Linux Security Windows

Will Linux No Longer Work on Future Windows 10 Hardware?

Justin Pot 28-05-2015

It might be impossible to install your favorite Linux distro The Best Linux Operating Distros The best Linux distros are hard to find. Unless you read our list of the best Linux operating systems for gaming, Raspberry Pi, and more. Read More on upcoming Windows 10 laptops…because of a sticker.


Specifically, the “Designed for Windows 10” sticker. It turns out Microsoft doesn’t send those out to just anyone: they need to be earned. And much like your 3rd grade teacher, Microsoft has a list of rules and regulations governing who does and doesn’t get stickers.

It’s these rules that might make certain Linux distros impossible to install on upcoming computers. Specifically, it’s the wording surrounding something called Secure Boot.

Confused? Infuriated? Let’s sort this out.

What Is UEFI, and Secure Boot?

Longtime computer users are no doubt familiar with the BIOS, but that technology has been outdated for years. In its place, modern systems use something called the United Extensible Firmware Interface (UEFI). We’ve explained what UEFI is What Is UEFI And How Does It Keep You More Secure? If you've booted your PC recently you might have noticed the acronym "UEFI" instead of BIOS. But what is UEFI? Read More , but to summarize it’s a firmware on your motherboard that allows your operating system to talk to your hardware. From the user’s perspective it’s generally much prettier than a traditional BIOS, and includes a lot more features.



When you turn your computer on, it’s the UEFI that decides which operating system to boot. One feature of UEFI, called Secure Boot, only allows operating systems signed with a digital signature. Windows 10, naturally, has a valid signature. So do some Linux distros – including Ubuntu, Fedora, and OpenSUSE.

But a number of major Linux distros don’t have a signature. Linux Mint 17, a really great Linux distro Is Linux Mint 17 "Qiana" The Ubuntu Killer? The latest version of Linux Mint, the 17th release codenamed "Qiana", is out! It's a great alternative for people leaving Windows as well as those who just don't quite like Ubuntu. Read More includes the following instructions in its release notes:

If your system is using secureBoot, turn it off.

The problem: turning Secure Boot off might not be possible on upcoming computers.

Why Are Linux Users Upset About This?

Secure boot isn’t new: Windows 8 supported it Windows 8 Is The Most Secure Version Yet: Here’s Why Read More , and Linux users might recall some controversy. For Windows 8, Microsoft required Secure Boot be enabled if computer makers wanted the coveted sticker.


Open source advocates revolted, and in part because of this backlash Microsoft added a new rule: the user must be permitted to turn secure boot off. This made it annoying to install unsupported operating systems – the user needed to enter the UEFI and turn Secure Boot off before starting – but it was still possible.


That might change. In March Ars Technica reported that Microsoft is telling PC manufacturers they can remove the option to disable secure boot.

It’s worth noting that Microsoft isn’t requiring companies like Lenovo and HP to block out distros like Linux Mint. But as Ars Technica’s Peter Bright explains, the change makes it possible:


Should this stand, we can envisage OEMs building machines that will offer no easy way to boot self-built operating systems, or indeed, any operating system that doesn’t have appropriate digital signatures.

This could leave users of distros like Linux Mint – which currently don’t offer signatures or a workaround – locked out of such systems.

The End of Desktop Linux? Probably Not.

Don’t believe any doomsayers out there: this alone won’t kill off desktop Linux. The user base is loyal, and the developers are clever at finding workarounds. Additionally, it’s unlikely every OEM out there will decide to block other operating systems entirely: even if developers don’t find a workaround, you’ll likely be able to find a device on which Secure Boot is optional.

Having said that, Secure Boot being enabled by default, and impossible to turn off, will be yet another barrier to new users hoping to try out Linux. I’m personally concerned about what this means for my favorite live CDs (or USB keys), which are a common way for new users to try out Linux distros. These are generally run by small teams, unlikely to buy keys. Will they become next to impossible to use on some laptops?



If so this could limit Windows users in all sorts of ways, because live CDs can be very useful The 50 Cool Uses for Live CDs Live CDs are perhaps the most useful tool in any geek's toolkit. This live CD how-to guide outlines many uses live CDs or DVDs can offer, from data recovery to enhancing privacy. Read More even if you don’t intend to install Linux. You can, for example, kill Windows viruses with an Ubuntu live CD Kill Windows Viruses With an Ubuntu Live CD Today's anti-virus solutions are pretty reliable, protecting you from most of the common threats out there in the world. With safe browsing habits, there's a rare chance that you'd ever get infected with malware. However,... Read More , or manage your partitions using PartedMagic Parted Magic: A Complete Hard Drive Toolbox On One Live CD Take control of your hard drives. Whether you want to edit your partitions, clone an entire drive, check SMART data or otherwise manage the way your computer's data is organized, Parted Magic is the tool... Read More – but not if those distros refuse to boot.

In the short term, if you like using live CDs or a Linux distro that cannot handle Secure Boot, you need to read up on a given computer before buying it and ensure it’s possible to turn Secure Boot off. In the long term, workarounds might emerge, but we don’t know what those will look like yet.

I want to know what you think: should Linux users be worried bout Secure Boot? Or is this all a lot of hype over nothing? Let’s discuss the whole thing in the comments below.

Related topics: BIOS, Computer Security, Linux, Linux Mint.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Vic
    November 30, 2016 at 12:13 pm

    The users have 2 problems with Linux on desktop: modern hardware support (GPU, latest CPU perfomance, WiFi) and lack of needed software (GIMP != Photoshop, KiCAD != OrCAD, etc).

