboard manufacturer to embed their certificate already, in which case there is no difference to our user, so instead let’s say that she wants to try FreeBSD for which there happens to be no certificate available in her motherboard. No worries though, because she just adds the FreeBSD-team’s certificate herself, by virtue of being the computer owner. Thus she is able to enjoy FreeBSD as well as Windows, all in their full “secure boot” glory.

    And if she is really adventurous, perhaps she wants to modify the bootloader (just for the sake of the argument). When she modifies the loader, she breaks the signature so it will not be authorized by the FreeBSD certificate she installed. Again, not to fear, she just generates her own personal certificate, signs her modified bootloader with it, adds hers to the list of certificates used by the secure boot, and once again enjoys both secure booting as well as whatever it is her modified bootloader does.

    Finally, she might even decide to remove the Microsoft certificate because she doesn’t trust Windows on her computer.

    Everyone[*] is happy, presumably even you, no?

    [*]Malware authors, sadists, and other malevolent souls naturally excluded.

    There, now feel free to treat me to your own heaps of patronisation, because I suspect you to be as frustrated as I…

    • Scali says:

      “And in itself it is not a loss of authority; loss of authority only comes if the computer owner is subsequently denied the ability to authorize software!”

      Which is something you don’t seem to understand:
      Software that is not signed can not be authorized. No kind of certificate management ability can possibly allow for an unsigned OS loader to boot securely. And if secure boot is the only way a system can boot, it follows that unsigned OSes can not be authorized in any way. Which leads us to the problem of regular users having to sign their own OS loaders etc etc.
      So, as usual, the patronizing linux advocate uses flawed logic to argue his case.

      “Again, not to fear, she just generates her own personal certificate, signs her modified bootloader with it, adds hers to the list of certificates used by the secure boot, and once again enjoys both secure booting as well as whatever it is her modified bootloader does.”

      Not sure what point you are getting at here, I am not the one who claimed it is impossible for users to sign software in general, or to manage their certificates in some way.
      My point has always been that GPL-licensed bootloaders such as GRUB, cannot be distributed pre-signed because of Tivoization issues with GPL. Consequence: linux live-CDs, pre-compiled installers etc will not be signed, and will not boot on a PC with secure boot enabled. The only way would be to manually compile/self-sign your OS, import the key into UEFI and then install it… which I don’t think the majority of linux users would be capable of, or at least bother to take the trouble… especially if they could just install a BSD as-is.

      • flatlinr says:

        Speaking of flawed logic:

        First part written by you:
        “Which is something you don’t seem to understand:
        Software that is not signed can not be authorized”

        Second part written by you:
        “The only way [to authorize] would be to manually compile/self-sign your OS, import the key into UEFI and then install it”
        Spot the contradiction? No?

        Your second part is not even correct at that; it’s not the only way, but I give up trying to discuss these things! We obviously can’t communicate and I feel I’m being forced into talking down to you like you are some technological dimwit, which I know you are not, so this is just too frustrating.

        Oh, just FYI: I am not a Linux advocate. I’m not a Linux fan. Hell, I’m not even a Linux user. And I’m most certainly NOT a GPL advocate/fan/user either, especially not GPLv3. Believe it or not, I came here by way of your Amiga polygon rendering post. (But I’m not an Amiga advocate/fan/user either).

        Adieu!

      • Scali says:

        “Spot the contradiction? No?”

        Well no. You are confusing signing with authorizing. The [to authorize] was added by you, not me. I was talking about obtaining a signed version of linux.
        Fact: Software that is not signed can not be authorized.
        Fact: After you sign software, it is no longer unsigned.
        So yes, AFTER you sign it, you can authorize it. But not BEFORE.
        Which begs the question: is it even possible to sign certain OSes? I mean, take DOS for example, it was never made to support UEFI at all, let alone to boot securely. I am not so sure if you can just stick a signature on it and make it boot securely. The boot-sequence would probably need to be rewritten to be UEFI-compatible.
        So no, self-signing is not a guarantee that everyone can run any OS. Firstly because not everyone may have the skills required to sign their OS of choice and make their system accept the signature, and secondly, because it may even be technically impossible to sign OSes that are not aware of secure boot in any way.

        “We obviously can’t communicate and I feel I’m being forced into talking down to you like you are some technological dimwit, which I know you are not, so this is just too frustrating.”

        I guess it’s your Dunning-Kruger showing. You’ve taken a knife to a gun fight. Your logical reasoning is clearly lacking, as demonstrated above and in previous posts. You equate things with eachother that aren’t equivalent, and jump to conclusions repeatedly, overlooking various details. Cognitive dissonance ensues. Whatever you do, there’s no way you will agree with me, because that would imply admitting your mistakes. Since in your mind, you are smarter than everyone else, making mistakes is inconceivable.

        “Believe it or not, I came here by way of your Amiga polygon rendering post. (But I’m not an Amiga advocate/fan/user either).”

        Why would you even read that if you have no ties with Amiga whatsoever? An unlikely story. Even more unlikely since you clearly demonstrated to have no concept of different hardware platforms, and how Windows/MacOS/linux/etc still mostly rely on x86/PC lock-in… a far more serious issue than whatever FSF/GPL are trying to push.

      • nickysn says:

        “My point has always been that GPL-licensed bootloaders such as GRUB, cannot be distributed pre-signed because of Tivoization issues with GPL. Consequence: linux live-CDs, pre-compiled installers etc will not be signed, and will not boot on a PC with secure boot enabled. The only way would be to manually compile/self-sign your OS, import the key into UEFI and then install it… which I don’t think the majority of linux users would be capable of, or at least bother to take the trouble… especially if they could just install a BSD as-is.”

        I think you are wrong. I believe GPL has nothing to do with this issue. The GPLv3 anti-tivoization clause only affects you if:
        1) you are selling a “User Product” (i.e. some sort of hardware), which comes with GPLv3 software/firmware preinstalled
        and
        2) that software/firmware can be updated, i.e. it’s not burnt in a ROM chip or something like that

        If you’re distributing live CDs and not selling any hardware, you are not affected if you distribute them as pre-signed binaries, as long as you also give the users the source (but not necessarily the private keys, used for signing). Here, for example, Fedora is shipping a signed binary rpm, which contain grub 2, a GPLv3 software:
        http://koji.fedoraproject.org/koji/buildinfo?buildID=278860
        They are also giving the sources, but no, they are not giving away their private key and nobody is screaming about that.

        Even if you’re a selling a user product, that comes with grub 2 and linux preinstalled, you can still distribute it with secure boot, and pre-signed binaries as long as your hardware allows the option of disabling the secure boot if the user wants that (or install her own custom keys, so she can sign and run her own modified software). And in this case you’re not even required to continue providing warranty support or network service to the product:

        “The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.”

      • Scali says:

        “Here, for example, Fedora is shipping a signed binary rpm, which contain grub 2, a GPLv3 software:”

        I see no indication whatsoever that this is a signed binary. How can I tell?

        “They are also giving the sources, but no, they are not giving away their private key and nobody is screaming about that.”

        As demonstrated below, the key would be part of the ‘source’, according to GPLv3.
        Even if Fedora would be distributing signed binaries without keys (which, as I said, I see no indication of), that doesn’t prove they have interpreted GPLv3 correctly.

        “Even if you’re a selling a user product, that comes with grub 2 and linux preinstalled, you can still distribute it with secure boot, and pre-signed binaries as long as your hardware allows the option of disabling the secure boot if the user wants that”

        In case you missed it, the whole panic was about the fact that disabling secure boot may no longer be possible on future devices.

  6. flatlinr says:

    You might want to consider how the Dunning-Kruger effect applies to yourself.

    Just saying…

    • Scali says:

      Prove me wrong, and I might consider it.
      As long as I can prove everything I say with facts and logical argumentation, there is nothing that would indicate any kind of overestimation of my own knowledge and skills, nor underestimation of any antagonists.
      Don’t mistake me being right and being able to argue my points successfully with me thinking that I am infallible and smarter than everyone else. I just try not to get into debates that I don’t know enough about (which is pretty much the opposite of what happens with Dunning-Kruger).

      You on the other hand have consistently been caught on lack of argumentation and logical flaws (not to mention personal jabs). Yet you continue to post in a pedantic manner. That spells Dunning-Kruger.

      • flatlinr says:

        SIgh, let me ask you this, do you think you understand exactly what I’m trying to communicate to you? And do you feel that I understand what you are trying to say?

