Link to Original Source
Link to Original Source
Microsoft has a problem. Only 100M Windows 8 licenses sold, less than 60M actually being used for Windows 8 (all enterprise and some pro licenses include downgrade rights... big companies buy Windows 8, but they're still installing XP or Windows 7). They also have the problem of being seen big, slow, and stupid. Apple's doing one iOS and usually one MacOS upgrade per year, and not charging big bucks. Android has been even faster, with usually two major releases per year.
Microsoft can't take them on head to head on a 3-year upgrade schedule. So the old "Service Pack" sounds like a bug fix. Now it's going to be a new incremental OS update.. which they thought, briefly, about charging for. They did this before, with Windows 98SE... no idea why, but there's history. But they have clearly decided that, whatever's in this update, the value to Microsoft in getting this out (perhaps selling more Windows 8.x copies, necessary to get developer support) is worth far more than they'd make selling 60M update packages.
The danger, of course, is that this is seen as just another service pack. They need to deliver the kind of punch you see from Android 4.1 to 4.2 or the numerous MacOS upgrades. They might... but some of that's going to be selling it, and most of those to new users who avoided Windows 8. Though given how bad Windows 8 is, after the lesson of Vista, I wouldn't place any bets...
There are only about 76 million X-Box 360s, total. There were 480 million Android devices sold just last year. I don't know how many people hold MS Accounts
So yeah, they decided they can't charge for a service pack. Not news.
The change in name... 8.1 vs. 8sp1 is no doubt aimed at, very least, suggesting Microsoft is doing real yearly OS updates. This is needed because of the competition. Google usually does two new Android major releases in a year. Apple does one iOS and about one MacOS release every year.
Microsoft, on their typical 3-year schedule, simply can't compete with the pace of technology. Even today, not so much. Windows Phone OEMs are already complaining that the HW requirements of Windows Phone 8 is, once again, making it impossible to compete head-to-head with Android and iOS. I don't disagree.. though part of that is the artificial split between Windows Phone and Windows on tablets; iOS and Android don't do desktop, but they do tablet and phone. On Android, apps routinely adjust themselves for the different screen resolutions, so adding new ones is no big deal. Windows has a small number of very specific requirements, and hardware is changing faster than those numbers.
Sure... really long term, we're doomed either way. If there's the critical mass for a Big Crunch (these days, it's a question of dark energy vs. dark mass, given that even today, galaxies are still accelerating from one another), everything crunches together, whatever that really means. If not, eventually, all stars die out, and it's the heat death scenario.
But in practical terms, that's a "high class" problem. Any given species on earth is good for a few million years at best. We expect our big brains will automagically solve this problem, but another big dino-killing-sized asteroid could easily offer a different opinion. If we establish multiple home planets, we're trading some many thousands of years for many billions of years, potentially, of humanity.
So the next problem... leaving the Universe for the one next door. If that's a real thing, anyway, as modern physics suggests. And yes, I do like Stephen Baxter's books, thanks for asking
Take the long term view. If mankind goes extinct, then absolutely nothing we every worried about in the short term matters one iota on that day after the last human dies. Right now, and as long as we're only on Earth, any number of catastrophies could kill us all in sort order, some we create, some that just happen. Either way, mankind and every thing it ever did ceases to matter at all.
Or, we keep working to fix this ultimate problem. Taking the million year view, moving sustainably beyond earth is the most important thing humanity will every do.
Link to Original Source
If you're paying a signer, that means they're signing your image with their private key so it works with their KEK (Key Exchange Key), presumably already in Flash. But that's not the correct process.
Rather, the original intention was for the user to be in charge of keys. You can go with the PK (platform key, which is the root key) supplied by your board manufacturer, but you're supposed to have the ability to replace it (and of course, clear out any KEKs) if you like. And you're supposed to be able to install your own KEK.
