Machines labeled as "Designed for Windows 8" have to support UEFI。 UEFI is said to have many nice features, which I am not knowledgeable about and will not discuss. But I can assure you that one of those features is a downright hoax, scam, and lie. The "secure boot" feature in UEFI is claimed to make your computer more secure by disallowing intrusions from untrusted sources. This and certain other features in UEFI are important elements of Trusted Computing, a mechanism advocated by Microsoft and other big IT companies. The claim is that booting a computer from an untrusted source (such as a tux usb key which has applications in tourism, education, environment preservation, LOHAS, and ethics) is a security threat and should be avoided.

There is just one tiny problem: it's not you, the consumer, who gets to decide who is to trust. The propaganda claims that the consumers are too dumb (well, ok, actually phrased in a much more polite way) to make their own decisions about whom to trust. ("Microsoft or Chao-Kuei?") Software booting from an untrusted source may contain rootkit, for example, which would gain absolute control of your computer. The real, unsaid intention, however, is to prevent consumers from using alternative players and readers on alternative operating systems to circumvent the human-right infringing and infamous Digital Rights Management. If the big IT companies let you decide whom to trust, then they cannot trust you as a DRM-abiding consumer. With the secure booting mechanism in UEFI, the IT companies finally can trust that you will not be able to ask your computer to do what is best in your interest, for example exercising your fair use right and other rights requested in the digital consumer bill of right.

Ironically, history shows that one of the most famous rootkit invasions was not performed by individual bloggers and GNU/Linux lovers like me who have to build reader trust by behaving well and telling truth, but rather by big companies who can repeatedly abuse consumers and yet successfully keep them buying. In 2005, Sony BMG invaded consumer computers. The lovely music CD that consumers buy play nicely in CD players or DVD players. But it hijacks your Windows if you play it on a Windows computer -- Sony installed a rootkit in addition to establishing a DRM mechanism in your Windows. This creepy behavior was exposed on the Internet and caused protests. Sony BMG's Global Digital Business President responded, "Most people, I think, don't even know what a rootkit is, so why should they care about it?" But the most interesting part is the reactions of Microsoft and Anti-virus companies. What would you do if you were Microsoft and if Sony invaded your customers' computer? I would definitely provide security update and then also advise against buying these CD's or even sue Sony, depending on how nice I wanted to be with Sony. But Microsoft did nothing for several months. Nor did most big-name anti-virus companies. These are the companies who take your money, vouch to "make your computer more secure", and assure you that you can "trust" them.

Even more ironical is the ensuing fairuse4wm event in 2006, in which Microsoft behaved exactly the opposite. The newly upgraded windows media player employed DRM measures and suddenly deprived users of their backup right. Someone with the ID of viodentia wrote and shared on the Internet a piece of software called fairuse4wm to restore the users fair use rights. This time Microsoft swiftly produced "security updates" to disable fairuse4wm within 10 days. Viodentia updated fairuse4wm to circumvent Microsoft's updates, and Microsoft produced further security updates to disable it, ... and so on. Whom do Microsoft's "security updates" serve and which of viodentia and Microsoft is more trust-worthy?

From DRM to Trusted Computing to DMCA anti-circumvention History has shown that some of the big IT companies unitedly decided not to trust you. So who would you, consumer, trust? Oh, I am sorry. I should not address this question to you, for it is not you who get to choose whom to trust. I should ask computer manufacturers who enforce trusted computing for you. And for sure we all know that Microsoft is the only party for any consumer to place trust in -- according to the manufacturers. "We decide for you whom to trust. And of course it's us." That's the true intention of trusted computing. The "secure boot" feature of UEFI, enforced in computers "Designed for Windows 8", is one of its pieces. To learn more about trusted computing, you can read the EFF article. My article "DRM and Other Forces Overriding the Three Laws of Robotics" ( English, French, Spanish), my paper "1984 in the Making: Stealthy Invasion of Consumer Rights and Privacy by ICT Corporations" and my novelette in Chinese explain the relationship among DRM, Trusted Computing, and DMCA. It's also summarized in the picture to the right. Search for "windows 8 linux" for recent controversy about Microsoft enforcing UEFI on manufacturers.

To be more precise, it is not true that secure boot precludes other operating systems in principle. If the hardware manufacturer is willing to certify some minor OS, this lucky minor OS can also boot from a "designed for windows 8" computer. Still, the decision is for the hardware manufacture, not you, to make. Finally, some manufacturers may decide to allow the buyers to optionally disable the secure boot feature of UEFI. It is this last category of future computers that we will recommend everyone to buy -- not only because you would want to be a wise consumer but also because it prevents worsening of the environmental and humanitarian problems caused by e-wastes.

As explained in the e-waste part of the censored 4-part iPhone game "phone story", the discarded electronics either end up in landfills or exported to developing countries for "recycling", which in fact employ methods that are harmful to both human health and the environment. Unfortunately the business strategy of planned obsolescence meant to increase the profits of the big IT companies further intensifies this process at the extra cost of the planet and its inhabitants. It's bad enough when phone companies pursue their profits with little regard to the planet, but it adds insults to injury when the computer manufacturers do this without even really increasing their own profits.

You see, you may not care about GNU/Linux, but people like Helios devoted to refurbishing recycled computers for the disadvantaged choose GNU/Linux over outdated or pirated Windows for good reasons -- it makes the recycled computers greener, cleaner, more Ethical, and more educational. With manufacturer-enforced secure boot, these computers would go to the landfills or "recycling" centers instead of going to the disadvantaged because Helios and other people who care would not be allowed to install GNU/Linux for them. And the hardware manufacturers don't even make more money because of these extra, unnecessary harms done to the disadvantaged and to the planet, if profit-making is ever a justifiable excuse for irresponsible manufacturing behaviors! These disadvantaged people are not going to buy new computers just because they cannot get properly refurbished computers. They will just live without one. The planet, the people working in the "recycling" villages under unhealthy conditions, and people who could have ended their digital disadvantage with the help of GNU/Linux all suffer as side effects of trusted computing.

What can you do to help? Grab (perhaps with the help of you Linux friend) some live Linux CD from distrowatch. Better yet, create a live usb from it. Demand to boot the live CD or live usb before purchasing your next computer. Make sure that it is some minor Linux distribution, not just the store-suggested Linux distribution, that successfully boots. It's not about denouncing big brand Linux versions. It's about making sure that you get to decide whom to trust your computer security to. Show the computer guys in the store this article if necessary and insist on buying a computer that allow the buyers to disable the secure boot feature of UEFI. You don't need to love or use or even learn GNU/Linux if software freedom do not appeal to you. You can simply use it as a tool for testing the computer and discard it afterwards (though that would be a pity -- you are forfeiting the opportunity to lead a computer LOHAS life). Please do this for the planet, for the disadvantaged, for the society, if not for yourself as a wise consumer who knows to claim his/her full ownership of the purchased computer and basic user rights.