      • Scali says:

        I don’t see how that relates to Dunning-Kruger directly. Seems you’re just jumping from one angle to the next.
        What I *do* know is that you are trying to point out contradictions that are in fact not contradictions.
        So at the very least it is obvious that you don’t understand exactly what I’m saying (which is probably because you are more hell-bent to find fault in anything I say at this point, than in actually trying to have a mature discussion).
        Given your conduct, I am now past the point where I even care about what you are trying to communicate.

  7. flatlinr says:

    It does not have anything to do with Dunning-Kruger. It doesn’t have anything to do with being “right” or “wrong” either. You can let your guard down.

    You are correct that I don’t understand what you were trying to say. I note that you do not answer whether you feel that you understood me either. It should be patently obvious that I felt that you didn’t.

    Which is what that whole “patronization” thing was about. Reading back now, I see that I should have been clearer: the invitation to patronize me was not meant as an insult; I meant that I wanted you to explain your argument to me, in as simple a way as possible, as I tried to do with my, admittedly patronizing, example, so that I might finally understand just exactly what you mean.

    We might as well be talking different languages. There’s no winning or losing a discussion then because there is no discussion taking place.

    Which is why I became so frustrated. Sorry if I let slip out some insults in the heat of the moment.

    Finally, and honestly, I’m not trying to start something here, but please note that I never wrote that I didn’t have any interest in Amiga. I’m not an advocate (although I probably would have been considered that twenty years ago), I’m not a fan (again not since twenty years at least), and I’m not a user (anymore). It was a small bit of nostalgia and coincidence that brought me here. That’s all.

    • Scali says:

      I’ll just have a few things to say…
      Firstly, your very first sentence was this:
      “Some misunderstandings here. All the talk about source code is completely irrelevant, such as this muddle of confusion:”
      Now, do you really think that’s a good way to start a constructive debate? That’s the problem with you, and many others who have commented on my blog over time (with Jed Smith being one of the finest examples).

      That’s Dunning-Kruger right there. You come here with a lot of attitude, thinking you can pull my entire article apart in just 1 or 2 sentences. It doesn’t always work that way.

      Secondly, you assume that I have more than a passing interest in linux/GPL/whatnot. Which I don’t. As I said already: GPL is a political manifesto. I don’t care about politics.
      The linux community is nothing less than retarded. UEFI has been around for years, as has secure boot. UEFI is not Microsoft’s invention, even though they (the linux community) obviously pass it off as such. No, EFI was originally developed by Intel and HP, and now there is the UEFI forum, including tons of companies, such as AMD, Dell, IBM and Lenovo. Many of the members actively support linux.

      So this whole UEFI thing, and even the secure boot feature aren’t exactly new, they didn’t just drop from the sky. Where were the larger linux distros when the secure boot standard was being developed by the UEFI forum? That’s right, they weren’t interested, perhaps even oblivious (it’s a very self-centered community). And now Microsoft wants to have secure boot enabled by default… which even the most extreme linux advocate would have to admit, is a good security measure against rootkits. But suddenly the linux guys wake up now.. “Oh shit, our OS won’t work anymore. We have to spread a lot of FUD and try to change the UEFI standard!” Well, as they say: you snooze, you lose. You should have thought about it earlier. The world doesn’t revolve around linux and its GPL. And it’s also funny how linux is normally all about security… but when push comes to shove the license is holier than security.
      Too bad guys: UEFI is a widely supported industry standard. The OEMs in the UEFI forum will probably just write their own secure boot loader for their own linux distributions. Which would be ironic, as it would turn linux into something like MacOS: you can only get the OS if you also buy the hardware from the same vendor.

      We’ll just see how it pans out… But as I say, I’m not worried. OS discussions are just sad. Does your hardware suddenly run much faster and have a lot more capabilities if you run OS A instead of OS B? Nope.
      The Amiga is a fine example of a system where the hardware was unique. There was no OS to choose, only the one that came with the system (or well, Commodore later developed special UNIX workstations based on the Amiga 2000 and 3000). But was that ever a problem to anyone? Nope. It’s the hardware that makes the machine, not the software.
      Well, in theory anyway. In practice, there’s a lot of hardware available today that is only supported by Windows, or where at least the support under Windows is a lot better. As long as you pick the right hardware, the differences between Windows, MacOS X, linux and FreeBSD are marginal. It’s more about all the hardware that you CAN’T pick. As a result, barely any special hardware is being developed anymore. Macs are basically standard x86 PCs these days. Even consoles are becoming more and more just a collection of off-the-shelf PC parts.
      And hardware really CAN make a big difference in performance and user-experience.

      Let me just say that Windows was not exactly my first OS. PC wasn’t my first platform. It was not even my platform of choice. But at some point you just have to switch, if your old platform no longer is supported. Linux people seem to be newbies, and to them this apparently comes as a shock. The possibility of not being able to use linux anymore scares them.
      Well, I’ve been there, done that a number of times… And not just the OS, but my beloved hardware as well. Had to learn how to program against new APIs, new hardware, new instructionsets and everything, more often than I care to remember.
      It’s just a fact of life.
      I survived, and so will the linux people should linux fade away at some point.
      Windows is probably not my last OS, and with a bit of luck, the PC is not my last platform. You have to be prepared for this sort of thing.
      Heck, I had a similar discussion not too long ago, with some guy who had only programmed DirectX9 for a few years, and was devastated by the fact that DirectX10 required him to start over completely. I guess that is the danger when a single technology lingers on longer than usual. I have used DirectX since the early days, and I was used to having an API update every few years. And I had been forced to upgrade my OS for a newer DirectX version as well, a few times. But so many newbies totally freaked out when DirectX10 was only available on Vista. Nothing special, they just apparently hadn’t used Windows/DirectX before XP. XP and DX9’s longevity just lured them into a false sense of security.

  8. lzap says:

    “””The short version is that the GPL (specifically version 3) doesn’t allow any kind of binary code to be distributed without source code.”””

    It’s not about source code, it’s about it’s license.

    And comparing to UEFI? Come on, GPL does not PREVENT you doing this. You can still do whatever you want with GPL-based software. You must not distribute it against it. This is different.

    • Scali says:

      It is about ‘source code’, since the GPLv3 terms require you to be able to build and deploy with the source package that is distributed.
      This means that you cannot distribute a binary that is pre-signed with a private key, because you cannot distribute the key along with the source code.

      Not sure what your point is with ‘you can do whatever you want’, because distribution is a fundamental part of the GPL license.

      See: http://www.gnu.org/copyleft/gpl.html
      “The “source code” for a work means the preferred form of the work for making modifications to it.”

      “The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities.”

      You’d think that someone with a red hat in their avatar would know these things by heart.

  9. Steve says:

    I love articles telling people what OS they should and should not use. Reminds me of my Apple days.

    Maybe it’s not so bad if people just use whatever they enjoy.

    • Scali says:

      Did you even read the article? I’m not telling anyone what OS to use.
      Just pointing out some issues that may help you in selecting the OS you want to use.

      • Bouncing says:

        Title of article: Why I don’t use linux (and why you shouldn’t either)

      • Scali says:

        Yes, which is obvious. Since I believe in the reasons why I don’t want to use linux and other GPL-licensed software, I think you should do the same. It is just advice I’m giving (a recommendation is not quite ‘telling people what to use’). Do with it as you wish.
        But other than that small, obvious, mention in the title, I don’t tell anyone what software to use.
        So, you fail again!

  10. malih says:

    Not that I’m agreeing on your whole point, nor do I disagree, I simply lack the knowledge to argue at this point. I’ve been using Windows and OS X for a while now, and Linux on occasions.
    Reading this makes me curious about FreeBSD, I’ll see how that works.

  11. nickysn says:

    “I see no indication whatsoever that this is a signed binary. How can I tell?”

    Please note that I’m talking about signed rpms and not UEFI signed binaries. But rpm is still a binary format, that can include digital signatures. Here’s more info about that: https://fedoraproject.org/keys

    (Yes, they do allow you to install unsigned packages on your system or to add your own public keys that you trust, but they won’t let you have their private keys, which are secret)

    Anyway, my point was that this whole issue has nothing to do with the GPLv3 anti-tivoization clause. Consider the following scenario:

    1) Company A (let’s say Dell, HP or Lenovo) sells a computer that completely disallows booting unsigned UEFI binaries. Their computers ship with Windows 8 preinstalled, which is signed, etc. Company A doesn’t violate GPLv3, because it simply isn’t shipping any GPL code at all. Is it a big deal? You think it isn’t, some people in the Linux community think it is. (Linus Torvalds also thinks it isn’t: http://mashable.com/2011/11/18/linus-torvalds-apple-lockdown/ )

    2) Let’s say that company B (e.g. Red Hat, Canonical, etc.) obtains a UEFI key and starts shipping a signed version of Linux and Grub 2, which boots on company A’s hardware. Is company B violating the GPL? Here’s where I think you’re wrong. The GPLv3 says:

    “If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).”