So for example, you compile up your own Linux kernel to use with Slackware or whatever. Long ago, you generated your own private key for signing your personal Linux binaries, and generated a KEK for your motherboard for that private key, which lives in the signature database right next to the Microsoft KEK and any others you or your motherboard manufacturer might have installed. So you sign the new binary, and it just loads (actually, the signature database can deal with both signed and unsigned binaries -- if you image isn't signed, the OS can be securely installed by storing a SHA-256 hash of the boot image in the signature database). No need to involve Microsoft, no need to risk boot from a virus.
But of course, making it this simple gets around Microsoft's ultimate plan to control your personal hardware. Can't have that, can we. Microsoft's got the only KEK pre-installed on every UEFI motherboard, and they do because the industry let that happen.
Eventually all hardware will be like this. What will be your solution then? Don't buy a computer?
No, all hardware will not eventually all be like this, simply because it's not a function of the hardware at all. It's the software -- specifically, the BIOS. Not everyone on this list can necessarily design their own PC motherboard (I can -- not a huge deal, but certainly not cost effective against a company making 100 million PCBs a year), but I'll wager there are more than a few, just reading this, who could modify an open source BIOS (OpenBIOS, CoreBoot, etc), bust out a JTAG programmer, and re-flash a locked-down PC motherboard or a well documented standard ARM motherboard, to allow easy loading of other operating systems.
Of course, that re-flashed system won't run any version of Windows that requires a locked BIOS. But if you needed that version of Windows, you wouldn't have done the reflashing. And with Windows on the fast track to not be a useful desktop OS in a generation or two, it may not even be a huge concern.
And given how easy this is, given that it doesn't change the hardware one iota, the market isn't vanishing. It may shrink, sure, if most users are happy with locked-down tablet devices. There are healthy companies making various motherboards for industrial and mobile computers only selling 25K-50K per year, but doing so profitably. The market for real PCs is much, much larger than that, and will still be in 20 years.
Microsoft actually did float this same basic effect, if perhaps via different tools, back in 2001. Their SecurePC was a super locked-down, Windows-only PC. That's been their goal for awhile now. The fear generator back then was piracy -- this was, after all, right after the whole Napster thing blew up. If you had a SecurePC, only Microsoft-approved things would work, you'd have DRM to the bones (or at least the BIOS), etc.
Funny thing was that the OEMs rejected it. And mostly, I think, because they saw Microsoft as being too powerful already, and didn't want to make them even more powerful by essentially giving them a permanent OS monopoly... there wasn't going to be a way to run any other OS on these systems, as I recall.
So it's here again, same basic idea, only rolled out component-wise and within the auspices of industry support -- after all, the UEFI BIOS is an industry standard -- they just screwed the pooch on the handling of keys. Or left that to the Microsoft people on the UEFI Forum. In the UEFI specification, they allow only a single platform key (PK) installed on a system at any given time, and you, the hardware owner, was expected to be in charge of installing your platform key of choice. The PK is used to generate KEKs (key exchange keys), which then authenticate various bits installed on the PC. When you buy a Windows 8 PC, Microsoft's KEK is pre-installed. The problem is that in practice, the user has been removed from this process. The OEM installs the PK and the Microsoft KEK. They could also pre-install KEKs for Ubuntu or Red Hat or Haiku or AROS... but they don't. And, contrary to the original intent of the UEFI Form, you can't, either. In short, the whole thing is broken. UEFI was never intended, at least in theory, to protect you from your own legit use of your purchased hardware. It was intended to ensure nothing evil got control of your PC at boot time, at least not without your explicit permission (presumably, installing a KEK would be a fairly simple but intentional process... I suspect you'd go to the Ubuntu site, download their key onto a USB drive, reboot into the BIOS, go to the key management tab, enter the key and generate your KEK for that OS. Then you could install it under Ubuntu's key, no need for Microsoft... and no way for a malware application to force you into doing this, either. But that wouldn't work to block non-MS-OSs, so that's not the way Microsoft does it.
In fact, Microsoft is in effect reverse-subsidizing the Surface systems. They're charging very high prices... the Surface RT is inferior to the latest iPad and many recent Android tablets. The purpose here is simple: Microsoft's overcharging the customer will potentially give them Apple-like margins, and it will definitely let them charge OEMs the $95 or so they have to pay for Windows RT + Office, yet still be price-competitive with Microsoft... if not Apple or the Androids.
