Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Lenovo UEFI Bug Only Likes Windows and RHEL

Soulskill posted about 2 years ago | from the you-didn't-think-this-through dept.

Operating Systems 162

New submitter Nagilum23 writes "It looks like Lenovo only knows of Windows and RHEL where their Thinkcentre M92p desktop is concerned. While investigating UEFI boot issues, Matthew Garrett found the PC's firmware actually checks the descriptive string for the operating system, and will prevent unlisted operating systems from booting. Garrett writes, 'Every UEFI boot entry has a descriptive string. This is used by the firmware when it's presenting a menu to users - instead of "Hard drive 0" and "USB drive 3", the firmware can list "Windows Boot Manager" and "Fedora Linux". There's no reason at all for the firmware to be parsing these strings. ... there is a function that compares the descriptive string against "Windows Boot Manager" and appears to return an error if it doesn't match. What's stranger is that it also checks for "Red Hat Enterprise Linux" and lets that one work as well. ... This is, obviously, bizarre. A vendor appears to have actually written additional code to check whether an OS claims to be Windows before it'll let it boot. Someone then presumably tested booting RHEL on it and discovered that it didn't work. Rather than take out that check, they then addded another check to let RHEL boot as well." Note that this isn't a SecureBoot issue. Lenovo is aware of the problem and looking into it.

cancel ×

162 comments

Sorry! There are no comments related to the filter you selected.

Stupid (0)

Anonymous Coward | about 2 years ago | (#42000971)

Momma always said stupid is as stupid does

Re:Stupid (0)

Anonymous Coward | about 2 years ago | (#42001485)

Which part of "Microsoft Puppet" did you not understand?

How easy is it to spoof the string? (2, Insightful)

Anonymous Coward | about 2 years ago | (#42000981)

... my guess would be VERY. No problem here for haxors. For the rest of us, just don't buy this crap.

Car analogy (1)

Anonymous Coward | about 2 years ago | (#42000989)

[uses gas chromatograph to detect type of gasoline in tank]
"We're sorry, but you have not used manufacturer-approved fuel. Car can not be started."

I guess what we need is the equivalent of spoofing the "user-agent" string for booting operating systems now? Silliness.

Bug? (5, Insightful)

Anonymous Coward | about 2 years ago | (#42000995)

You keep using that word. I don't think it means what you think it means.

It's not a bug if it's by design, and this is clearly intended behavior.

Re:Bug? (1, Insightful)

Samantha Wright (1324923) | about 2 years ago | (#42001041)

It's funny, because isn't this exactly the list of companies that have bought into SecureBoot? Maybe it's just a beta implementation. Guess it's not so secure if it can be spoofed this easily though.

Re:Bug? (5, Interesting)

halltk1983 (855209) | about 2 years ago | (#42001321)

Packard Bell used to do this back in 95. I had a system that specifically would not boot anything but Windows. I spent months trying to get it to run linux. It would not boot anything but windows off the drive. Found out years later that there was a check it did for what was booting.

Re:Bug? (5, Interesting)

Anonymous Coward | about 2 years ago | (#42001257)

You're making assumptions about what the intended behavior was. I think it unlikely that they intended to make the machine unbootable for anything other than Windows and RHEL. The bug (yes, bug) probably began with a hack to work around some windows issue that broke booting for anything else. Then, because they maybe only test with windows and rhel, some moron "fixed" the bug by adding a check for RHEL.

Re:Bug? (2)

gmuslera (3436) | about 2 years ago | (#42001343)

Is a meatware bug, not a software one

Re:Bug? or DESIGNED TO FAIL (1)

Anonymous Coward | about 2 years ago | (#42001705)

So, it is broken by design. Designed to fail.

Re:Bug? (1)

Anonymous Coward | about 2 years ago | (#42001721)

It's more like this: a complete idiot developing the UEFI code

It seems companies hire the thickest people to do this job.

(Yes, I have some experience in - trying to - work with them)

Re:Bug? (0)

Anonymous Coward | about 2 years ago | (#42002083)

Clearly brought to you by an advanced team of programmers using only the latest and greatest design philosophies... TDD.

Fail.

Re:Bug? (0)

Anonymous Coward | about 2 years ago | (#42002723)

Microsoft added a non-standard setting to network cards to frustrate linux a few years ago.

They seem to be doing everything in their power to make moving to a non-windows OS difficult.

When people can SDcard boot ChromeOS in 7 seconds we'll see a huge shift in the landscape of computers.

People want to get online and check their crappy websites.

Re:Bug? (1)

OrangeTide (124937) | about 2 years ago | (#42003363)

It's a bug in the developer. His intentions were a mistake and cause a segfault in the open source community.

Re:Bug? (2)

Pinhedd (1661735) | about 2 years ago | (#42003389)

Never attribute to malice that which can adequately be attributed to stupidity.

Corollary: Any sufficiently shocking display of stupidity is indistinguishable from malice

I doubt this was entirely intentional (1)

pointyhat (2649443) | about 2 years ago | (#42001003)

As a user of Lenovo desktops and laptops for the last 20 years, I haven't had a single problem like this before. I reckon it's a cock up or an outsourcing fail (they probably outsource their firmware). As for the fix, that's just being stupid.