    Company B doesn’t violate the GPLv3, because they’re simply not the ones selling the computer with the locked down BIOS. Here’s more proof:

    http://www.gnu.org/licenses/gpl-faq.html#GiveUpKeys

    “I use public key cryptography to sign my code to assure its authenticity. Is it true that GPLv3 forces me to release my private signing keys?

    No. The only time you would be required to release signing keys is if you conveyed GPLed software inside a User Product, and its hardware checked the software for a valid cryptographic signature before it would function. In that specific case, you would be required to provide anyone who owned the device, on demand, with the key to sign and install modified software on his device so that it will run. If each instance of the device uses a different key, then you need only give each purchaser the key for his instance.”

    So it only applies to companies selling both hardware _and_ GPLv3 software together in a single product.

    • Scali says:

      I’m not convinced.

      “No. The only time you would be required to release signing keys is if you conveyed GPLed software inside a User Product, and its hardware checked the software for a valid cryptographic signature before it would function. In that specific case, you would be required to provide anyone who owned the device, on demand, with the key to sign and install modified software on his device so that it will run.”

      I say a linux distro, especially a live CD will qualify as a “User Product”, in which case the following holds:
      “…its hardware checked the software for a valid cryptographic signature before it would function.”

      It is not relevant that the hardware and software are not built by the same company. They clearly cannot function without eachother, so there is a direct link, some kind of ‘transaction’.

      • nickysn says:

        “I say a linux distro, especially a live CD will qualify as a “User Product”, in which case the following holds”

        Yes, but:
        1) if the CD is *the* “User Product”, it cannot be said that *its* hardware checks for any kind of digital signature. A CD is just a storage media, it doesn’t check anything and it doesn’t run any software by itself.
        2) A CD is read-only memory, so once written, it cannot be updated. Not even the company that manufactured it can write a different version on the same disc. The GPLv3 specifically says:
        “But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).”

        I think that “User Product” means a computer or some sort of embedded device, in other words something that executes software or firmware in order to work normally.

        “It is not relevant that the hardware and software are not built by the same company. They clearly cannot function without eachother, so there is a direct link, some kind of ‘transaction’.”

        Not necessarily. E.g. the computer sold with a signed windows 8 can function without Linux and a signed Linux can function on any computer, including those that don’t require a signed bootloader.

        Disclaimer: I am not a lawyer and I don’t speak legalese. 🙂

      • Scali says:

        “1) if the CD is *the* “User Product”, it cannot be said that *its* hardware checks for any kind of digital signature. A CD is just a storage media, it doesn’t check anything and it doesn’t run any software by itself.”

        The GPLv3 specifically speaks of *running* the object code. Obviously the CD alone is not enough, you need hardware.

        “2) A CD is read-only memory, so once written, it cannot be updated. Not even the company that manufactured it can write a different version on the same disc. The GPLv3 specifically says:
        “But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).””

        That is not the part that is in question.
        GPL software has been distributed via CDROM for years. The fact that the CDROM itself cannot be modified is not a problem, as long as you can make copies of the CDROM contents and modify those.
        I think what this clause of the GPL means is that some types of ROMs can be written only once. So instead of overwriting this ROM, which would be physically impossible, the GPL says that it is good enough if you can just write another ROM and replace it.
        But that doesn’t apply here, since the UEFI part is what’s in ROM (or flash or whatnot), and it is not under GPL. The bootloader, kernel and whatever else might be required for a secure boot is generally installed on a regular rewritable medium, such as a harddisk. But those are the ones under GPL, in the case of linux.

        “Not necessarily. E.g. the computer sold with a signed windows 8 can function without Linux and a signed Linux can function on any computer, including those that don’t require a signed bootloader.”

        The point is, obviously (I bet you tried really hard to miss it): linux (or any other piece of software for that matter) cannot function without a computer. Just as the types of computers that linux is aimed at, cannot function without an operating system (be that linux or any other OS).

        “Disclaimer: I am not a lawyer and I don’t speak legalese.”

        Then why are you bothering me?

  12. nickysn says:

    “The point is, obviously (I bet you tried really hard to miss it): linux (or any other piece of software for that matter) cannot function without a computer. Just as the types of computers that linux is aimed at, cannot function without an operating system (be that linux or any other OS).”

    Yes, the operating system is designed to run on a computer, which *is* the actual “User Product” we’re talking about and NOT the CD media itself. The question then is whether conveying of the OS object code (specifically designed for use on a “User Product” – a computer, NOT a CD) “occurs as part of a transaction in which the right of possession and use of *the* User Product is transferred to the recipient in perpetuity or for a fixed term”. You already obtained the right of possession of the computer when you bought it from company A, which sold it to you with windows 8. The right of possession and use of this computer didn’t change when you later received linux on a CD from company B – you already had the right of possession and use of your computer.

    To make this more clear, try replacing all occurrences of “User Product” with “CD” and then with “Computer” in this paragraph:
    “If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).”

    Note that all mentions of “User Product” refer to the same thing (only the first occurrence uses an indefinite article, all the rest use a definite article), so it’s either all “CD” or all “Computer” (or “embedded device”), but you can’t mix them.

    • Scali says:

      “Yes, the operating system is designed to run on a computer, which *is* the actual “User Product” we’re talking about and NOT the CD media itself.”

      Firstly, *I* was never the one who claimed the CD media is the “user product”, that was you.
      Secondly, you again missed my point: Both the software and the hardware are part of the “product”, as I already pointed out: GPL specifically mentions deploying and running the object code. So the ‘product’ is not ‘software’, but ‘deployed and running software’. A significant difference. GPL strives to defend the freedom of distributing, using and modifying the code.

      “You already obtained the right of possession of the computer when you bought it from company A, which sold it to you with windows 8. The right of possession and use of this computer didn’t change when you later received linux on a CD from company B – you already had the right of possession and use of your computer.”

      Which is irrelevant in this debate, since neither Windows nor the computer are under GPL.
      The point is whether or not GPLv3-licensed code can be distributed in a binary form which runs on such computers.

  13. Bouncing says:

    First of all, FreeBSD is every bit as impacted by the “secure boot” issue as Linux. The license is one issue; another is that the actual bootloader must be signed. Any user who modifies a bootloader for any purpose would be locked out because the signature would no longer validate. That process is made famous by TiVo; TiVo runs Open Source software, but you can’t install your own OS on it without a hack.

    Also, Linux has been licensed under GPL2 since 1992. Unlike many GPL projects, it is under a specific version. There are tens of thousands of individuals and companies who all contribute to Linux, and because Linux is not a copyright-assignment project, the “simple solution” of releasing a new license would require the express consent of each of those contributors. Coincidentally, that’s one of the handful of reasons Linux is *not* released under GPL3.

    A truly simple solution would be to simply allow users to disable “secure boot” in the BIOS, much in the way Android phones from certain OEMs can be unlocked. Microsoft has said they won’t certify any ARM hardware where that option is even allowed, and they haven’t offered an explanation for that requirement.

    Besides, do you want to live in a world where only established operating systems, with connections to hardware vendors, can be booted by users? I would hope not. For someone whose complaint is that Linux users have some axe to grind, you sure seem upset by the idea that people are motivated to preserve choice.

    And by all means, let me know when FreeBSD can run on one of these looked ARM bootloaders. I’ll eat my hat.

    • Scali says:

      First of all, read the article and the comments.
      FreeBSD is NOT affected by the issues discussed here.
      Are you so arrogant that you think you know everything, or are you just stupid?
      Secondly, GRUB2 was mentioned specifically, and pointed out to have a GPLv3 license (if you had any clue, which you obviously don’t, you’d know that it’s the bootloader that interacts with the UEFI secure boot system, not the kernel itself).

      Thirdly, I already answered your question (no, linux users are not motivated to preserve choice. Way to miss a point)

      Thanks for proving once again that linux/GPL advocates are arrogant, ignorant, and need to push their broken logic onto everyone with force and rudeness.