To see this in action, look at Asus. They have a successful line of Android tablets, the "Transformer" series. I have a TF700, which has a 1920x1200 screen, a nVidia Tegra T33 processor (1.7GHz), DDR3/1600 RAM.. this ran me around $499 with 64GB Flash. They also make the TF300, which has a 1280x800 screen, Tegra T30 processor (1.2GHz), DDR3/1333, and runs around $350 with 32GB Flash. The TF600, Asus' Windows RT version of the "Transformer", comes with the standard Windows tablet resolution of 1366x768 (16:9 for Windows, 16:10 for most Android tablets), the same Tegra T30 processor, but at 1.3GHz, the same DDR3/1333 memory, but 2GB worth (Windows am hungry for RAM), and 32GB for $499.... though only about half of that Flash is available. That's the "Windows Tax" at work... a slightly upgraded TF300 for $150 more, basically at the price of the TF700 with twice the Flash storage.
So that's what Microsoft is "subsidizing" here. They have no per-unit costs other than patent licensing, so they could go head to head with Apple and Android, but they're leaving room for the OEMs, at least right now. Which, of course, makes any Windows RT system a horrible value compared to Android devices, even if you neglect the fact you probably can't do much of anything with it. There's little software... it does run all those juicy Windows 7 Phone apps. Right. And sure, if you need MS-Office, but I suspect anyone really working in tech around here long ago gave up Office -- the last company I worked at demanding Office was in the mid-1990s. Business folk don't want Windows RT either, since they can't join Windows domains. These are for unsuspecting consumers.
It's not the hardware. It's a bog standard nVidia Tegra 3 platform, with software (the BIOS) that demands a proprietary key.
Actually, no... it's a general purpose machine with a bootloader (BIOS) designed to not load anything (even another bootloader) not signed with a Microsoft key. The problem isn't the hardware, it's the software in flash in the machine -- Microsoft's proprietary UEFI BIOS. Replace that with something else, and you'll be able to use the machine for other purposes.
But don't do that. These need to fail in the marketplace. And people who understand the difference need to support companies that support open boot, out of the box.
It's not. It's an $800-$900 laptop missing its keyboard (available as an option), running a processor from a $500 laptop, and shipping with too little RAM or SSD space to be a very effective Windows machine.
Surface is a product for the Microsoft fanboi, no one else. Linux people just on principle shouldn't buy Surface computers, even if they get to the point where they run Linux just dandy. I mean, you really want to be feeding the beast on hardware, too? Better to buy a device from a Linux-friendly company.
Intel is going to SOLDERED ON CHIPS so frankly? Too late.
They did, a long time ago, in laptops and other smaller devices. They have already announced that no, they're not going to ONLY soldered-on chips. But that's not even the issue -- the CPU doesn't contain the BIOS. It's the BIOS -- a chunk of software that is, in this case, provided by Microsoft, that's the problem. Folks are asking Microsoft to allow this chunk of software to load other OSs, because in the past, the BIOS did that. Of course, in the past, the BIOS was an independent thing, not a Microsoft thing, so that was rather natural.
But the on-board Flash was soldered on long ago.. that's not a new thing. You might need a hack to re-program this in software, particularly if protected boot sectors are used, but in hardware, because these things are soldered on, there's usually some additional interface, such as a JTAG port, used at production time for programming. Or available for that -- some large volume companies may order the flash chips pre-programmed, but they can still be overwritten.
Also if you don't like UEFI? Then DO NOT BUY INTEL, its called voting with your wallet, is that REALLY so hard? Everyone forget that AMD embraced FOSS and was switching to Coreboot (probably have on the FM series but I'm still building Am3+ ) so again just DON'T BUY IT!
Absolutely agree... if you don't like a thing, don't buy it. When you buy something, that's a vote to support that thing, far as the manufacturer is concerned. When they have warehouses full of unsold goods, that's when they start reconsidering bad decisions. As techies, we have an obligation to not simply not buy unacceptable products, but tell all those people who ask for technical advice not to buy those things as well.