Re:I doubt this was entirely intentional (5, Informative)

ArhcAngel (247594) | about 2 years ago | (#42001933)

As a user of ThinkPads for nearly as long I have a TP I cannot install a miniPCI wireless upgrade into without hacking my system because it is not an approved part for my specific ThinkPad. [thinkwiki.org] Even a miniPCI from another ThinkPad won't always work.

Re:I doubt this was entirely intentional (5, Informative)

X0563511 (793323) | about 2 years ago | (#42002763)

There is a reason for this:

The mini-PCI card is just the radio. The antenna is in the rest of the laptop (usually around the screen). The FCC only certifies them for certain radio+antenna pairings, and so they cannot get certification if they don't put in some mechanism to stop you from using uncertified pairings.

It's stupid yes, but the idea behind the policy is to allow the sale of high-power radios while keeping it within exposure limits. (the reason being is the same power going into an omnidirectional antenna safely can not only exceed but blow-out-of-the-water the exposure limits if put into a directional antenna. think bulb vs laser)

Well... (2, Informative)

Anonymous Coward | about 2 years ago | (#42001005)

Never ascribe to malice what can be explained by Microsoft getting desperate.

Re:Well... (4, Interesting)

ByOhTek (1181381) | about 2 years ago | (#42001073)

Given that RHEL is probably their biggest competator that move could be considered a counter to - I would say you need to put down your anti-ms tinfoil hat, your brain is overheating.

It's probably a support engineer related decision - "We don't want to have to deal with questions/complaints regarding unsupported operating systems that have gotten installed... so we'll prevent them from being installed."

  Neither malice or ms-induced maice, but rather just an idiotic solution to an annoying issue that they probably have to periodically deal with.

Glad I don't buy Lenovo. I tend to prefer FreeBSD and Hackintosh'ed as my non MS OS.

Re:Well... (1)

Anonymous Coward | about 2 years ago | (#42001241)

Oh look there's the ByOhTek DavidSell antitithenai Bonch TechGuys Overly Critical Guy InsightIn140Bytes InterestingFella HairyFeet SharkLaser jo_ham DCTech smithz HankMoody aka Burson Marsteller sockpuppet collection promoting their client's agenda again. Has Microsoft released another dull, plasticy OS again?

How surprising...

Re:Well... (0)

Anonymous Coward | about 2 years ago | (#42002845)

Sockpuppet or not he has a valid point, which is more than you can say.

Re:Well... (1, Interesting)

segedunum (883035) | about 2 years ago | (#42001377)

Given that RHEL is probably their biggest competator that move could be considered a counter to - I would say you need to put down your anti-ms tinfoil hat, your brain is overheating.

Ahhh, yes, black is white, there are no black helicopters and all that jazz........ It's firmly in that bracket.

It's probably a support engineer related decision - "We don't want to have to deal with questions/complaints regarding unsupported operating systems that have gotten installed... so we'll prevent them from being installed."

Errrrr, no. For one thing this actually takes effort which hardware manufacturers are not prone to actually putting in, for another I didn't think they give a crap about supporting any Linux operating systems and conveniently Red Hat is the only distribution Microsoft recognises for the purposes of their 'Safeboot' keys.

I tend to prefer FreeBSD and Hackintosh'ed as my non MS OS.

Nice of you to let us know that after telling everyone their paranoid lunatics for questioning this that, afterall, you're a regular non-Microsoft guy.

Re:Well... (2)

psmears (629712) | about 2 years ago | (#42001633)

Errrrr, no. For one thing this actually takes effort which hardware manufacturers are not prone to actually putting in, for another I didn't think they give a crap about supporting any Linux operating systems

Actually Lenovo are often pretty good [lenovo.com] about supporting Linux - e.g. they provide information and often drivers and support. I don't think the M92p is a model for which they do this though.

Re:Well... (1)

ByOhTek (1181381) | about 2 years ago | (#42001801)

I use whatever the hell works. But when someone prevents me from using something that would work, just because it's not the most popular alternative, I tend to get pissed.

I know they don't care about supporting any Linux operating systems, that's what I said. Having worked with nutjob support engineers/management before, the change described in TFS is something I could see them requesting to their bosses, to make support easier (if they can't install it, they can't ask about run time issues), and their bosses passing it down to the hardware engineers.

Re:Well... (-1)

Anonymous Coward | about 2 years ago | (#42001483)

On the enterprise level, RHEL isn't a threat. Hell, that OS can't even do deduplication in a supported context, nor use disks past 16TB.

What is a threat is Solaris, because it can actually do UNIX based stuff on a production level that the enterprise expects. ZFS especially.

Re:Well... (2)

guruevi (827432) | about 2 years ago | (#42001617)

Are you talking about RHEL or Windows? Because I know Linux can support 16TB de-duplicated volumes for a variety of file systems. Windows however is the one who can't support anything.

