Microsoft, PC Manufacturers conspiracy ?

By Hum
in Back Page News

 Share

Recommended Posts

Grand Master

Hum

Posted
Posted

The new Microsoft Windows 8 systems that come preinstalled on a new computer have a special feature - a feature no other PC has ever had. By default they are locked down so you cannot dual boot Windows 8 with another operating system such as Linux or even older versions of Windows such as Windows XP and Windows 7.

Dual booting is a popular thing to do for many PC users because it allows them the ability to use the right applications they need to get the job done if those applications are not found on Windows 8 alone. Dual booting is also used in companies that require workers use multiple operating system platforms or home users and students to try out and learn about other operating systems. Many of these operating systems are faster than Windows and have other features Windows does not have, as well as there are things Windows does better than these operating systems like AAA Gaming.

The reason Windows 8 will not dual boot is because Microsoft has insisted that their PC manufacturer partners like HP and Dell ship with a new type of bios called UEFI (Unified Extensible Firmware Interface) and it's feature called Secure Boot enabled. Secure Boot acts as a protection feature that is supposed to ensure your system doesn't have any malware at the time of shipping. It works by checking keys in the operating system against hard coded keys in the UEFI. As these keys are signed by Microsoft, the system will not allow any other operating system to boot assuring you have a clean copy of Windows 8. This has never been done before in the PC market and for good reason - PC Manufacturers don't have problems with systems getting malware before they ship.

PC's that ship with Windows are cheaper because Microsoft buys a portion of the hardware in exchange for HP offering Windows in the computer. The rep told me all the PC manufacturers and Microsoft have this same agreement. I wanted to know why there was no mention of UEFI in the HP documentation or why the tech support could not help me. The HP rep told me many times during our phone conversation that because they are paid by Microsoft, they adhere to Microsoft's wishes and not make it easy on people to learn about disabling Secure Boot so you can dual boot - something that is required by the manufacturers from Microsoft's own documentation called Windows 8 Hardware Certification Requirements for Client and Server Systems.

more

Grand Master

Joshie

Posted
Posted

I also like trudging up articles about things we knew a year ago for fresh FUD!

Did you know that every time you connect to the internet you're assigned an identifier called an 'IP address' than can associate your online activity with your internet account? More at 11!

Rising Star

tim_s

Posted
Posted

The HP rep told me many times during our phone conversation that because they are paid by Microsoft, they adhere to Microsoft's wishes and not make it easy on people to learn about disabling Secure Boot so you can dual boot.

Yeah I do not know about this. - I am always skeptical when I see quotes like this. It is too easy to change / alter or just straight fabricate this information in an attempt to make a story spin in a specific direction.

Even IF this was quoted, I am sure this person is not authorized or have the capacity to discuss the terms and agreements.

Grand Master

vcfan

Posted
Posted

Microsoft buys a portion of the hardware? Microsoft pays HP to use windows? :woot:

im sorry but your info is incorrect. HP pays Microsoft for a license to use their software(Windows). Microsofts license requires certain features (SecureBoot) to be enabled if that device wants to have Windows 8 certification . Windows 8 certification means that the hardware and software meet certain standard. Anyone can sell non certified PCs,but most retailers and stores will not allow or sell non certified windows PCs.

Grand Master

Hum

Posted
  • Author
Posted

Interesting:

  • UEFI allows firmware to implement a security policy
  • Secure boot is a UEFI protocol not a Windows 8 feature
  • UEFI secure boot is part of Windows 8 secured boot architecture
  • Windows 8 utilizes secure boot to ensure that the pre-OS environment is secure
  • Secure boot doesn?t ?lock out? operating system loaders, but is a policy that allows firmware to validate authenticity of components
  • OEMs have the ability to customize their firmware to meet the needs of their customers by customizing the level of certificate and policy management on their platform
  • Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows

http://www.eightforums.com/tutorials/17058-secure-boot-enable-disable-uefi.html

Rising Star

tim_s

Posted
Posted

Interesting:

  • UEFI allows firmware to implement a security policy
  • Secure boot is a UEFI protocol not a Windows 8 feature
  • UEFI secure boot is part of Windows 8 secured boot architecture
  • Windows 8 utilizes secure boot to ensure that the pre-OS environment is secure
  • Secure boot doesn?t ?lock out? operating system loaders, but is a policy that allows firmware to validate authenticity of components
  • OEMs have the ability to customize their firmware to meet the needs of their customers by customizing the level of certificate and policy management on their platform
  • Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows

http://www.eightforu...sable-uefi.html

Wait I am confused, are you correcting yourself?

