The pitfalls of Windows 8’s Secure Boot

Topic

New Reply

	LANGALIST PLUS The pitfalls of Windows 8’s Secure Boot
	By Fred Langa Win8’s Secure Boot enhances system security, but it can also interfere with booting non-Windows operating systems on your PC. Plus: SSDs and data security, running 32-bit software on 64-bit Windows, and ways to keep XP-era software running in a non-XP world.

---

The full text of this column is posted at windowssecrets.com/langalist-plus/the-pitfalls-of-windows-8s-secure-boot/ (paid content, opens in a new window/tab).

Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.[/td]

[/tr][/tbl]

Reply | Quote

Replies

Hi,

I recently had some severe PC issues with reliability, and purchased a new HP machine online. It came with windows 8 installed, which I wasn’t too keen on, but figured I could run a dual-boot system for a while and check out how 8 works before transferring all my operations onto it.

Less than 5 minutes after first booting up, the PC crashed in a big way, trashing the system partition as it died. I wasn’t *too* upset, and just figured I would install my win7 ultimate instead. A good plan, yes? Firstly, had to format the drive to install from my CD, only it wouldn’t install. It would go through the preliminary steps and then die… HP tech support refused to even try to assist me with this. I spent hours on the phone with Microsoft support, who couldn’t see why it wouldn’t work. The new machine was UEFI, but the install disk recognised that, and should have coped. I had an arranged call-back planned with their 2nd-tier support, but the call didn’t come. Days later, I found that they had a problem with the phone number the rep had copied down, so they sent me an email asking for clarification. My PC was in pieces, so how I was supposed to read the email, who knows? We don’t all have smart-phones!

Anyway, my next step was to transfer the hard drive from my old PC, figuring I could boot from that and work on. Nope. I got a message telling me that UEFI will not boot from a BIOS disk… So, basically, I had a PC with 2 hard disks, one UEFI and the other BIOS, and neither one of them could be made to boot.

At this point, and with no way of knowing why the tech support call had not arrived, I gave up and transferred everything back to my old PC.
I returned the new piece of junk to HP – and I will not be using their products again. Refusing to even listen to the problem I was having with a brand new PC of theirs has closed their doors to me.

I am now somewhat nervous of any new machine, with the distinct impression that UEFI and BIOS hardware will not even talk to each other.
An article on the pitfalls of moving between the two might will be helpful. It was certainly not the straight-forward process that today’s article suggested.

My original PC is still working, albeit erratically at times. Those problems started when I installed a new Seagate 2nd hard drive for data storage, only to have the original (identical) system drive crash less than 12 hours later! Hmmm…

Reply | Quote

Hi Fred,
I have the same issue as Denis but with our label software. My IT guy and I wanted to do as you suggested but we ran into a snag. The software we wanted to keep using requires a special license to run on a virtual drive. Of course that means more $$. I would advise anyone contemplating using a virtual drive to check with the software vendor to see if it will work as is or require upgrading or a special license.

I’ve been following you since the old Windows magazine days, your newsletter and now Windows Secrets. Thanks for all the great advice!

Sincerely,
Rich Hallman

Reply | Quote

all you’d need to do would be to change the UEFI Secure Boot settings to allow uncertified programs to boot at boot time. The Win 8 default on factory-installed systems is to tie down the UEFI so it can only boot Win 8. That’s how my ThinkPad Twist was configured. To get it to allow the likes of Symanted Desktop Encryption 10.3.1 to run, and also Acronis Tru Image Clone Disk to work I had to set the UEFI to allow Legacy Boot. To get the UEFI settings up on my thinkpad, I could either do a special restart from Win 8 or I could power down the hardware and restart it, pressing F12 before the Thinkpad startup logo transferred to Windoze 8. This process also allows me to boot off USB-stick operating systems like Linux if I want. However, YMMV, because different Mfrs might have tied down the UEFI so you can’t even change the secure boot setting there, but that’s the first place you should look anyway.
(p.s. you shouldn’t clone an encrypted drive. It can get messy and make recovery difficult if you invalidate the recovery token).

Reply | Quote