Re:Well... (1)

Anonymous Coward | about 2 years ago | (#42001789)

Ext4 supports up to 1EB filesystems, but RHEL apparently ships a version of the E2FS progs which is limited to 16TB because it uses 32-bit integers internally. So they're kind of correct, but the problem can presumably be fixed by just downloading and installing a newer version of the E2FS progs.

Re:Well... (1)

ByOhTek (1181381) | about 2 years ago | (#42001845)

Ugh. We use RHEL a lot where I work. We finally got rid of the crashy Solaris shit a few years ago.

As far as 16TB disks, to my knowledge we have well larger than that, on both RHEL boxes and NAS (making the OS using it irrelevant). Thought it's anecdotal, it seem Linux (primarily fronted by RHEL) is well more popular than Solaris. Having worked with both, I'd say I much prefer RHEL.

are you serious? (5, Insightful)

v1 (525388) | about 2 years ago | (#42001021)

I don't see how you can consider this a "bug"? You don't just "accidentally test a string for a specific value". This is clearly intentional operation, not a bug.

Re:are you serious? (5, Insightful)

rsmith-mac (639075) | about 2 years ago | (#42001119)

Bug is probably the wrong term here. I think "hilariously bad design decision" is a more apt description. Clearly someone didn't think this all the way through.

Re:are you serious? (2)

gl4ss (559668) | about 2 years ago | (#42001239)

sure they did think it.

the testing checklist included booting on rhel and windows and that's what it boots on - and presumably testing that some os without a signature doesn't boot. never mind it actually being secure or anything, because surely nobody would lie in their descriptive string right?

can't believe the engineers thought that they would actually ship this though..

Re:are you serious? (2, Insightful)

tibit (1762298) | about 2 years ago | (#42001405)

Man, if you only knew what ships out there...

Re:are you serious? (1)

blueg3 (192743) | about 2 years ago | (#42001629)

Bug is the right term here. Terrible design decisions and intentional but stupid implementation decisions are also bugs.

Re:are you serious? (0)

Anonymous Coward | about 2 years ago | (#42002481)

Could this design be a precurser set for an allout flood type of a forced install takeover of an operating system usurping entire usability, laying the groundwork for (mother of all worms, trojans or even complete enemy OS infusion) perhaps infra-structure, network wide or greater, internet wide? It just seems that in today's world of warfare, cyberwarfare this is conceivable or worse, desireable by many players.

The above comment this is in response to could be damage control by attempting to deceive the concerned population back into a lull of complacency.. /;-|>

\
Just wondering..

Re:are you serious? (3, Interesting)

bill_mcgonigle (4333) | about 2 years ago | (#42003537)

Clearly someone didn't think this all the way through.

or possibly: somebody merged a diff early. Microsoft gets control of UEFI, RHAT buys a license, and on Day-Zero all new Windows OEM machines ship with UEFI string checkers that only boot Windows or RHEL (without string 'hacks' - possible legal claims over fraud, +- DMCA interoperability claims).

Nah, could never happen.

Re:are you serious? (0)

Anonymous Coward | about 2 years ago | (#42001125)

You do if you do if all you understand is that your code is to check that only certain OSes can be booted but not the correct method for doing so...

Re:are you serious? (1)

geekoid (135745) | about 2 years ago | (#42001249)

If it got through testing by accident, then it's a type of bug.

Re:are you serious? (1)

X0563511 (793323) | about 2 years ago | (#42002867)

or if outright failure wasn't the intended action. Could be they intended to print a warning or something instead. I find this a bit much to swallow but there's a chance of it.

Re:are you serious? (0)

Anonymous Coward | about 2 years ago | (#42001731)

If a bug report comes in that says "Needs to boot RHEL" and the code isn't checking for it, the junior developer will indeed add an explicit check for that string, because they don't have the real-world experience outside of IBM to know that people do run other operating systems.

That's just great (2)

Attila Dimedici (1036002) | about 2 years ago | (#42001031)

That's a great idea. Someone who wrote a virus to boot before the OS would never think to tell UEFI that it was the Windows Boot Manager. /s

Re:That's just great (5, Informative)

ledow (319597) | about 2 years ago | (#42001103)

It's nothing to do with Secure Boot, just dodgy BIOS-writing again.

From TFS: "There's no reason at all for the firmware to be parsing these strings."

This is basically on a par with Windows 3.1 looking for MS-DOS signatures and refusing to boot otherwise (though that had an illegally anticompetitive reason), with BIOS's like the one I just forced an update from my supplier for (by threatening to return a significant number of laptops) which consisted of a BIOS checking for a certain value on disk being 00 before it would boot from that disk (a value which corresponds to 00 only on unencrypted Windows NTFS-formatted disks) and refusing to boot Truecrypt'd disks or anything with a non-NTFS primary partition (very common on certain HP and Dell models, that particular "bug"), and the like of which I've seen DOZENS of times in my own purchases because of:

STUPID BIOS WRITERS.