Grand Master

Noir Angel

Posted
Posted

I'm thinking it's more in the realm of preventing bootloader activation cracks and rootkits that inject themselves into the bootloader. I'm pretty sure part of the spec is that manufacturers must place an option in the BIOS to disable secure boot.

Grand Master

vcfan

Posted
Posted

So explain how people are booting Ubuntu on surface pros

Microsoft signed a shim bootloader for Linux.This is basically a generic prebootloader that allows to run a secondary bootloader which can be specific to each Linux distribution. The shim bootloaders is generic because Microsoft cant keep signing every new version of bootloaders for Linux guys. Therefore since this is a trusted binary, its able to run and then boot Linux with secureboot enabled.

Grand Master

Steven P. Administrators

Posted
  • Administrators
Posted

If it weren't for the fact that 90% of PC users are uneducated and unwilling to learn about what they bought/use (but also cannot live without it these days) we wouldn't need "Secure Boot".

I got fed up of helping people with viruses and trojans taking up hours of my time (mostly for free) that I just prefer they go to someone else or even pay for a professional to help them now.

Grand Master

techbeck

Posted
Posted

I got fed up of helping people with viruses and trojans taking up hours of my time (mostly for free) that I just prefer they go to someone else or even pay for a professional to help them now.

Only people I help for free now is family, and if I am doing work for a charity. I told my one sis if she ever installed Limewire again (she kept installing it after I kept telling her not to) that I will not longer help her and she will have to pay to get the system fixed next time.

companies can put all the protection they want on a system...if hte user is uneducated and do not know what they are doing, no amount of protection will help. I would figure with computers being so common and wide spread that more people would be smarter.

  • Steven P. and Chaz Scholton
  • Like 2
Grand Master

#Michael

Posted
Posted

Only people I help for free now is family, and if I am doing work for a charity. I told my one sis if she ever installed Limewire again (she kept installing it after I kept telling her not to) that I will not longer help her and she will have to pay to get the system fixed next time.

companies can put all the protection they want on a system...if hte user is uneducated and do not know what they are doing, no amount of protection will help. I would figure with computers being so common and wide spread that more people would be smarter.

Screw that...I stopped helping out my family because it was pointless. The only ones I still help are my parents...you cannot say no to Mom and Dad :)

Grand Master

remixedcat

Posted
Posted

Simple, create a limited profile, define in GPO what applications she can use after you downloaded and configured the software she needs. and there yah go. I do that for my family to keep the lappie nice and clean and keep me sane!

Grand Master

Gotenks98

Posted
Posted

There is no conspiracy, how hard is it to go to the bios to turn this off? Anyone who is going to be dual booting and such are already going to know about this or things like this to get around it. So why make a big deal over this?

  • ahhell and remixedcat
  • Like 2
Veteran

bikeman25

Posted
Posted

Thought Microsoft Security Essentials when released would cut down on Family infecting there PC's with junk, but I find that i'm still helping family remove Trojans and junk off there PC's pretty regularly, gotten to the point only help Mom these days, rest I recommend to local small PC shop, as too much time cleaning there PCs

Most of Family though removed MSE when they saw it failed certification tests...So I guess up to them now what they use.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Ford execs say they made a mistake when they replaced human engineers with AI

      By TsarNikky · Posted

      How many other companies will follow Ford's lead? Or, have they already gotten lazy and become enslaved to AI--and now can't figure out how to get out of that mess.
    • The Trump administration doesn't want you to use OpenAI's GPT-5.6 without its approval

      By TsarNikky · Posted

      Why would any self-respecting intelligent person follow any recommendation by Donald's GOP administration? With almost two years of fabrications, deceit, and blatantly illegal behavior, why believe them now? They had best be gone after the November 2026 election, so we'll wait and see.
    • AltSendme 0.4.1