      • kkinderKen says:

        “Are you so arrogant that you think you know everything, or are you just stupid? … Thanks for proving once again that linux/GPL advocates are arrogant, ignorant, and need to push their broken logic onto everyone with force and rudeness.”

        Kettle, pot.

        I’m done with you. Someone else can feed the trolls.

      • Scali says:

        “Kettle, pot.”

        Not quite. See, you are being ignorant and shouting off your big mouth. I am merely evaluating your behaviour, and holding you accountable for your actions.
        If you would not act this way, I would not be able to call you arrogant, ignorant, rude and whatnot.

        “I’m done with you.”

        Indeed you are. I don’t need people like you commenting on my blogs. As you can see, I have a zero-tolerance policy for people who are not being constructive in comments.

  14. bubonicblood says:

    For desktops, I don’t think there will be any UEFI implementation created that does not allow secure boot to be disabled. This will either in hardware via jumper or software via UEFI option. The reason is simple – economics. There is a basic need to run various server operating systems on desktop class hardware that drive sales of many major PC vendors. They will just make one giant batch of motherboards that give the user some control over secure boot.

    You are correct that the GPL will not allow distribution of GPL code which cannot be modified & executed on end user hardware. (But this ofcource has nothing to do with the source code as they key is not stored in the source, The binary is hashed and the hash encrypted with a private key and distributed along with binary. On boot then the hash is decrypted with a public key by the UEFI boot loader & hashed again and checked if the hash matches)

    Also, I don’t necessarily see why idiot users & cheerleaders of any piece of technology would make you not want to use that technology. Yes Linux zealots are annoying and mostly stupid with respect to OS knowledge, but the smarter person would understand how to deal with them to get the result that they want. No point in generating friction when you can do a simple easy things to manipulate and get the co-operating you want from them 😉

    • Scali says:

      “But this ofcource has nothing to do with the source code as they key is not stored in the source”

      It does, if you look at how GPLv3 defines ‘corresponding source’:
      “The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities.”

      “Also, I don’t necessarily see why idiot users & cheerleaders of any piece of technology would make you not want to use that technology.”

      I guess you misread my article then. The linux zealots are just an extra nuisance. I don’t like the GPL. I don’t get why people want to paint themselves in a corner like that, then complain to the rest of the world how they are painted into a corner.
      Painting yourself into a corner is not my idea of freedom.

      • bubonicblood says:

        Well it depends on who the code/binary distributor is. A Linux distribution website can give an ISO download and end-user can either use secure boot PC or disable secure boot, or sign bootloader with key and white-list that key. That clause will cause problem only if secureboot is only option or if OEM is binary distributor. Is that not right?

        ” I don’t like the GPL. I don’t get why people want to paint themselves in a corner like that, then complain to the rest of the world how they are painted into a corner. Painting yourself into a corner is not my idea of freedom”

        My only point is you don’t have to like anything. Its a piece of technology, use it if it gives value or makes you some money, otherwise discard it. Why would you want to burn bridges? I have used Linux as part of my freelance projects to make money, so GPL in fact has helped me make money. But I don’t care about GPL at all, and I will never release my code under GPL. If I make a blog about hating GPL, who will help me when I am stuck? 😛

      • Scali says:

        “That clause will cause problem only if secureboot is only option or if OEM is binary distributor. Is that not right?”

        Not entirely. Bottom line is: GPL will prevent distros from spreading pre-signed binaries.
        So secure booting out-of-the-box is not an option. Which is a problem in itself. Even if you can still disable secure boot on your PC, or if you can still sign the bootloader yourself, it makes installing linux more complex.

        “Why would you want to burn bridges?”

        Who says I’m burning bridges?
        The point is this:
        The GPL license doesn’t work. The linux people should wake up and come up with a better license which will allow secure booting out-of-the-box. That’s what’s best for the users. Then they can use secure boot out-of-the-box, and even if secure boot is no longer optional in the future (which I think is going to be a realistic option), that will not be a problem.
        But if they insist on using their broken GPL licensing, well, I can’t recommend their OS to anyone. Then they just have their priorities mixed up, and I can recommend better alternatives to people, which are easier to use and more secure.

        You see what I’m doing here? So far the linux distro’s seem to want to stick with GPL, and opt-out of secure booting altogether. How is that helping their users?
        I am trying to get the linux people to reconsider their license, and amend it so it is more userfriendly. To make them see just how ridiculous this is (and also to stop them spreading FUD and blaming Microsoft… oh well, read the article).
        All it takes is just a special ‘GRUB-license’, which will have the proper exceptions to the regular GPL to allow for UEFI secure boot.

        “If I make a blog about hating GPL, who will help me when I am stuck?”

        In case you didn’t figure it out from the things I normally post on my blog… I am not the kind of person who gets stuck.

  15. k1net1cs says:

    Hey, Scali, just found an interesting piece from Garrett (of that Red Hat fame) : http://mjg59.dreamwidth.org/10971.html

    What do you think?
    Something feels wrong with parts of it but I just can’t seem to really pick which part…

    • Scali says:

      I think he’s contradicting himself somewhat. On the one hand he points out that Microsoft wants OEMs to have secure boot on at all times (which I think is selective quoting on his behalf, as this only goes for ARM-based devices, not for regular x86-based Windows systems. Most ARM-devices are locked to booting a specific OS anyway), while on the other hand he mentions various things to be ‘untrue’… unless secure boot cannot be disabled. So they’re not untrue then, given his earlier statement on Microsoft, right?

      Aside from that, there’s still the usual linux stupidity: They claim that it’s difficult/impossible for linux to support secure boot under the GPL. But they completely ignore the simple solution of just using a different license for linux. The GPL is not holy, it is not the One True License(tm).

  16. Pingback: Wannabe Exceptional » My Personal Note About Secure Boot and Why It Makes UEFI Looks Evil (While It Isn’t)

  17. MacOS9 says:

    For Scali —>

    Dear Sir,

    While I am no computer expert, I see from your posts that you have great experience in computers and might be able to offer some objective advice.

    I enjoyed reading your comments on Linux, by the way, since I am quite frustrated by the numbers of “distros” to choose from – especially because, aesthetically, they look rather similar once I load them into VirtualBox.

    Having said that, here are my questions:

    If one prefers not to upgrade to Lion or Mountain Lion on a Core2Duo Mac running Snow Leopard, which of the following options are best to follow? (Any advice would be greatly appreciated.)

    (A) Continue running Snow Leopard but switch to 3rd-party programs that connect to the internet (once security updates stop for Snow Leopard): for example, switch to Chromium from Safari, for the web; switch to Sylpheed from Apple Mail, for mail, and so on and so forth

    (B) Install Windows 7 via BootCamp and enjoy Windows 7 computing on your Mac (since Windows provides security updates for many years, and I applaud them for this)

    (C) Install PC-BSD via BootCamp and enjoy BSD computing in GUI-friendly form, which will be similar to your previous Mac experience and you will be running a newer system (in comparison to Snow Leopard)

    (D) Upgrade to Mountain Lion if at all possible on your computer (the Core2Duo will support Mountain Lion, by the way)

    (E) Install CrunchBang Linux or Linux Mint Debian Edition via BootCamp, and “enjoy” doing the sudo apt-get thing or whatever it’s called (for the record, I did test CrunchBang Linux in VirtualBox and everything works ok, but I do hate that dependency gibberish via Synaptic…blaah…and even though such distros are advertised as “rolling” ones, i.e. that I won’t have to install a new system, merely point the repositories in the right direction – I have a strange feeling that bad things may happen in the process of changing repos)

    I thank you kindly in advance for any info. you might provide, and I have come to you with my question since I prefer not to receive info. from zealots in this-or-that OS camp – you sir are, fortunately, thoroughly objective. 🙂

    Cheers,
    MacOS9

    • Scali says:

      At the end of the day, the computer is just a tool. The OS is a big part of that tool. And as they say: you should use the right tool for the job.
      So it all depends on what you want to do with it. Which is why I think most Mac owners bought it for a reason. Usually it’s because they want to use software like PhotoShop, Premiere, Maya, or such.
      In that case, the only alternative they have is Windows, because it’s the only other platform for which most commercial applications are available as well.

      I think in general, if you have to ask which linux or BSD or whatever you should use, you shouldn’t be using any of them. These OSes are all about tinkering… just trying them out and finding which one works best for your needs. At the end of the day they’re all very similar anyway.

  18. MacOS9 says:

    Thank you for the quick and clear response.