There is no reason to ever test that string, and certainly none to use it as a conditional to boot. It has nothing to do with any advertised UEFI feature whatsoever. The fact that the UEFI code even bothers to interrogate that string for anything other than displaying it to the user tells you that the manufacturer doesn't care about, and doesn't test, anything but Windows to the point they will hard-core their machines to only run Windows. They don't care about UEFI at all, or secure booting, or anything - just that it works when they run Windows.

Makes you kinda wonder who would ultimately be behind putting such an unnecessary and counter-productive decision into a machine's BIOS really.

Re:That's just great (1, Insightful)

Attila Dimedici (1036002) | about 2 years ago | (#42001269)

I agree that the BIOS writers were stupid for doing this. I also agree that there was no good reason for the firmware to be parsing these strings, although I have to disagree with the summary. There are many reasons for the firmware to be parsing these strings. They are all bad reasons from the perspective of anybody but Microsoft (and even there, probably not once someone thinks the whole thing through), nevertheless there are many reasons to do this. I am quite sure that at least one person intended to claim that it was done as an additional security feature above and beyond the basic UEFI specs.

Re:That's just great (0)

Anonymous Coward | about 2 years ago | (#42001839)

I can actually think of a good reason to parse these strings. To provide icons on the OS choice screen. That said, there's no good reason to *disallow* booting based on the results of parsing these strings.

Re:That's just great (1)

X0563511 (793323) | about 2 years ago | (#42002891)

Perhaps allow IT to make that call, but forcing it? That's retarded.

Re:That's just great (0)

Anonymous Coward | about 2 years ago | (#42001355)

No. What it is - The Chineese Govt. Chip based root kit called UEFI doesn't want competitors booting a secure OS that protects company data from them.

Re:That's just great (4, Interesting)

tibit (1762298) | about 2 years ago | (#42001431)

Most likely: the firmware is outsourced, and the outsources implements it to the letter, without applying any thinking.

Re:That's just great (2)

mlts (1038732) | about 2 years ago | (#42001533)

I was looking at a heavily discounted HP box on sale, and the one review of the model on Amazon stated exactly this -- it only booted Windows and nothing else.

If PC makers sell boxes that only boot Windows, they need to both put a warning that functionality has been deliberately limited/crippled, and give the customer a steep discount for shipping equipment that deliberately only functions in a limited context.

This isn't a knock against MS... if a PC is limited to any OS, that is a deliberate de-functioning of the hardware and should be labeled and warned about.

Re:That's just great (3, Insightful)

Hatta (162192) | about 2 years ago | (#42002319)

The fact that the UEFI code even bothers to interrogate that string for anything other than displaying it to the user tells you that the manufacturer doesn't care about, and doesn't test, anything but Windows to the point they will hard-core their machines to only run Windows. They don't care about UEFI at all, or secure booting, or anything - just that it works when they run Windows.

Makes you kinda wonder who would ultimately be behind putting such an unnecessary and counter-productive decision into a machine's BIOS really.

And people don't believe me when I tell them that OEMs will chomp at the bit to lock people out of other OSs with secure boot when MS finally flips the switch. They already care about nothing but Windows.

Disruptive Tech (0)

phrostie (121428) | about 2 years ago | (#42001043)

it's ok.

let MS kill the PC.

there will always be other new hardware.

Re:Disruptive Tech (2)

tepples (727027) | about 2 years ago | (#42001649)

let MS kill the PC.

there will always be other new hardware.

After PCs die, what hardware will remain that is 1. sold in U.S. stores with showrooms, and 2. not enforcing a walled garden against a machine owner's will like an iPad or game console?

Re:Disruptive Tech (0)

Anonymous Coward | about 2 years ago | (#42001973)

Macs.

Re:Disruptive Tech (0)

Anonymous Coward | about 2 years ago | (#42003253)

:(

Testing... (0)

Anonymous Coward | about 2 years ago | (#42001045)

RHEL may have been used in manufacturing test.

The apple has fallen quite far from the tree (3, Insightful)

Anonymous Coward | about 2 years ago | (#42001063)

I used to like IBM and Lenovo computers. But his offends me.

Re:The apple has fallen quite far from the tree (2)

ByOhTek (1181381) | about 2 years ago | (#42001361)

Since I've no mod points, and couldn't mod this topic anyway... Seconded.

Manufacturers shouldn't be able to tell the users of their hardware what software can be used on their hardware. At most, they should say "there are known issues of this software potentially physical damage." And if I got that, I'd probably reply with "The 80s/early 90s called, they want their computer problems back."

Shrug, plenty of other good hardware vendors out there. Though for a desktop, I've never understood not building your own, if you've got the skill and aren't in a business setting.

Walled gardening with impunity (1)

tepples (727027) | about 2 years ago | (#42001673)

Manufacturers shouldn't be able to tell the users of their hardware what software can be used on their hardware.

I agree with you that they shouldn't be able to. But in the real world, manufacturers of computing devices for home use have been getting away with walled gardening since 1986 when the NES and Atari 7800 came out.

Re:Walled gardening with impunity (1)

ByOhTek (1181381) | about 2 years ago | (#42001879)

The only argument I can come up with that, is that consoles aren't sold with the intent of being general purpose computers, and I don't think anybody really thinks of that as their intent, only us geeks find the idea of getting them to fulfill that purpose, to be amusing and fun.

