You’ve probably read the headlines already: “Booting Linux via UEFI can brick some Samsung laptops“. That’s right, the simple act of booting (not installing) a different OS can render your laptop so defunct that the only solution is to replace the motherboard.
In the same week that was announced, I had the pleasure of experiencing a UEFI issue on my own. I purchased a new machine to replace my old work horse (which had to be done quickly as I was in production of an audio book). The machine arrived with Windows 7 - which I had every intention of blowing away. I installed Ubuntu 12.10, but realized there was an issue going on between hardware and operating system (an audio issue that a low-latency kernel eventually resolved). I thought maybe the best solution was to go back to 12.04. No matter how I installed that version of Ubuntu, no matter where I placed the boot loader — UEFI wouldn’t allow it to boot (even when UEFI was disabled in the BIOS). The end result was going with Ubuntu Studio 12.10 (and aforementioned low-latency kernel).
But worse than my easily resolved headache, is that which any owner of a Samsung laptop (models 530U3C, NP700Z7C, NP700Z5C, and 300E5C) would have to deal with, should they try to boot Linux with UEFI (Notice that does not say install). All one has to do is boot a Live distribution and the ghost will have been given up. You will be replacing the laptop or the motherboard.
Fortunately, Samsung is a rather forward-thinking company and will have a fix for the BIOS issue as soon as possible. And Linus Torvalds released a patch to the main Linux development tree which will serve as a temporary fix for the problem. Ultimately, however, one simple question must be asked.
Why is this necessary?
If the Windows platform was written, from the ground up, as a fundamentally secure operating system, lame security work a rounds like UEFI and Secure Boot wouldn’t be necessary. Both of these technologies are causing more headaches than they are preventing.
Seriously - do you know of one instance where either UEFI or Secure Boot has prevented an issue? We’re all aware that Microsoft touting that Secure Boot and UEFI would make it hard to write boot-time malware was a bald-faced lie. The so-called “Protected Boot” is doing nothing more than protecting Microsoft’s profits.
We live in a world where, more and more, the technological landscape has to become heterogeneous. With so much of today’s business being driven by the web (and web-based applications), platform has almost become an afterthought. And with BYOD becoming ever more prominent, homogeneous networks are fading away.
Security, however, should not be an afterthought. Unfortunately, because this is the case for the Windows platform, the consumer (and the IT admin) wind up shouldering the burden. Placing the weight of security on hardware vendors is doing nothing but avoiding the issue. With the obvious exceptions (smart phones, for example), a piece of hardware should be platform-neutral. A laptop should not care what operating system it houses. A BIOS should not require a particular platform in order to function. Consumers wanting a more secure, reliable platform (than Windows), should not have to be concerned if they are going to be able to use said hardware when they attempt to install a variation on the OS theme.
If, however, that is the case, from this point on I will go out of my way to recommend hardware companies like System76 to anyone looking for an alternative route to freedom. Yes, their prices are higher, but the added cost is worth avoiding such headaches.
This is a huge challenge for anyone that has worked with Linux and open source for some time. When Linux has made up the vast majority of your computing time, you know, full-well, how secure and reliable a platform can be (without a helping hand from hardware vendors). Because of that, it is some times hard to comprehend why the UEFI and Secure Boot even exits.
I understand an overwhelming majority of people use Windows - it’s one of the main reasons I have a day job - but the status quo is always on the verge of being threatened. No one knows what the future holds. Five years from now we may all be using Linux and Windows will be nothing more than a bad memory. Ultimately, however, hardware companies need to seriously open their eyes and understand that alternatives are never going to go away. To that end, vendors must make sure their hardware is as platform-neutral as possible.
Are UEFI and Secure Boot necessary?
Samsung reacted to this issue in the right way - positively. Another company (like the new Dell - with its hands deep in the pockets of Microsoft), might react a bit differently (say something like “We’re sorry, your platform isn’t supported.”). Of course, Samsung gets alternative platforms (their cash cow being the Android-powered Galaxy SIII). Other hardware manufacturers haven’t quite reached that state of enlightenment. Someday, that ignorance might well brick their business.
Until all hardware vendors wake up, don’t jump into a hardware purchase without a little research. Know for sure that you can disable the UEFI and that the hardware doesn’t “require” Windows 8 to run. And, if you think about it, voice your displeasure (about the UEFI and Secure Boot) with your hardware vendor. Stand up for your right to boot whatever you want on your hardware - you paid for it after all!