    I’ll stick with Snow Leopard (or Mountain Lion if specs. permit) on the Core2Duos then, and may eventually transition to Windows 7 (or 8) Home Premium on them if the upgrade/security cycles for the mentioned versions of the Mac OS are cut short – as is often the case unfortunately on the Apple side of the fence. At any rate, no BSD or Linux for me (beyond VirtualBox) since I like my OSes to remain as transparent as possible – and I assume that actual installation of the Nix-variants will lead to a world of tinkering with display drivers, sleep/hibernate problems, overheating of the CPUs, etc.

    My main use for the computer is writing, research, presentations, email and IM, and such: most of my time is spent in Apache OpenOffice, Skype, iPhoto, VLCplayer, Fetch (FTP and SFTP), WINE (for the occasional Windows game), and SheepShaver (a pre-OS-X Mac emulator, since I have tons of FrameMaker documents and OS X dropped support for FrameMaker).

    By the way, what are your thoughts on the classic Mac OS? I still have OS 9.0.4 churning away nicely on my 12-year-old laptop and it works well in the programs designed for it. I remember the classic Mac system being pooh-poohed a lot in the 90s when Windows 95 came about. It’s certainly an old system when compared to OS X variants, also XP, Windows 7, etc., but I didn’t see much difference between it and Windows 95, 98, and Me.

    • Scali says:

      Well, I guess you’d have to give up iPhoto if you use any other OS than OS X. The rest should work on linux and BSD as well, except for Skype. Skype is not supported on BSD, only on (some distributions of) linux.
      So both hardware and software support are a problem with linux/BSD (as you say, drivers etc). These OSes have too little marketshare for hardware and software vendors to support them properly.
      As long they support all the hardware and software you want to use, that doesn’t have to be a problem. But you have to look before you leap.

      Classic Mac OS is rather primitive. It is technically similar to the old 16-bit Windows versions. It has no memory protection and only co-operative multitasking.
      Which means that one application may accidentally overwrite the memory of others, causing them to crash. And each application has to periodically give up CPU time so other applications can run. Which means that if one application hangs, the entire system hangs.

      In that case it all comes down to the quality of the applications. If the applications are written well, and don’t get in eachother’s way, such a system can be used just fine.

      • MacOS9 says:

        Thanks again for all the comments. I’ll most likely stick with the Mac OSes then, and might test out PC-BSD in VirtualBox. I like the BSD approach since OS X is partly based on it too (via its NextStep foundation), and I assume that a stable PC-BSD system, if set up to work properly, will be in such a state even 5 yrs. from now on the same computer with the same hardware.

        Linux on the other hand is probably a roll of the dice, since a sudo apt-get in two yrs., on the same computer and same hardware – rather than giving a nice upgrade might break the OS entirely (if support by that time starts lacking in the distro of choice, for the computer one’s running it on – since repos frequently add and remove packages so that you have no idea how your system will behave in a couple of years if you update anything). I hope I’m somewhat correct with my reading of the Linux model, and my impression that things frequently may break after upgrades in a rolling distro?

        As far as non-rolling Linux distros are concerned, I might as well stick with Mac or Windows then – since there’s no real benefit to moving into the muddy waters of the Linux world.

        By the way, in the BSD world, if one wants to upgrade their system, do they have to do a traditional install of a newer version of the OS, such as with Mac or Windows – or are there “rolling” versions available where updates to the OS, the kernel, and security patches, are merely downloaded and might require nothing more than a restart of the computer?

        (This is not to say that I have any faith in the Linux promise of smooth rolling distros, I merely ask out of curiosity.)

      • Scali says:

        There’s always the problem of dependencies. If there is an upgrade for application A, it may depend on libraries B, C, and D, which also need to be upgraded, which in turn might mean that applications E, F and G also need upgrading.
        And that sometimes breaks.
        Both linux and BSD have that problem to a certain extent. The *nix world just never was all that neat about backward-compatibility and especially binary compatibility.
        With Windows, there really is no choice for MS but to make sure that everything remains backward-compatible. Most software is closed-source, and distributed in binary form. With *nix you can often get away by just recompiling an application or library, because the source code is available. Sadly the *nix world has come to rely on that too much, which means it is much harder to distribute applications in binary form. Most closed source software is available only for a few popular distro’s, and then only a few specific versions.

        There are various ways to upgrade a BSD system. You can get the latest source code and compile it yourself. You can also do a binary upgrade using the installer from the DVD. Or you could just do a complete reinstall.
        In some cases a reinstall is the best way… Eg when you want to use a new type of filesystem. They generally don’t support converting an existing partition to another fs, so the only way is to create a new partition and start fresh.
        Another issue is with major GCC updates. Newer versions of GCC are not always binary compatible with older versions. Which means that you cannot mix old and new libraries. This causes a sort of chicken-and-egg problem if you’d want to upgrade your system by recompiling it. You’d first compile the new GCC with your old GCC… which means that the new GCC is not compatible with itself.
        But the kernel itself can generally be upgraded via source code, and just a reboot.

  19. MacOS9 says:

    That settles it then for me: will stick with Mac or Windows OSes, and will continue to read up on developments in PC-BSD (since they’re experimenting with PBIs, push-button installers that wrap libraries with corresponding applications, sort of like apps on a Mac or executables in the Windows world).

    At any rate, no Linux and dependency nightmares for me, which I suppose connects back with the main point of your article in this posting: that Linux needs to re-evaluate its ideological (and developmental) position if it is to succeed and gain market share (I think the fork LibreOffice, spun off of OpenOffice, is a good example perhaps of the chaos typical of the Linux world: i.e., forks ad infinitum, and distros galore, that dissipate rather than harness the power of computer programming in some more unified way).

    Thanks once again for offering objective and quick info., and clarifying my many questions.

    • MrKarl says:

      I really don’t understand what’s wrong with Linux. I’ve used it for years as a family PC. If I want a GPL app, I click on it in my app store (or sudo apt-get install).

      If it’s non-GPL, like Flash, I pick a distro that does it all for me (like Mint).

      I also have Minecraft and Machinarium.

      Saying there’s too much choice is like saying there’s too many animals in the world, and I just want a cat, dammit!

      Nature is strong because of biodiversity. Linux and co are strong for the same reason. Because of competition, infighting and forking, not despite!

      Imagine buying a car, and finding the engine and all locked in a box so people don’t maliciously cut the brakes, then not being allowed the key to turbocharge or diesel-convert. That’s the potential danger with MS, OEM’s and proprietary software in general…

      • Scali says:

        Biodiversity is only part of the story. It is about survival of the fittest. Computing history is full of hardware, OSes and applications that did not make it in the end (which sadly a lot of people don’t seem to understand. They think that Windows and linux have been around forever, and generally have no idea about any other OSes, past or present). The problem with linux distros is that diversity is preferred over quality. This means that software does not need to adapt or evolve in order to be included. The result is that instead of just 3 or 4 quality products for a certain task, there are dozens, or even hundreds, most of which are extremely poor. As a user you need to weed through all these half-baked products in order to find the one or two products that serve your needs. Which only works if your needs are simple enough.

        As for the inescapable car-analogy… Linux is more like you don’t get the key, but instead you get a document describing how to manufacture your own key. Except… the document is in Chinese, which you can’t read, and the document hasn’t been updated in a while, so the key it describes does not entirely fit on your particular version of the box.

        Microsoft’s box instead can only be opened with their own key, and only modified with their own tools. However, they give you the key, a well-filled toolbox, and a collection of up-to-date manuals which are in English, and easy to understand.

        Neither solution is perfect, but as a developer, I know which one I prefer.

      • MrKarl says:

        Ok, first off, I’m an end user, not a developer, so if that’s your experience with Linux, I have nothing to say 🙂

        But as a user, my experience has been positive. I moved from Windows because I was sick of malware. A reinstall of Windows took a whole day, what with setting up and all. Now? 10 min install from LiveCD, playing Flash games while it happens.

        But if there is something missing, like a good set of dev lego, there’s nothing stopping you making one, either yourself, through GitHub or a Kickstarter project.

        But it’s my choice to run this OS, even if it is a nightmare to develop for. I don’t want that taken away, is all.

      • Scali says:

        Well, if you’re not a developer, I don’t see how open source has any advantages at all. You’re always dependent on other developers to fix problems, implement new features etc.
        Even if you’re a developer, open source is mostly a theoretical advantage. You generally don’t have the time to inspect the source code of any non-trivial program and fix any non-trivial bugs or add non-trivial features.

