Usage of Linux or other non-Windows operating systems is being hobbled by security feature Secure Boot which Microsoft imposes on pc manufacturers. For Windows 10 the producer of Windows no longer requires a Secure Boot off-switch for end users. This provides new ammunition to a Spanish antitrust complaint from 2013, which is still under consideration by the European Commission.
“We will be reactivating and will continue to pursue our case shortly, adding the information we now have about Windows 10 to the complaint”, states Paul Brown, spokesperson for the Spanish Linux user group Hispalinux. He responds to questions asked by Dutch tech publication PCM regarding Microsoft scrapping the requirement for pc manufacturers to have an ‘off-switch’ for Secure Boot. That security feature makes sure that BIOS successor UEFI (Unified Extensible Firmware Interface) only starts approved software.
‘Total lock down and monopoly'
“The news about Windows 10 confirms to the letter what we predicted in our complaint, to wit: that the Windows 8 UEFI was a first step towards a total lock down of generic PCs imposed on manufacturers by Microsoft, thus creating a monopoly within the PC market worldwide and stripping consumers of their right to run any software of their choice on the machines they buy.” Hispalinux filed a formal antitrust complaint regarding Windows 8 in march 2013.
Back then, Microsoft had already denied these accusations. Secure Boot combats malware by letting a pc only boot software which has an approved digital signature and accompanying security certificate. Windows has these required elements, and other operating systems (OS’es) can acquire such a signature and certificate, explained Microsoft. The letting go of the requirement for a Secure Boot off-switch gives pc manufacturers the choice whether or not they give their customers a completely free OS choice.
The digital rights organisation Free Software Foundation Europe (FSFE) has warned back in 2012 that Secure Boot can be implemented quite differently by different pc vendors and that the requirements can be changed at any time. The FSFE is now evaluating the new situation, as changed by the new requirements for Windows 10, says spokesperson Matthias Kirschner in response to questions by Dutch tech publication PCM. This evaluation is being done with other organisations, including sister organisation FSF, the digital rights foundation EFF (Electronic Frontier Foundation) and several technical experts, including the German blogsite Netzpolitik, which leaked details about TPM 2.0 which is linked to Secure Boot.
“It means that we currently take a look how the changes of the Windows Hardware Requirements regarding Secure Boot and the changes from TPM 1.2 to 2.0 will influence the device owner's ability to control an IT device”, states Kirschner. “As those requirements are quite complex this will take some time. Then we will consider all options we have available to counter this, and to make it possible that users can control technology, instead of being controlled by technology.”
The Windows 8 complaint
Meanwhile there is still the original antitrust complaint by Hispalinux. “We pursued this matter for well over a year until we hit a stone wall”, comments spokesperson Paul Brown on the formally still running matter. He gives a timeline since the filing at the end of march 2013, which included “a full assessment of the situation carried out by technical an legal experts”. In april of 2013 Hispalinux “filed some further amendments as a result of further research that reinforced our claim that Microsoft was carrying out monopolistic actions within Europe.”
In the beginning of 2014 Microsoft filed a formal response at the antitrust authority of the European Commission, says Brown. Microsoft has not yet been able to supply PCM with details about this response. According to Brown the response was weak: “full of inaccuracies and falsehoods”. He says that Hispalinux is not sure why Microsoft “did such a sloppy job”. Immediately following that filing Hispalinux filed a formal rebuttal to Microsoft’s response, also in the beginning of 2014. Brown: “We are still waiting from news from the European Commission as to what the next step is.” PCM has asked the antitrust division of the EC about the current status of the antitrust complaint but not yet received a response.
Microsoft responds to PCM’s questions by pointing to a formal statement by former antitrust commissionar Joaquín Almunia. The successor to competition commissionar Neelie Kroes has answered questions by the European Parliament about Secure Boot in the beginning of 2013. His answers were however given in the beginning of march, so before the filing of the complaint by Hispalinux. PCM has pointed this fact out to Microsoft and was told that there would be a “check with international colleagues” within the company as to what the current status is of the antitrust complaint.
The competition spokesperson of the EC informs PCM that the assessment of this complaint is ongoing. It is not clear in what timeframe this matter might be concluded.