Re:Walled gardening with impunity (1)

Benanov (583592) | about 2 years ago | (#42002485)

Sony attempted to do this with their Playstation 2 (and the Playstation 3) in order to work around taxes, not because they actually wanted it general purpose.

Re:Walled gardening with impunity (1)

ByOhTek (1181381) | about 2 years ago | (#42002943)

True, but I have long since decided that Sony and 'integrity' are oxymorons.

Re:Walled gardening with impunity (1)

tepples (727027) | about 2 years ago | (#42003557)

only us geeks find the idea of getting them to fulfill that purpose, to be amusing and fun.

That and anyone who wants to develop a video game but happens not to live near established video game studios.

Re:Walled gardening with impunity (0)

Anonymous Coward | about 2 years ago | (#42001895)

Not really. There were *plenty* of unlicensed, third-party titles for both the NES and Atari 7800.

Re:Walled gardening with impunity (0)

Anonymous Coward | about 2 years ago | (#42002463)

You must be thinking of the Atari 2600.

There were no unlicensed games for the 7800 until very recently (2001 or so). That was because a 7800 cartridge needed a valid checksum key to boot into 7800 mode.

http://www.atariage.com/7800/archives/encryption.html?SystemID=7800 [atariage.com]

There was nothing Atari could do about 2600 games other than to make sure most of the third party cartridge cases did not fit the cartridge slot correctly.

Re:Walled gardening with impunity (1)

tepples (727027) | about 2 years ago | (#42003535)

10NES was worked around two ways. Tengen defrauded the Copyright Office to obtain a copy of the program and lost a lawsuit over this fraud. Other companies sent negative voltages on data pins to freeze the CIC in the console. Nintendo improved the input protection on the Super NES CIC to make it harder to defeat by reversing the polarity, and there was only one unlicensed game ever released during that platform's commercial era; it operated as a Lock-On game that passed the CIC signals through to a licensed Game Pak.

Obviously for internal security (1, Funny)

dtjohnson (102237) | about 2 years ago | (#42001077)

Lenovo limits your OS choice. Obviously there is a reason...and the likely one is that the OS choices they steer you towards are the ones that have the handy back doors installed for remote monitoring. Isn't that what you would do if you needed to monitor users?

Testing the water? (1)

SuricouRaven (1897204) | about 2 years ago | (#42001079)

Perhaps Lenovo wishes to find out how much of a consumer backlash they'll get when they bring in Secure Boot? If only a tiny fraction of users notice this OS-locker, then they can be reasonably sure that Secure Boot will be accepted with equal ease.

Re:Testing the water? (3, Interesting)

Alex Belits (437) | about 2 years ago | (#42001141)

Then all Linux distributions, plus EFF, should sue Lenovo, if for no other reason then just to show how much everyone cares. I would contribute to that if necessary.

Re:Testing the water? (2)

jonbryce (703250) | about 2 years ago | (#42001227)

How many of them will notice when it refuses the "Windows 9" boot string, or someone in their home country notices that it refuses a string with Chinese characters in it.

here, breath into this bag. (2)

markhahn (122033) | about 2 years ago | (#42001095)

if it must frob for strings, let's all just agree to put "grub" in there.

Re:here, breath into this bag. (0)

Anonymous Coward | about 2 years ago | (#42003063)

Well I still use LILO over grub

And don't forget about boot0

And so it starts..... (1)

segedunum (883035) | about 2 years ago | (#42001143)

Looking into it my arse. You have to write code to check this, and there is no good reason at all to check it.

fixing what isn't broken (4, Insightful)

bored (40072) | about 2 years ago | (#42001147)

UEFI is pretty much a case of fixing what isn't broken, yet with any software project its bound to have bugs in the first few iterations.

And, oh boy does it. name brand motherboards that brick when flashed, systems that don't power off correctly, systems that take minutes to post, the usual issues with incorrect ACPI table entries, the list goes on.

Basically, its replacing one fairly stable code base, that the motherboard vendors often got wrong, with a completely new untested one that is 10x as complicated. You do the math.

Linus had another rant about it recently called "The abomination called EFI".

BTW: Gigabyte has a number of traditional motherboards that can boot GPT partitions, effectively removing the _ONE_ useful new feature in EFI.

Re:fixing what isn't broken (2)

Microlith (54737) | about 2 years ago | (#42001957)

UEFI is pretty much a case of fixing what isn't broken

Only because they decided to create something entirely new instead of switching to OpenFirmware. The 16-bit limitations on the BIOS are ridiculous in this day and age and moving to a new interface that ditches the ridiculous constraints imposed by the 8086 more than 30 years ago is a good thing.

name brand motherboards that brick when flashed, systems that don't power off correctly, systems that take minutes to post, the usual issues with incorrect ACPI table entries

Link? My experience with UEFI on desktop boards is they post extremely quickly. And the usual issues with ACPI entries isn't exactly the fault of UEFI, now is it.

