Subscribe to our RSS Feeds

Welcome to Bad Windows!

Microsoft Proves Techrights Right by Screwing UEFI ‘Partners’

No Comments »

Linux booting still an issue on new PCs as Microsoft fails to deliver hardware keys

James Bottomley, who had been paid by Novell (Microsoft) before he left, is developing “secure boot” and finding out that UEFI promises are empty. From his blog:

Asked support why the process was indicating failed but I had a valid download and, after a flurry of emails, got back “Don’t use that file that is incorrectly signed. I will get back to you.” I’m still not sure what the actual problem is, but if you look at the Subject of the signing key, there’s nothing in the signing key to indicate the Linux Foundation, therefore I suspect the problem is that the binary is signed with a generic Microsoft key instead of a specific (and revocable) key tied to the Linux Foundation.

Read more at Techrights

Uncategorized November 26th 2012

Microsoft chief’s bonus slashed for third year

No Comments »

Steve Ballmer, chief executive of Microsoft, has missed out on half his bonus for the third year running, as the software company’s board held him accountable for a regulatory lapse in Europe and weak performance in its Windows and internet units.

Read more at Financial Times

Uncategorized October 10th 2012

Dear Microsoft: fsf.org is not a “gambling site”

No Comments »
If Microsoft’s “reputation” database can’t tell the difference between a gambling site and an independently audited registered nonprofit public-interest charity founded almost 30 years ago, it is certainly doing you and your business more harm than good.

Last week, it was brought to our attention that our primary online donation form at donate.fsf.org was being blocked by corporate systems that use a Microsoft “network security” program. It seems Microsoft has labeled us as a “gambling site.” As a result, many people were unable to make donations.

I have submitted a correction, asking that they remove the “Gambling” label and instead list us in their “Non-Profit/Advocacy/NGO” category.

We will avoid attributing this error to malice just yet, and wait for their correction. I will update this post if and when they respond to us.

2012-06-25 Update: The gambling category has been removed. Thank you to everyone who submitted a correction on our behalf. They still haven’t added us to the “Non-Profit/Advocacy/NGO” category, and they have us inaccurately labeled as “Shareware/Freeware,” but this is progress. Our story remains as a cautionary tale against using Microsoft’s proprietary software—we are fortunate enough to have a community of supporters to speak up for us, but how many other sites remain unfairly and wrongly labeled?

This reminds me of another situation several years ago, when BadVista campaign pages were conspicuously absent from Microsoft’s live.com search results, even though the same pages had been appearing on the first page of “windows vista” Google results for some time. Many people contacted Microsoft about this, and eventually the pages began appearing as one would expect.

We expect they will make this correction as well, but nonetheless we strongly suggest you avoid using proprietary “network security” software from Microsoft. If you need to provide evidence to someone else to illustrate why using such software is a bad idea, feel free to use us as an example. If your workplace uses the software currently, please point to this post and ask them to drop it. Proprietary security software is an oxymoron — if the user is not fundamentally in control of the software, the user has no security.

If Microsoft’s “reputation” database can’t tell the difference between a gambling site and an independently audited registered nonprofit public-interest charity founded almost 30 years ago, it is certainly doing you and your business more harm than good.

Thanks to everyone who brought this issue to our attention. If you are stuck behind a Microsoft firewall, you can still donate by joining as a member or using my.fsf.org/associate/donate instead.

Uncategorized June 26th 2012

Windows 7 FUD

No Comments »

Microsoft ExpertZone training Windows 7 FUD

 

Uncategorized June 25th 2012

Microsoft Patent War on Android/Linux is Backfiring, Oracle is Still Unable to Win a Single Case

No Comments »

THE fight against TomTom gave considerable force to Microsoft’s extortion-esque attacks on Linux. Unlike the Novell deal, this court case was about resistance to Microsoft, whereas Novell was the one that came to Microsoft, asking for the deal. Here we are in 2012, merely 3 years after the TomTom case and nearly 6 years since Novell came to Microsoft.

“Microsoft [is running scared from Germany because of #swpats”, writes Alan Lord, noting that just after the FAT decision and involvement from Linus Torvalds the Motorola case is weakened even further. We wrote about FAT recently because Microsoft is losing its patent teeth, which are rooted in lousy patent gums. One report on this subject comes from Reuters:

Read more at TechRights

Uncategorized April 5th 2012

Windows 8 Secure Boot – or How Microsoft Is Riling Up the Linux Masses

No Comments »

What a difference a week makes. It was just the other day that Linux bloggers were celebrating the news from researcher Net Applications that desktop Linux had surged in popularity in recent months. Now, the mood in the blogosphere has plummeted once again as a result of the latest developments on the Windows 8 front. Secure Boot, that is — a topic astute readers may remember from last fall but that lately seems to have taken a turn for the worse.

Read more at LinuxInsider

Uncategorized January 24th 2012

Is Microsoft Reaching Out to Linux with Windows Azure?

No Comments »

As Linux becomes more firmly entrenched in businesses, and as cloud computing advances in general, Linux and the cloud are set to converge faster than ever. In fact, some are looking at 2012 as the year that Linux begins to dominate in the cloud. That’s why a new post out from Mary Jo Foley is significant. Foley reports (based on input from contacts who ask not to be identified) that “Microsoft is preparing to launch a new persistent virtual machine feature on its Azure cloud platform, enabling customers to host Linux, SharePoint and SQL Server there.”