        If you think there’s no malware for linux, think again. My FreeBSD box is under constant attack from worms on exploited linux boxes, trying to exploit my SSH, FTP, and whatnot.
        Reinstalling Windows? I rarely need to do that, haven’t had any malware problems in years. If I need to reinstall at all, it is generally related to hardware issues. Malware is such a 90s argument.
        Even so, if you are reinstalling an OS from scratch, you’re doing it wrong. It’s much faster and more convenient to just install the OS once, and then create an image. Should the installation go bad for some reason, you just restore the image, and you’re back up and running in no time.

      • MrKarl says:

        I’m dependent on developers to fix stuff and add features anyway. Open source has the advantage that a community of developers can grow who are conscious of the end user and willing to take suggestions on board. Not every Linux distro has this, but mine does. This is an actual advantage that exists for me in real life, not just theoretical. I love Debian, but their forums are full of geeks and they won’t listen to noobie end-users, but that’s cool because they’re developers and they’re having fun. Linux Mint developers take all that hard work (and Ubuntu) and package it for me, with real dedication to noobie end users. This is an advantage, it exists, and I gain advantage of it.

        I never said there was no malware for Linux. However, in my limited experience, Windows has been a pain in the neck for maintenance. Between cleanups, defrags, scanning, not to mention the few times I’ve had to reinstall Windows, which have taken ages. Something, somewhere, is always needing updating. Java, Flash, Windows, Firefox, Filezilla, XAMPP (my gf web-designs on Win7!), and it’s just handled so much nicer on Linux Mint. Everything updates at once. I know this is perhaps something Win8 will have, but when my gf needs a spare PC to work on, I can set it up in minutes with an apt-get install.

        My Windows PC’s usually come with a recovery partition. I’d looked into making images, but to be honest, I would have to add making an image to the constant stream of other things I do regularly to feed the Windows machine. We have external HD and pendrive with portableapps for backing up the Windows work, and Windows rarely goes wrong, it’s just a pain when it does!

        But I keep a LiveCD of Mint handy, and it boots in 5, installs in 10, reboots in 5, updates in 5, everything else in 5. Half an hour from empty box to usable workstation, with minimal input.

        GPL means that any improvements made by any of the thousands of fanatical and/or professional developers in any of the software I use, will always be there for me, the end user.

        I am looking into BSD though, but I’m not expecting as smooth a ride…

      • Scali says:

        Well, consider yourself lucky then.
        Apparently you fall into the commoditized group of end-users who can just use a system out-of-the-box.
        For me as a developer that is certainly not the case. Installing development tools is just one part of the job. Configuring everything to work together, and to use the proper code repositories, paths etc takes quite a lot of manual labour. And that is only worse on *nix than on Windows, because the tools are just less sophisticated (why people always claim that *nix is a great platform for development, is beyond me. Must be the greatest myth there ever was).

        Aside from that, why do you call it an advantage when developers listen to end-users? With commercial/closed-source software, this is a given: the company needs to sell products to the end-user, so these products have to suit the end-user’s needs better than any competing offerings.
        And all that distro stuff… Come on, really? Don’t you see how retarded it all is? 99% of all distros is exactly the same. They all use the linux kernel, they all use X, they all use KDE/Gnome/whatever, etc etc.
        An incredible deal of effort is just wasted by all these distros because they are all reinventing the wheel. They all package the exact same product in slightly different packages.
        For me as a developer it’s all useless anyway. I don’t care about the thin coat of sugar that these distro builders put around these standard software packages. I need to set them up for my own use anyway, hardly anything ever works correctly out-of-the-box. So how it comes out-of-the-box is not that relevant.
        Some distros are just downright idiotic. Some of them can’t even play an mp3 out-of-the-box… I mean, really?

        Oh by the way, just because there don’t seem to be defragmentation tools for linux doesn’t mean they don’t suffer from fragmentation.

  20. Pingback: Linux and UEFI secure boot, or: Linus Torvalds as the voice of reason | Scali's blog

  21. MrKarl says:

    I have heard people complain about it being tough to develop for Linux compared to Windows. You make it sound an absolute nightmare, and I’m not going to confront you on that at all! And yet, despite this, people do amazing work on Linux. Ardour. Rosegarden. Blender. LMMS. They do it because they want to. They release it under GPL because they want to, for some reason.

    And for some reason, Linux is what people want to work on. People like releasing their stuff under GPL for some reason. It would probably have been better in some ways to make Ardour and Rosegarden on Windows PC’s (again, I don’t know!) and sell them at a decent price. But the people working on them decided to make them for Linux, under GPL. For some reason.

    Having MP3’s not play out-of-the-box isn’t idiotic. Some users (and developers) like the GNU philosophy. It might get called Open Source for marketing reasons (and it has done Linux a lot of good), but it’s how Red Hat have made their millions. It’s been proved to be a workable system for industry, and yet some people still like the hippy ideals of software freedom for the individual and community. Each distro represents a slightly different philosophy, need, or want. These issues are personal to people. Maybe it’s a bunch of nonsense to you, but if a lot of people want to develop for and use it (as horrible as that might be), then it’s their choice.

    The licence is popular. Your reasons for thinking people should not use Linux don’t actually counteract the reasons why a lot of people use it. It’s like vegetarianism. If you want to convert a vegetarian, you don’t say “Eat meat because it’s tasty and better for you” because most are veggies because they feel animal life is more sacred than the extra hassles of bland food and vitamin supplements. You’ve started with a strawman here. It’s not political at all. It’s about individuals having their own ideas on what freedom means to them, and you’re attacking all those individuals in one sweeping post, but not on the grounds of “why permissive licensing is better for your freedom than GPL”, but on UEFI and why MS should be allowed control of hardware I’ve bought – because, malware, right?

    I’m not trying to tell people what to do. I myself play MP3’s, run Flash, and the occasional proprietary game. But people who like GPL stuff want to be able to run it, and the MS/ARM thing is very worrying.

    • Scali says:

      Ugh… Oh dear oh dear oh dear….
      *Bangs head against wall*

      Right… Let’s get a few things straight here first:
      1) Open Source != GPL
      2) GPL != Linux
      3) Linux != UNIX

      The thing here is that GPL and linux get in the way of a lot of things. Think about the above 3 points long and carefully. Perhaps you get it, perhaps you won’t.

      I suppose you also missed my follow-up post, discussing how Fedora and Linus Torvalds are actually on my side in this debate: https://scalibq.wordpress.com/2012/06/11/linux-and-uefi-secure-boot-or-linus-torvalds-as-the-voice-of-reason/
      (Fedora did exactly as I suggested: they created a bootloader with a license that is compatible with UEFI).

      “It’s not political at all. It’s about individuals having their own ideas on what freedom means to them”

      That is a political issue. Especially if you also try to spread, nay force, those ideas on other people via some kind of movement/political party.

      AND FOR THE LAST TIME: MS DOES *NOT* CONTROL YOUR HARDWARE THROUGH UEFI.
      You’ve certainly shown your true colours…
      Now, I realize that my blog postings and ideas might be a bit too advanced for most people, but don’t fall into the Dunning-Kruger trap.

      • MrKarl says:

        Listen, I have only the utmost respect for you developers who contribute to open source projects. I have you guys to thank for the quality (if only perceived) software I can use and learn from. I only wanted to say that I disagreed with your reasons why people should move away from Linux, and why. I still feel my arguments are valid.

        I wouldn’t use the word Political to describe how I feel about open source. I would use Personal, but I can go along with your semantics for the sake of communication. So it’s political. It’s a political licence, and to develop on it or for it you have to legally respect, if not agree with, those political sensibilities. It’s not being forced on anyone. When you start using words like “idiocy”, you’re showing your true colours. You really think it’s because of idiocy? And to claim you don’t know why open source is of benefit for the end user is incredibly ignorant or facetious. It was simply a blind dig at my viewpoint.

        MS using UEFI to control which operating systems a person can install on a Windows 8 machine is the issue of this debate. It has been worrying a lot of people, you can’t deny it. MS have mandated it for WinPad thingies on ARM, but they’ve said it has to be disablable to be PC certified, which is good. I also have no problem with UEFI, I know OEM’s are also looking at Coreboot these days, which can do UEFI itself, and I was simply reflecting the fears of a lot of people as this new standard gets implemented in industry. Lots of people like Linux, and manufacturers will always have a solution for catering to customers, political or otherwise. The fears are being addressed, from practical and political angles. But they are real fears, lots of people have them.