The funny thing is that both Dell and Lenovo use Phoenix Technologies for their UEFI BIOSes, but Dell's platforms have never had trouble booting any OS via UEFI. Which means that Lenovo went very far out of their way to pull this shit off, and they should be attacked vocally for it.

Re:fixing what isn't broken (0)

Anonymous Coward | about 2 years ago | (#42002299)

UEFI is replacing simplicity with complexity... with no good reason. It's putting an operating system (including UI, device drivers etc) into the fucking firmware. I'm shocked... shocked I tell you that there have been lots of problems.

Re:fixing what isn't broken (1)

0123456 (636235) | about 2 years ago | (#42002937)

To be fair, the traditional BIOS was pretty complex for its time, not to mention clunky today. UEFI wasn't a bad idea in principle, it just became one when they threw the kitchen sink in there.

Also there are probably far more people capable of writing a UEFI BIOS than a traditional all-assembler BIOS.

Re:fixing what isn't broken (1)

Microlith (54737) | about 2 years ago | (#42003331)

UEFI is replacing simplicity with complexity... with no good reason.

The legacy BIOS isn't exactly simple, it's just old and well known. It also has a lot of ancient cruft not found in PCs now and has to operate in a mode (16-bit real mode) that simply makes no sense for 64-bit processors and imposes a ton of restrictions that have no real business being maintained.

It's putting an operating system (including UI, device drivers etc) into the fucking firmware.

So you're saying that BIOSes never had GUIs or device drivers (here's a hint, they're called option roms?) This is not unprecedented, as I noted they could have gone OpenFirmware and had a much more tried-and-true solution.

I'm shocked... shocked I tell you that there have been lots of problems.

This isn't a problem. It's deliberate incompetence on Lenovo's behalf.

TPM is the worst (4, Interesting)

TubeSteak (669689) | about 2 years ago | (#42001221)

Because I'm lazy, I'll just copy and paste a comment I made in another thread about TPM

Ever since TPM was created, we're always just a few bits and bytes away from having it leveraged against us, by them.
And by "us" I mean "the computer users."
By "them" I mean "the hardware manufacturers and software/media companies."

Example: The newest motherboards don't *need* the ability to disable trusted boot. Heck, it'd have been easier to not include it!
We're more or less at the mercy of a small number of companies and their design decisions.

I recently found out, while looking at new laptops, that Lenovo & HP like to put whitelists of wireless cards into the BIOS.
Someone hacked the BIOS and other cards will work, but for whatever reason, Lenovo/HP doesn't want you to use a storebought card.

Re:TPM is the worst (-1)

geekoid (135745) | about 2 years ago | (#42001277)

... whatever reason, Lenovo/HP doesn't want you to use a storebought card.

Warranty and support. There isn't any real mystery there..unless you are a dimwit. Are you a dimwit?

Re:TPM is the worst (4, Insightful)

SecurityGuy (217807) | about 2 years ago | (#42001411)

It's not a mystery, but it is inappropriate. Drives me nuts when companies pull this. If I buy your PC, I expect it to work and support all the standards you claim it does. That includes attaching other hardware that adheres to the same standards. I appreciate that there's a dicey issue in there of determining who is at fault when something doesn't work, but that doesn't justify artificially forcing a bunch of hardware not to work. When you do that, YOU are the problem by definition, as you are the party causing it not to work.

Re:TPM is the worst (1)

Rich0 (548339) | about 2 years ago | (#42001739)

Yup, it is like having a car with a proprietary cigarette light adapter plug because the vendor is concerned that you'll short it out with a bad device.

Or like having phones hard-wired into the system by the telephone company (used to be standard practice). I hear there are still people paying a few bucks a month to rent a battleship phone from the 50s.

If my VGA card fries the motherboard feel free to not honor the warranty, but you can't pull that excuse when the damage is not attributable to something you attached.

Warranty laws are too heavily abused. If anything if the vendors can't agree on who is at fault then they should all have to write a check and then fight it out in court or arbitration among themselves. The whole system where the consumer is left to rot while everybody points fingers doesn't work.

Re:TPM is the worst (1)

Half-pint HAL (718102) | about 2 years ago | (#42002023)

Nope, it's like having a normal, standard cigarette lighter sockey; and having a camera that checks what normal, standard cigarette lighter you insert; and not warning you and just doing nothing when you plug in a normal, standard cigarette lighter that they didn't happen to have in the workshop the day they tested multiple normal, standard cigarette lighters...

Re:TPM is the worst (1)

tlhIngan (30335) | about 2 years ago | (#42002805)

Example: The newest motherboards don't *need* the ability to disable trusted boot. Heck, it'd have been easier to not include it!
We're more or less at the mercy of a small number of companies and their design decisions.

Actually, Microsoft requires it for x86 - the option to disable trusted boot MUST be present in order to pass Windows 8 logo certification. So it's not some "feel good" company providing it, it's required. Plus well, if you want to boot Windows 7, you can't use trusted boot - you have to use legacy boot.

Yup, it is like having a car with a proprietary cigarette light adapter plug because the vendor is concerned that you'll short it out with a bad device.