Read more at OSTATIC

Uncategorized January 3rd 2012

Highly critical zero day vulnerability in Windows discovered

No Comments »

Secunia has reported that an unpatched security vulnerability in the 64-bit version of Windows 7 may be able to be exploited to inject and execute malicious code; currently, the only known exploit causes the system to crash.

It is possible to trigger a memory error in the system file win32k.sys by accessing a crafted HTML file in Safari. webDEViL, who discovered the vulnerability, has published a proof of concept on Twitter. His demo simply consists of an IFrame with a specific height which when displayed in Safari results in a blue screen of death.

Read more at H-online

Uncategorized December 21st 2011

Will your computer’s “Secure Boot” turn out to be “Restricted Boot”?

No Comments »

Please sign our statement to show your support!

Microsoft has announced that if computer makers wish to distribute machines with the Windows 8 compatibility logo, they will have to implement a measure called “Secure Boot.” However, it is currently up for grabs whether this technology will live up to its name, or will instead earn the name Restricted Boot.

When done correctly, “Secure Boot” is designed to protect against malware by preventing computers from loading unauthorized binary programs when booting. In practice, this means that computers implementing it won’t boot unauthorized operating systems — including initially authorized systems that have been modified without being re-approved.

This could be a feature deserving of the name, as long as the user is able to authorize the programs she wants to use, so she can run free software written and modified by herself or people she trusts. However, we are concerned that Microsoft and hardware manufacturers will implement these boot restrictions in a way that will prevent users from booting anything other than Windows. In this case, a better name for the technology might be Restricted Boot, since such a requirement would be a disastrous restriction on computer users and not a security feature at all.

The potential Restricted Boot requirement comes as part of a specification called the Unified Extensible Firmware Interface (UEFI), which defines an interface between computer hardware and the software it runs. It is software that allows your computer to boot, and it is intended to replace the traditional BIOS. Most Lenovo, HP, and Dell computers ship with UEFI, and other manufacturers are not far behind. All Apple computers ship with EFI and components from UEFI. When booting, this software starts a chain which, using a public key cryptography-based authentication protocol, can check your operating system’s kernel and other components to make sure they have not been modified in unauthorized ways. If the components fail the check, then the computer won’t boot.

The threat is not the UEFI specification itself, but in how computer manufacturers choose to implement the boot restrictions. Depending on a manufacturer’s implementation, they could lock users out of their own computers, preventing them from ever booting into or installing a free software operating system.

It is essential that manufacturers get their implementation of UEFI right. To respect user freedom and truly protect user security, they must either provide users a way of disabling the boot restrictions, or provide a sure-fire way that allows the computer owner to install a free software operating system of her choice. Computer owners must not be required to seek external authorization to exercise their freedoms.

The alternative is frightening and unacceptable: users would have to go through complicated and risky measures to circumvent the restrictions; the popular trend of reviving old hardware with GNU/Linux would come to an end, causing more hardware to be tossed in landfills; and proprietary operating system companies would gain a giant advantage over the free software movement, because of their connections with manufacturers.

We will be monitoring developments in this area closely, and actively campaigning to make sure this important freedom is protected. Our first step is to demonstrate that people value this freedom, and will not purchase or recommend computers that attempt to restrict it.

Please sign our statement to show your support!

You can also stay up-to-date on this issue by:

Learn more about Windows 8, UEFI, and boot restrictions

Resources

News and Blogs

  • UEFI secure booting, by Matthew Garrett; in addition to providing a brief overview of Restricted Boot, this article explains specifically why dual-booting an operating system may be difficult, or at times virtually impossible, for systems implementing and using Restricted Boot.
  • Trusted Computing 2.0, by Ross Anderson of the Security Research, Computer Laboratory, University of Cambridge.
  • Protecting the pre-OS environment with UEFI,Tony Mangefeste of Microsoft — a response to Garrett, et al.
  • UEFI secure booting (part 2), by Matthew Garrett — a follow-up to Microsoft’s blog post.
  • ArsTechnica article
  • Supporting UEFI secure boot on Linux: the details, by Matthew Garrett
  • On November 2, 2011, ZDNet blogger, Ed Bott, reports:
    • A Dell spokesperson stated that, “Dell has plans to make SecureBoot an enable/disable option in BIOS setup.”
    • HP has only stated that, “HP will continue to offer its customers a choice of operating systems. We are working with industry partners to evaluate the options that will best serve our customers.”
Uncategorized November 21st 2011

Microsoft Attorney Expands On the Company’s Android Position

No Comments »

Last week, we took note of the fact that two of Microsoft’s lawyers, Brad Smith and Horacio Gutierrez, have a post up regarding Microsoft’s announcement of its tenth license agreement providing coverage under its patent portfolio for Android mobile phones and tablets. They also note that Microsoft has inked nine Android agreements in recent months, and that “companies accounting for over half of all Android devices have now entered into patent license agreements with Microsoft.” While it sometimes seems non-obvious, Microsoft gains as Android gains. Now, Gutierrez is defending the situation as perfectly normal in a new interview.

Read more at OSTATIC

Uncategorized November 1st 2011