Stories
Slash Boxes
Comments

Dev.SN ♥ developers

Windows 8 Update Erases Grub, Enables Secure Boot

posted by LaminatorX on Wednesday March 26 2014, @10:13AM   Printer-friendly
from the It's-a-trap! dept.

deif writes:

A recent Windows 8 update detects other OS installs as a "security problem", erases non-windows bootloaders and enables UEFI Secure Boot, all without user intervention.

From a posting on reddit:

I contacted MS by chat (in Dutch, so of no use to you) and asked them about this. They vehemently denied this was possible at all. Multiple times, in no uncertain terms. Same results were acquired by phone: denial, denial, denial.

I pointed out that it did actually happen, and that it wan't the first time such a thing had happened in the history of MS updates -so "impossible" was BS, to put it shortly.

Then came a chat reply which amounted to "MS updates makes sure W8 functions fine, it does not look at other OS's integrity". This is, in my opinion, a de-facto admission that yes, the update had changed the bootloader back to the W8 version that ignores other OS's, and yes, it had set the UEFI setting back to "secure boot."

 
This discussion has been archived. No new comments can be posted.
Windows 8 Update Erases Grub, Enables Secure Boot | Log In/Create an Account | Top | 1000 moderator points   | 48 comments | Search Discussion
Display Options Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Interesting) by VLM on Wednesday March 26 2014, @11:19AM

    by VLM (445) on Wednesday March 26 2014, @11:19AM (#21547)

    "booting from different drives"

    I also have windows and Debian and some other things booting from different drives... the strategy I use is in an external 5.25 inch bay (where the dvd would go...) you put a $30 or so tray that holds 3.5 inch drives.

    You buy about 4 or so trays, stick a drive in each, set them up as windows or BSD or Debian or Ubuntu or WTF and simply swap drives in and out. It would be very hard for windows XP to mess up my Debian install when the debian hard drive is not physically installed inside the machine.

    MOST Of the time these tray things are sold to wanna-be desktop RAID people so one interesting strategy is to mechanically install 3 trays but only one gets electrical power and SATA, the other two are just protected storage of drives. A wall shelf works well. The trays don't protect the drives very well from a fall.

    I have a basement fileserver with mirroring RAID set up with trays and it makes offsite backups VERY easy because a rotating 1 of 3 drives in the mirror spends its life in the safe deposit box at the bank. Over the years of course the time to reform an array has increased from "hours" to "days" so how long this is viable is a question as soon we'll have 10 TB drives that take a month to mirror, so a monthly rotation might not work so well. Actual long term drive bandwidth has not nearly increased as fast as storage capacity.

    I also find trays make periodic storage upgrades painless. No need to unplug everything and move the machine and take all the screws out of the chassis and reroute cables temporarily blah blah just yank the drive, swap the tray, insert the drive, done.

    I'm told they'll be unreliable. I've been doing this since mid PATA IDE era in the 90s and no problems yet. I'd advise not dropping the trays, not using a hammer to shove them into place, whatever.

    I originally got the idea from my time in .mil where drives were yanked out of desktops and gently placed (LOL) into safe to semi-secure the systems. I would imagine now-a-days they don't store sensitive stuff locally so it doesn't matter, or they shove entire laptops/tablets into the safe. Or just work in a building where the facility itself is of a certain security level (no ground floor windows, never unmanned or unguarded, etc). Secure is of course relative, lock up a hard drive all you want, that's not going to stop someone installing a hardware keysniffer. This is from observation of operations, not from being a .mil security guy...

    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 0) by Anonymous Coward on Wednesday March 26 2014, @10:19PM

    by Anonymous Coward on Wednesday March 26 2014, @10:19PM (#21874)

    external 5.25 inch bay[...]swap drives in and out

    Better idea: Never run Windoze on bare metal. If you *must* run Windoze, do that in a virtual machine.

    -- gewg_

    • (Score: 0) by Anonymous Coward on Thursday March 27 2014, @01:14AM

      by Anonymous Coward on Thursday March 27 2014, @01:14AM (#21931)

      What if you need the superior drivers, superior 3D acceleration, low latency and glitch-free sound? A VM does not give you that.

      • (Score: 0) by Anonymous Coward on Thursday March 27 2014, @04:50PM

        by Anonymous Coward on Thursday March 27 2014, @04:50PM (#22225)

        superior drivers, superior 3D acceleration

        Simple solution: Stop handing over your cash for junky hardware whose lazy/incompetent manufacturer doesn't properly support every OS that you run.

        low latency and glitch-free sound

        The software isn't the problem; the problem is your parsimonious nature--and your overblown expectations for legacy gear.
        (As noted previously, you're quite the spendthrift when it comes to poorly-supported peripherals.)
        It's time to get something with more oomph than your Pentium 4.
        Try something built in the last 6 years.
        Dedicating a core to the VM will cure what ails you.

        -- gewg_