July 30, 2012, 4:40 PM —
Here's Microsoft's plan: Every new PC sold with Windows 8 will be locked up tight with Microsoft's UEFI (Unified Extensible Firmware Interface) secure boot on. Microsoft says that this is to help secure your PCs from rootkits and malware. It also happens to stop you from easily installing Linux or any other operating system, such as Windows 7 or XP, on a Windows 8 system. Thanks Microsoft. We really needed that kind of protection!
To get you up to speed, the first thing you need to know is that UEFI is the 21st century replacement for your PC's basic input/output system (BIOS). When you turn your computer on these are the first computing services that turn on. These enable your operating system to then boot up. PC vendors have slowly been replacing BIOS with the more flexible UEFI for years now. Modern Macs, for example, all use UEFI.
UEFI isn't just a more advanced version of the BIOS. It's a mini operating system in its own right. Exactly what a UEFI does depends on how your chip vendor, PC OEM, and operating system vendors implement it. If a company wants to install Windows 8, they must use Windows' Secure Boot function, which blocks other operating systems from being booted and thus installed.
Linux developers have no problem with secure boot in and of itself. Indeed, as The Linux Foundation white paper, Making UEFI Secure Boot Work With Open Platforms (PDF), states, "Linux and other open operating systems will be able to take advantage of secure boot if it is implemented properly in the hardware."
The problem is that Microsoft requires vendors to implement secure boot in such a way that it makes it very hard to install Linux. It's possible that hardware companies will simply give us the option of turning off secure boot during the UEFI setup similar to the way you can now use your BIOS to choose if you want to boot from your hard drive or a DVD or USB Flash drive. We don't know yet though. Even though Windows 8 PCs will start shipping this fall it's still not clear how many vendors will implement secure boot The easy way will be for them to not give users the option of turning it off.