Actually, if you look around, you'll find a lot of places are closing down sales of car audio stuff - because newer cars with radios built into the navigation systems often don't have a standard DIN slot for an aftermarket radio, or even an option to install an aftermarket radio without pulling a lot of lines and rewiring.

Plus the whole system is so integrated that for some, it's a nasty hack to be able to install an aftermarket unit. Hell, it's often times EASIER to just install a mount for say, an iPad and use that (using the built-in system's auxiliary in).

But they don't advertise those standards... (1)

Anonymous Coward | about 2 years ago | (#42001897)

They don't advertise miniPCI slots as available on the system. They advertise 802.11 B/G/N and Bluetooth 3.0 + EDR and or/WiDi support.
They simply have included wireless functionality that happens to use miniPCI slots rather than being soldered to the main board.
The fact that you can pull the system apart, and insert a different card in there isn't an advertised end user feature, and they clearly don't support it on their low end hardware to keep support costs (and thus unit costs) down.
They only use a miniPCI Card in there so that they can offer different models with the same mainbaord and different capabilities, and so that they can swap out a bad card if they get a machine in for repair. It's not an advertised end user feature.

Re:But they don't advertise those standards... (2, Interesting)

Hatta (162192) | about 2 years ago | (#42002353)

They don't advertise miniPCI slots as available on the system.

That doesn't make deliberately crippling the slots in order to sell more proprietary hardware any better. I don't care if they advertise it or not. It is a mini-PCI slot and they are deliberately breaking it. They're assholes.

Re:But they don't advertise those standards... (1)

ae1294 (1547521) | about 2 years ago | (#42002837)

They don't advertise miniPCI slots as available on the system. They advertise 802.11 B/G/N and Bluetooth 3.0 + EDR and or/WiDi support.
They simply have included wireless functionality that happens to use miniPCI slots rather than being soldered to the main board.
The fact that you can pull the system apart, and insert a different card in there isn't an advertised end user feature, and they clearly don't support it on their low end hardware to keep support costs (and thus unit costs) down.
They only use a miniPCI Card in there so that they can offer different models with the same mainbaord and different capabilities, and so that they can swap out a bad card if they get a machine in for repair. It's not an advertised end user feature.

It has nothing to do with support costs. It has to do with selling replacement parts at a huge markup....

Re:TPM is the worst (3, Insightful)

CanHasDIY (1672858) | about 2 years ago | (#42001465)

... whatever reason, Lenovo/HP doesn't want you to use a storebought card.

Warranty and support. There isn't any real mystery there..unless you are a dimwit. Are you a dimwit?

YEA! Like how GM and Ford have locked-out the ability to replace the factory-approved air filter with a K&N, because they don't want to "warranty and support" the aftermarket parts!







Stupid prick.

Re:TPM is the worst (1)

bws111 (1216812) | about 2 years ago | (#42002543)

Those are hardly the same. Replacement air filters pose zero liability to GM and Ford.

If you have a problem with your car, you are going to take it somewhere to get fixed. If the car is under warranty and the problem is NOT with your replacement filter, you pay nothing and the manufacturer pays the cost of repairs. If the problem turns out to be your replacement filter YOU must pay the cost of diagnosing and repairing that problem (and are not getting your car back until you do), and the manufacturer hos zero cost because of that problem.

On the other hand, if you buy a cheap computer (which these are) and replace a component and subsequently have a problem, you are going to call their support center (a direct cost to them). If the support center thinks it may be a warranty problem, they will pay for you to ship the computer for repair (another cost for them). Now they must diagnose the problem (more cost to them). If it turns out to be your replacement part that was the problem, now what? They could require you to pay for the original shipping cost, the original phone call, the cost of diagnostics, and the return shipping cost before they ship your PC back, but how many people are going to do that (remember, this was a cheap computer to start with)? Now they are stuck with a broken computer, in a configuration they don't support, that they can spend still more money on to get it back into a supported, working configuration, in hopes that MAYBE they can recoup their loses by selling it as a refurb.

Your replacement air filter results in no financial impact to Ford. Your replacement network card can easily eat up the entire profit of the box (and them some).

Bottom line: if you buy cheap, expect that ALL available measures have been taken to remove cost from that product. That includes support costs, and includes using any and all measures to keep those support costs to a minimum.

Re:TPM is the worst (1)

CanHasDIY (1672858) | about 2 years ago | (#42003117)

Those are hardly the same. Replacement air filters pose zero liability to GM and Ford.

If you have a problem with your car, you are going to take it somewhere to get fixed. If the car is under warranty and the problem is NOT with your replacement filter, you pay nothing and the manufacturer pays the cost of repairs. If the problem turns out to be your replacement filter YOU must pay the cost of diagnosing and repairing that problem (and are not getting your car back until you do), and the manufacturer hos zero cost because of that problem.

This makes it different how? If it's not a warrantied part, you get charged for the replacement. That's a pretty standard term for all warrantied items.

