In March, 2012 Microsoft proudly released the Windows 8 consumer preview beta version. According to Microsoft, the new Windows is reinvented from a solid core of Windows 7 speed and reliability with an all-new touch interface.
One of the main features of the new Windows is secure boot. In most PCs today, the pre-operating system environment is vulnerable to attacks because it could redirect the boot loader handoff to possible malicious loaders. These loaders remain undetected to operating system security measures and anti-malware software.
So Microsoft announced that if computer manufacturers want to distribute computers with the Windows 8 compatibility logo, they should implement a measure called Secure Boot. Secure Boot is designed to protect Windows 8 against malware by preventing computers from loading unauthorized binary programs when booting, if done correctly. Microsoft also claimed that they are working with their partners to ensure that secured boot delivers a great security experience for their customers. Microsoft supports OEMs having the flexibility to decide who manages security certificates and how to allow customers to import and manage those certificates, and manage secure boot.
How today’s PCs Starts Up – Unsecure boot
As I’ve already mentioned that the pre-operating system environment is vulnerable to attacks on existing Windows OS.
Normally when the PC starts up, the first job for the BIOS is the power-on self-test, which initializes and identifies system devices such as the CPU, RAM, video display card, keyboard and mouse, hard disk drive, optical disc drive and other hardware.
The BIOS then locates boot loader software held on a boot device, such as a hard disk or a CD/DVD, and loads and executes that software, giving it control of the PC. This process is known as booting, or booting up, which is short for bootstrapping.
BIOS was first introduced when processors were running in 16-bit mode, and RAM was architecturally limited to 1 megabyte. But BIOS remained same even after the advent of 32-bit, and later 64-bit x86 CPUs.
Harsh Truth behind Secure boot
The Secure boot comes as part of a specification called the Unified Extensible Firmware Interface (UEFI). It defines a software interface between an operating system and platform firmware. It is said that UEFI is a more secure replacement for the older BIOS firmware interface.
Secure Boot is made to protect Windows 8 against malware by preventing computers from loading unauthorized binary programs when booting. In practice, this means that computers implementing it won’t boot other unauthorized free operating systems other than Windows.
Since users are unable to authorize the programs they want to use, the free software community calls this feature as restricted boot instead of secure boot and they believe this is not a security feature at all.
Don’t accept restricted boot requirements that do not allow users to install their own custom free software operating systems. Let’s put our hand together and let’s take a pledge for a better world by using free software. Spread the idea of freedom.
About the author: Shahzad Saeed is a student, open source enthusiast and author of the Google Summer of Code ebook. If you wish to switch over to free software, you can read his article series Migration from Windows to free software. You can follow him on twitter @shahzadsaeed.
About Guest Post: This post was written by a guest contributor. Please see their details in the post above. If you’d like to guest post for naijatechguide check out our guest post page for details about how you can share your knowledge, tips, and experience with our readers.