      By Copernic · Posted

      AltSendme 0.4.1 by Razvan Serea AltSendme is a minimal, cross-platform application designed for fast, secure, and private peer-to-peer file transfers. It allows users to send files or entire directories directly between devices without relying on cloud servers, accounts, or any personal information. Everything is encrypted end-to-end using modern protocols like QUIC and TLS 1.3, ensuring both strong security and low-latency performance. Transfers are verified with BLAKE3 for data integrity, and interrupted downloads automatically resume, making the experience reliable even on unstable connections. You can transfer anything—images, videos, documents, and more. Integrity checks are performed on both ends, so your files are automatically verified for correctness during both sending and receiving. AltSendme works seamlessly across local networks or long-distance links, capable of saturating multi-gigabit connections for extremely fast delivery. With built-in NAT traversal and encrypted relay fallback, it connects devices almost anywhere. The app integrates with the Sendme CLI and will soon support mobile and web platforms. Fully free and open-source, AltSendme offers a lightweight, privacy-first alternative to traditional cloud-based services, removing size limits, upload costs, and unnecessary data exposure. AltSendme 0.4.1 changelog: Release Highlights Self-hosted relays: Run your own iroh relay so transfers don't rely on public infrastructure. Includes a full deployment template in deploy/relay/ with Docker Compose for a VPS and configuration examples for production use. Fly.io support: One-click deploy template for Fly.io, including a quick-start config (fly.dev.toml) for testing without a custom domain, plus production setup with Let's Encrypt and your own hostname. Relay settings UI: New Settings → Network panel to choose how AltSendme connects: automatic public relays, custom self-hosted URLs (with optional auth token), or disabled. Test connections, verify latency, and see live relay status in the footer. Disable relays: Turn off relay servers entirely when you only need same-network transfers (e.g. LAN). Direct connections only. No relay hop required when devices can reach each other. Android graduates from beta: Android is now part of the regular release cycle alongside desktop. APKs ship with each version (universal, arm64, and armv7). Other improvements Private relay access control via shared auth token Relay fallback notifications when a custom relay is unreachable Broadcast mode toggle in sharing settings Android release build fixes (split-per-ABI APKs, universal APK preservation) UI polish: mobile safe-area insets, dropzone layout, transfer progress animation Bug fixes for minification-related serialization issues and system tray icon loading What's Changed feat(relay): add relay status functionality and settings UI (a120cdf) feat(relay): implement custom relay server configuration and verification (51276c7) feat(relay): add configuration for private relay access and enhance observability features (48fbabf) feat(relay): enhance relay URL validation, display connection status (d4fffa0) feat(relay): add RelayChangeGuard component and enhance relay-related translations (16ba514) feat(broadcast): add toggle setting for broadcast mode in sharing UI (ca6d977) fix(relay): correct QUIC discovery port, pin image, templatize fly.dev (52a2ba5) fix: More broken serialization due to minification (67491a9) fix(android): preserve true universal APK across per-ABI builds (e9f256f) fix(ui): conditional safe-area insets padding on mobile (1182f0e) refactor(transfer): CircularRing component animation fix (944572b) chore(android): drop x86 and x86_64 release APKs, keep universal+arm64+armv7 (34ada0b) Download: AltSendme 0.4.1 | ARM64 | ~9.0 MB (Open Source) Download: AltSendme for MacOS | Android Links: AltSendme Home Page | GitHub | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Why Delta Chat is the best decentralized messenger you have probably never tried

      By zikalify · Posted

      You are mostly right about the ephemeral nature of it. As I mention in the article, if you dont add a second device or take a backup of your account before uninstalling it, then yes you will lose access to your account. That said, in terms of actual user experience when you sync multiple devices your message history carries across and there's also a Saved Messages chat like there is on Telegram to send messages and attachments between your installs. But yh, what you point out are correct and its not trying to emulate Messenger or Telegram.
    • You've tried DuckDuckGo and Brave Search, now get serious with SearXNG

      By zikalify · Posted

      OK so SearXNG is a meta search engine that you can install locally or use via a public instance. It scrapes other search engines which you choose and then sorts the results. Not as complicated as multiple relays

  • Recent Achievements

    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done
    • One Year In
      bernmeister earned a badge
      One Year In
    • Week One Done
      Scoobystu earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      492
    2. 2
      +Edouard
      224
    3. 3
      PsYcHoKiLLa
      150
    4. 4
      Steven P.
      75
    5. 5
      FloatingFatMan
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!