On the other hand, if you buy a cheap computer (which these are) and replace a component and subsequently have a problem, you are going to call their support center (a direct cost to them). If the support center thinks it may be a warranty problem, they will pay for you to ship the computer for repair (another cost for them). Now they must diagnose the problem (more cost to them). If it turns out to be your replacement part that was the problem, now what? They could require you to pay for the original shipping cost, the original phone call, the cost of diagnostics, and the return shipping cost before they ship your PC back, but how many people are going to do that (remember, this was a cheap computer to start with)? Now they are stuck with a broken computer, in a configuration they don't support, that they can spend still more money on to get it back into a supported, working configuration, in hopes that MAYBE they can recoup their loses by selling it as a refurb.

I see, so basically, your position is, "it's different because call center employees are dumb."

Yea, that dog don't hunt, monseigneur.

Just like with auto warranties, it doesn't take a legal expert to realize that a clause stating "any costs associated with repairs or damage resulting from the use of unapproved aftermarket parts will be charged to the customer" in the warranty would immediately solve the non-issue you've blown totally out of proportion. In fact, were I a betting man I'd wager that such a clause already exists, thus completely negating your entire premise.

The idea that a manufacturer damaging a customer's ability to modify their own property as they see fit could be construed as acceptable behavior is counter-productive to well-established consumer rights, as well as being downright idiotic nonsense.

Bottom line: if you buy cheap, expect that ALL available measures have been taken to remove cost from that product.

Nobody ever said anything about the HP/Lenovo laptops in question being "cheap." You've ascribed that attribute of your own volition, and it is non sequitur to the topic at hand.

Please don't move goalposts.

Re:TPM is the worst (0)

Anonymous Coward | about 2 years ago | (#42003167)

If you've pooched the product because you've used it out of spec (low quality air filter, PC), you should have the choice to walk away from it, or pay to fix it. I think the issue here is the lack of disclosure of the limitation to the consumer (possible fraud), more than the actual limitation itself

If the toy requires NiMh batteries and you use Lithium and the toy breaks do we complain that the toy was crap? no. Is it covered? no. The big difference here is that the toy has it written in the manual that it needs only NiMh batteries.

Re:TPM is the worst (1)

bws111 (1216812) | about 2 years ago | (#42003549)

Why would have have to disclose that? They never claimed that there was a usable port in there, or that the wireless card was user-replaceable, only that the laptop supported 802.11b/g/n. And it does indeed support as sold, just as they claimed. The consumer got exactly what they paid for. The fact that a particular consumer wants something OTHER than what he paid for does not constitute any kind of fraud on the manufacturers part.

Re:TPM is the worst (3, Informative)

Minwee (522556) | about 2 years ago | (#42003323)

Like how GM and Ford have locked-out the ability to replace the factory-approved air filter with a K&N, because they don't want to "warranty and support" the aftermarket parts!

*cough* And we know they never tried anything like that because if they had, then there would be something like a Magnuson-Moss Warranty Act [wikipedia.org] , which would clearly state that companies like GM and Ford could not prevent customers from using aftermarket parts [cornell.edu] .

Stupid prick.

There's no need to sign your post at the end. We can all see who you are by looking at the header.

RHEL (2)

Andrewkov (140579) | about 2 years ago | (#42001289)

As despicable as this is, on the other hand, it sort of implies that RHEL is certified to work with this machine.

Re:RHEL (0)

Anonymous Coward | about 2 years ago | (#42001539)

RHEL/Fedora are also used by MS and Oracle.

Re:RHEL (0)

Anonymous Coward | about 2 years ago | (#42003151)

I suspect this happened when someone at DoD/USG tested the laptop, they test for RHEL compatibility now.

You and your free operating systems (0)

Jawnn (445279) | about 2 years ago | (#42001297)

Y'all are just a bunch of socialists. OooOOOoo! It's so cool to "share" Well that gravy train is pulling into the station, once and for all, comrade. RedHat may not be a good capitalist company like Microsoft, but at least they make you pay for their operating system. Yes sir, by gawd. It's great to see that some true-blue Amurican hardware companies are doing their patriotic duty to save American jobs in Redmond and... where is that they write that Linux thing again? Oh..., wait.

Cany buy one of those (0)

Anonymous Coward | about 2 years ago | (#42001995)

Gone full retard.

Note that this isn't a SecureBoot issue. Lenovo... (0)

Anonymous Coward | about 2 years ago | (#42002701)

Why, yes it is a SecureBoot issue.

CAPTCHA = misspell

Not just Lenovo (1)

SeattleGameboy (641456) | about 2 years ago | (#42002743)

Hell, I just bought a new VAIO laptop and upgraded from Windows 8 to Windows 8 Pro and I couldn't get it to boot in UEFI mode!!! Thank goodness for the Legacy mode or I would have been SOL.

Obviously needs to use a sophisticated system (3, Funny)

kallisti (20737) | about 2 years ago | (#42002971)

As seen here,
http://www.csis.pace.edu/~bergin/patterns/ppoop.html [pace.edu]

This whole issue could have been avoided if the developers didn't use the "Hacker Solution", but instead... well, read the paper.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?