        That’s all. Thanks for contributing to free software, I disagree with this particular post of yours, no need to get angry or frustrated at somebody else’s opinion. Have a good day.

      • Scali says:

        “I only wanted to say that I disagreed with your reasons why people should move away from Linux, and why. I still feel my arguments are valid.”

        What are you disagreeing on exactly? Haven’t you read my followup-post regarding Linus Torvalds and Fedora? Fedora took the pragmatic approach, which is supported by Linus. So that means that instead of me saying “Move away from linux”, it has now become something like: “If you’re going to use linux, use Fedora” (I still think people are better off with BSD-licensed software, and as such I still think people should choose FreeBSD over linux whenever possible, but that’s a slightly different debate).

        “When you start using words like “idiocy”, you’re showing your true colours. You really think it’s because of idiocy?”

        It seems you misunderstood what I meant. The “idiocy” I was talking about is not supporting mp3 out-of-the-box. That in itself is something that would be considered idiotic by most end-users at the very least (most of whom don’t share the political views of the distro makers, because if anything, they are completely irrelevant to end-users). End-users just want to boot up their system and play some music. And mp3 happens to be the most popular music format. No matter how good you think the reasons are behind this choice, end-users are not going to accept any of them.

        “And to claim you don’t know why open source is of benefit for the end user is incredibly ignorant or facetious.”

        Why? Because you say so? You can’t argue your case, you just take personal digs. I, and many others, have explained many times, on this blog, and in various other places, why open source generally doesn’t work anywhere near as well as is claimed by open source advocates.
        I’m not going to reiterate everything here.
        Besides, you got it wrong. It’s not that I don’t know why open source is of benefit for the end user. I *know* why it *isn’t*.
        The three points above apparently were lost on you as well. Again, my post is against the GPL, not against open source.
        Let me try one last time to open your eyes:
        Marxism, now that sounded quite decent on paper, didn’t it? As we all know, it did not work out quite as well in practice.
        Open source is a lot like that, it sounds good on paper. And most people (such as yourself) never look beyond that, so you remain convinced it is an ideal situation.
        But then there are people such as myself, who have been in the middle of open source for many years, and find that things have taken a slightly different course than intended.
        People using the sourcecode as a crutch for example, instead of properly documenting their work, and having stable binary interfaces and all that.
        Just read this two part article by Ingo Molnar for some more examples: https://plus.google.com/109922199462633401279/posts/HgdeFDfRzNe#109922199462633401279/posts/HgdeFDfRzNe
        Again, I am not against open source in itself, I just don’t buy all the hype surrounding it. I am against the GPL because the GPL is against nearly everything non-GPL, which hurts both the open and the closed-source world. This UEFI secure boot is just one example of that.

        “MS using UEFI to control which operating systems a person can install on a Windows 8 machine is the issue of this debate. It has been worrying a lot of people, you can’t deny it.”

        Yes, it worries people who don’t get it, such as you.
        People who believe the FUD that UEFI is invented by MS, and that MS controls what OS can and cannot be booted on any UEFI device.
        Firstly, UEFI is NOT an MS invention. Secondly, the OEM decides which certificates to include in the UEFI roms of their devices, not MS.
        MS only says this that for a Windows 8-certified device:
        1) The UEFI has to include certificates for Windows 8.
        2) Secure boot must be enabled by default.
        3) On ARM devices, secure boot must be enabled at all times.

        None of this prevents the devices from including other certificates, and secure-booting other OSes. On non-ARM devices, it doesn’t even prevent you from booting insecurely.
        In fact, if you bothered to read my followup, you’d see that Fedora even signs their bootloader through Microsoft. So Microsoft is actually SUPPORTING other OS developers with secure boot.
        Now how this worries people, is beyond me. The thing that worries me, is what this blog post is about: apparently the linux community (with the exception of Linus and Fedora, as we now know) would rather boot insecurely, than support a common industry standard like UEFI with secure boot. Weren’t standards always a big thing for linux advocates? And wasn’t Microsoft evil for not supporting standards? Now they are supporting the UEFI standard, and for some reason, MS is all wrong, and linux, not supporting the standard, is the good guy… Whatever.

        “I disagree with this particular post of yours, no need to get angry or frustrated at somebody else’s opinion.”

        I don’t get frustrated at opinions. I get frustrated when people are misinformed, or just downright ignorant. Especially if they give me a big mouth too. Critical thinking, doing research, you should try it sometime.

  22. Alessandro says:

    I agree with you in EVERY aspect.

  23. RationalUser says:

    And so the endless debate between rational users and the MrKarls of the Linux world continues. I can understand MrKarls points/paranoia to some extent, but I don’t see where the problem is. If a few decent Linux distros support/implement secure boot – Fedora already has – I hope that openSUSE and Linux Mint jump on board too – I don’t see where the worry is. In fact, If the top 3-4 distros support (or will support) secure boot, and the other zillions of distros disappear entirely since they treat security in an amateur way – the Linux world might actually become less chaotic and more rational to navigate through. Who needs 150 distros anyway? Just my 2 cents on the topic.

  24. Pingback: First Fedora, now Canonical | Scali's blog

  25. Stewart says:

    Have used Linux but forcefully, there really isn’t any comparison with windows and any form of Linux, Windows wins every time and trust me i’m not biased, i grew up with DOS and all the text prompts etc and somehow they made sense ! LINUX does NOT ! consider the average pc user today, would they really want Linux as an OS with its bizarre dialogue or the slightly restricted Windows 7 starter ? yeah W7 ! i really can’t imagine my 12 yr old daughter having to get to grips with Linux ! my 11 yr old son would eventually get his head around it coz males in general are more techy ! ( minecraft etc ) i capture gameplay and edit video and make thumbnails for YouTube and i have to say Gimp is not in the same league as PS, and if Linux is so ‘fantastic’
    why is one of the most popular downloads ‘WinE’ a not very good Windows emulator ! windows these days really aren’t that pricey! On a good note about Linux i have to admit that Linux Puppy live cd or usb is invaluable for fixing unbootable windows pc’s and hacking into ( oops sorry that should have said bypassing ) password protected pc’s, things will probably change by distro 7.66.32.82.86.44.07.39 but who cares it’s too late and i’m laughing every time that stupid little puppy guides be to the bank, who said Linux was non commercial ?

  26. Ryan Karolak says:

    I’m sorry if I misunderstand your point, but it sounds like you’re only reason for advising to not use Linux is because your over-generalized and cynical perception of the Linux users.

    There are crazy people who use every operating system. Even if I hate how many Apple fanboys behave doesn’t mean I have to subscribe to their philosophy to use the software. The companies and organizations behind other operating systems are far from innocent as well. Apple and Microsoft are no strangers to using software patents to try and encumber or even prevent their competitors from developing their products. A bit of Linux users complaining pales in comparison. As an IT professional am I going to avoid using RHEL because there is drama behind the scenes in the Linux community? No, of course not.

    I don’t see any reason to list the merits of Linux as it’s clear you aren’t even addressing the operating system itself.

    As far as Secure Boot, I don’t blame people for being upset. It imposes restrictions. Perhaps they can be helpful in some ways, and perhaps it can be adapted to, but if I were developing my own OS and manufactures started making my job harder for me I’d be upset to. Regardless, many distros have added support.

    In any case, use whatever you like.

    • Scali says:

      Nope, clearly you did not get the point. It is not about the users, it is about the developers. Even Linus himself has some very crazy and counter-productive ideas, just not on this particular topic. If linux developers are against secure boot, in a world where most computers will be sold with secure boot enabled out-of-the-box, yes I am going to advise against using linux, for obvious reasons.
      However, as stated, a few developers have since stepped up, and come up with a solution to seamlessly install linux on secure-booting PCs (without the security advantages, but that’s another story).

  27. freddy says:

    Sounds to me like you’re pretty much the embodiment of those linux a’holes you prattle on about.
    You come across as elitist, pompous and condescending. If you get a chance to step down of the BSD pulpit, look in the mirror.

    • Kevin_clone_6 says:

      Amen! And I liked FreeBSD…back when the cassette tape was still popular. (Posted with Linux box under secure UEFI).

      • Scali says:

        Yes, it’s easy to reply to a story that’s a year-and-a-half old, and ignore the newer posts on the topic (various linux people, including Matthew Garrett, changed their stance and took back what they said about secure boot initially, which this blog was a response to, and took a more tolerant and cooperative stance, as I had argued in this blog)…

        I certainly was right about FreeBSD taking the practical route though: https://wiki.freebsd.org/SecureBoot
        Nobody from the FreeBSD project spread FUD about secure boot/UEFI, or attacked Microsoft in any way. They’re just going to implement support for it, and that’s that.

  28. Marcos Mora says:

    I have always thought that the GPL is way too much restrictive, and that it potentially hinders the Open Source movement more that it helps it.
    How do you compare the BSD vs Apache licence in terms of freedom?

    • MacOS9 says:

      Most BSD licenses are GPL-compatible, with the exception of the original, four-clause BSD license that included an “advertising clause” as its third clause, stipulating that all BSD-licensed software acknowledge the original source in all advertising. The Apache license is also similar to GPL but requires preservation of the copyright notice and disclaimer.

      For real-world results of GPL and Apache licenses, I recommend a comparison of LibreOffice (GPL) and OpenOffice (now supported by Apache). Linux users swear by LibreOffice. Personally, I prefer the stability of OpenOffice (for OS X and Windows) – LibreOffice has proved flakey on my closed-source systems. On Linux, users are probably better off sticking with LibreOffice since even in pre-LibreOffice days OpenOffice was heavily modified from its vanilla flavor to work more effectively on Linux distros,

      A comparison of other GPL and BSD/Apache sponsored software might yield more interesting results. Also interesting would be an investigation of some GPL projects, such as Linux Mint for example, that include closed-source codecs with their distro so that users do not have to hunt around for repositories and other obscurities – thereby proving that user-friendliness and GPL-friendliness are not always compatible.

      I do not speak for Scali’s views. He may have other interesting things to add. A pleasant day to all.

  29. Abrown says:

    I’m a Linux user and proud to say it! But I’ve noticed this schism within the community that gets overly self righteous about what they term “open source”. Now I’m a recent convert to Linux, since about mid-2012 really, but I’ve already learned a lot about the open source community and the philosophies behind it.

    One notable thing I’ve learned that’s relevant to this discussion is what I found when looking at the origins of both the “free software” movement, and the “open source definition”, which gets thoroughly confused by the zealots of the open source community. The free software movement was started by Richard Stallman. And he has made some of the noblest contributions to the world of free software, contributions that have revolutionized the world. But Stallman is staunchly anti-proprietary software. Always has been. In fact by his telling even GNU stands for “GNU is not Unix” (which doesn’t make a ton of sense to me, but it came from the horse’s mouth). He is also anti password, which may make sense from a security standpoint if we’re taking about certificates and encrypted communications, but not the way he wanted to implement it (or not implement it period).

    Then along came Bruce Perens. The man in the open source community that I most closely align with on a philosophical level about the nature of open source. Perens, if you don’t know his name, is the author of the “open source definition”. He was the guy who made “open source” our term for free software today. In his definition he specified that free software and proprietary software could commingle in a beneficial symbiosis. The proprietary parts could exist to keep businesses happy, who were concerned that free software meant the doom of profits for corporations. Yet businesses could use free software while using the propriety parts they wanted, out needed, to use with their operations. Perens saw no difference in his aims from that of the free software movement. He just sought to make it more inclusive to businesses.

    But the hard core Stallmanites reject this premise and pronounce that no propriety code should reside on any free software platform. In fact they’ve hijacked the very open source definition and insist that it means the same as Stallman’s original free software movement. Buy in fact the free software movement, and the open source movement, are quite different philosophies.

    So when you see these political players who can’t bear proprietary code in Linux, what you’re really dealing with are Stallmanites. And they are the insufferable jackassess of the open source community. They insist that all code must be pure, and untarnished from the evil proprietary companies. They are the ones always blaming Microsoft for every evil.

    Unfortunately that’s what you must deal with when traversing the Linux landscape. But not everyone in the Linux community feels this way. Obviously proprietary code is made for Linux. And companies participate in the source code of many distributions. While the fringe elements decry the heavy hand of the likes of Canonical and Red Hat, yet Fedora, RHEL, SUSE and Ubuntu are widely used, and some of the most popular distros. Additionally, while a few decry the corporate “takeover” of Linux, all users enjoy their contributions (without Red Hat we’d all still be vulnerable to Heartbleed and Shell shock).

    So yeah, Linux has some whiners in our communities. And some are downright impossible to deal with. But there’s a lot of good there too. And while I could easily jump ship to FreeBSD, or go elsewhere, I think that the Linux community needs level headed thinkers, and more outspoken community members who aren’t rabid Stallmanites. So I stay and make life miserable for them by reminding them of the true definition of “open source”. Posting YouTube videos with clips from Bruce Perens, and clips from a documentary called Revolution OS, that has direct statements from Richard Stallman, Linus Torvalds, and Bruce Perens about open source, free software, and Linux, and how they are related. It doesn’t take a genius to realize that Stallman is in the minority. And the sole spiritual progenitor of their narrow minded philosophies.

    • mh says:

      I think the Stallman situation is a good deal more basic than that.

      Stallman is *very* rooted in 70s/early 80s academia, specifically the old MIT hacker culture, where computing is the exclusive preserve of a privileged few and the rest of us rabble don’t get to play with their toys. His culture is about as far as it’s possible to get from “a computer on every desk and in every home” and I don’t think he’s ever really left that mindset behind. His vision of a free Unix isn’t about you or me; it’s about him and his hacker cronies.

      Of course he makes a lot of noise in a left-wing direction, but ultimately he’s coming from an extremely elitist background. That’s an interesting dichotomy straight away. Research indicates that the catalyst behind the FSF was a closed-source printer driver. Not the kind of thing most of the world really gives two hoots about, really. He may be (he actually is) incredibly political, but it’s not the kind of politics that puts food on people’s tables.

      • Scali says:

        Well, I do think it is an interesting discussion in general… Clearly Stallman is from a bygone era. An era where originally software was not seen as value, and people just threw in the sourcecode with the hardware. It seems that Stallman could not accept the fact that vendors started to see value in the software itself, and wanted to maintain the rights to their work.

        Bruce Perens has a more ‘modern’ view on open source, it seems. He has already accepted that there are companies who make money from software, and have good reasons to keep their sources closed and their technology proprietary. He just tries to make free/open software work alongside this.

        As I said in another blog, I don’t think current linux culture is a lot like the original UNIX culture anymore. It is more about being anti-Microsoft than anything else (such as being portable, or uniting the different flavours of linux and UNIX out there).

        As I also say every now and then: why do people insist on this 1970s technology? RMS created the GNU project because at the time, UNIX was the most popular OS in his world. But in today’s world, Windows is the most popular OS, so why aren’t more people interested in a free, open source clone of that, such as ReactOS, if you follow RMS’ train of thought?

  30. case says:

    BSD programmers are passionate about their coding since they want to create a better UNIX.
    There is a portion of the Linux programmer community that are passionate about their coding because they want to attack Microsoft. The GPL/Linux zealots think that their licence will change the world but fail to realize that Microsoft’s hold on people’s computing is related to the psychology of the person and not that the GPL will somehow change the world and unshackle the user from Microsoft. This psychology is that many people have a “sheeple” attitude towards their computing tasks and accept the Microsoft paradigm as a default for the long term, an indication of the unadventurous nature of that person in regards to computing. Although I am currently a OSX/FreeBSD {user, software developer} I remember when I first went “alternative” in the computing landscape back in my PhD days in mid-1990’s where I got into the Linux Slackware distribution on Intel 486 hardware. It was adventurous/fun trying out this free piece of software and gauging how far
    it could help me with my computing chores, checking out the various window managers, etc. It was more than adequate for my C++ coding, etc. and there was no need to use an inflexible “one size fits all” operating system by Microsoft (e.g. NT 4.0).

    I believe it is a very positive character trait for a person who on their own accord or with little convincing seeks to incorporate an open source operating system into the computing component of their digital lifestyle, be it any of the BSD, Linux, Illumos/Solaris, Aros (Amiga-like), Haiku (BeOS-like), etc. open source operating systems.

    It would have been interesting if IBM’s OS/2 was able to be open-sourced back then …..

    • Scali says:

      Well, that’s the thing. Most people aren’t looking for ‘adventure’ in their software, they’re looking for software that does what they need to get the job done.
      I personally don’t find any fun in having to mess around with the OS and development tools themselves, I experience them as chores. The fun and adventure is in what I can create. The OS and the tools themselves are just a means to an end, not the goal itself.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s