  2. Elvis
    September 21, 2016 at 5:18 pm

    Day by day I hate Microsoft a bit more. For me this is a big problem, it's clear that Microsoft is trying to take Linux off of the game and is getting

  3. jon pol
    April 28, 2016 at 1:31 am

    1) If I knew this a year ago when buying Lenovo with W10, I would not buy it.

    2) People who use Win exclusively and no interest for anything else are OK with
    this problem. They don't have it. Still supporting us who want the freedom of changing or dual booting, will never hurt them nor almighty MS. And one never knows why this option may be useful someday to them too.

    3) If dell will continue making machines based on uBuntu, then the problem is not so serious.
    And possibly some other makers, like Lenovo, may join uBuntu (Lx) band.

    • Vic
      November 30, 2016 at 12:21 pm

      I'm sorry, what is the issue with W10? or W8.1, or other W??? In generally, Linux is very good for servers, Internet surfing and embedded. But for over 9000 engineering tasks it is unsuitable. For 3D modeling it is unsuitable (I don't talk about gaming). For video processing it is unsuitable, etc, etc, etc.

      "People who use Win" work in different areas of science and technology where it is impossible to use Linux.

      • Sudarshan
        September 9, 2017 at 1:26 am

        Because Windows is not open sourced..

  4. Anonymous
    July 1, 2015 at 6:03 am

    As if 8.1 isn't a big pain in the ass already i'm actually typing this on my second dual boot computer running and in linux now, i'm pretty excited to be using it though It's a little harder to use at first.
    if you don't disable secure boot and fast boot it gets caught in a boot loop

  5. Anonymous
    June 29, 2015 at 12:15 pm

    I could be wrong but I belive that most Linux users, like me, bought a standard pc (not the most powerful in the world). If this is true then you can simply upgrade it.
    In my case I would turn off the onboard stuff and put in a sound card, video card, NIC and replace my 2Gb RAM with the system maximum amount, 32Gb.
    doing this will ensure my pc runs Linux for the next 10 years.
    By then if there is still a problem then I doubt Linux will still be going strong.
    By the way I have a small home network, 3 Linux machines and a windows laptop which spends most of its time in the cupboard.

  6. Anonymous
    June 29, 2015 at 12:12 am

    It is really sad to see newbies getting frustrated with this and just giving up on Linux distros, I also see this as the major potential threat for Linux future.

    I’m really sorry to hear that the Internet community are having these problems, but I truly believe that Linux development groups, and individual coders, will emerge with an even better solution to this offensive aimed at Linux enthusiasts.

    I have much less issues running Linux (you could say 100 to 1). Never had a virus issue. Never got in a situation (like a win-BSOD) which I had to reformat my Linux desktop. Usually I can recover from 99.9% of the few problems I encounter in less than five "googles" away.

    And must also agree that OEM’s will close a large global market if they align with M$ in their oppression policy.

  7. Anonymous
    June 25, 2015 at 8:10 pm

    Here's what will happen if SecureBoot becomes impossible to turn off: it'll cease to be an issue.


    The fringes of the Linux community have hacked Linux onto everything from locked-down game consoles to programmable coffee makers. If you tell that particular fringe that it's impossible to run Linux on something with a processor and RAM they'll find a way. And that's just the fringe. Imagine if the issue became vital for the survival of desktop Linux and therefore became a major focus for the Linux community. We'd have a way to turn off SecureBoot within a month.

    And then, of course, the malware community would pick it up and run with it, just like the game pirates have every time a game console gets cracked to run Linux. In the end SecureBoot would become utterly pointless, all because they tried to block Linux.

  8. Anonymous
    June 24, 2015 at 10:05 am

    Sounds like more manoeuvres by M$ to monopolise the the market, control it, and, if we let them, control us with it - which is their ultimate aim.

    I guess there will be workarounds, and the first to realise them will be well financed Russian and Chinese organisations, sanctioned, or not, by their respective governments.

  9. Anonymous
    June 15, 2015 at 2:36 pm

    I think the required secure license is more than likely a feature designed for businesses with end-users. It's not meant to prevent Linux installations. Businesses want to make sure the devices they give employees are completely secure.

    Hyper-V is a decent virtual machine tool provided with Windows by Microsoft. Someone could easily install Linux in a virtual machone and Mocrosoft supports it. A VM is a great p'ace for a newb to experiment.

  10. Anonymous
    June 15, 2015 at 7:53 am

    I for one, will never give up on Linux Dev's to make it easy for us newbies. I am a bigger fan of Linux than I am of Microsoft any way.

    As a techie, this Secure Boot also makes it hard for us to even manage third party offline backup applications.

    I have less issues running Linux.

    And I agree, OEM's will close up a large open world if they conform to MS only.

    Here's to all the hardworking Communities and other Independent Distros fighting the good fight.

    • Justin Pot
      June 15, 2015 at 2:41 pm

      I hope you're right, and that things keep working.

  11. Anonymous
    June 8, 2015 at 12:52 am

    I have even had problems running any form of Linux on my Windows 8 machine! I even read all these tutorial and would go through the installation only to find out that it won't boot. I even went back and tried to reinstall GRUB and it still didn't work. I just gave up.

    • Justin Pot
      June 8, 2015 at 2:36 pm

      Yeah, people getting frustrated with this and just giving up on Linux is, to me, the biggest potential problem here. I'm really sorry you've had these difficulties, but I hope you'll give Linux another chance.

  12. Justin Pot
    June 2, 2015 at 7:39 pm

    There's always a workaround! I'm more concerned about the next generation of would-be Linux users, who find out they can't try out the operating system on their current device. Someone who might become a long time Linux user will never try out the system to begin with. It's a potential problem, anyway.

  13. PrattleOn Boyo
    May 30, 2015 at 5:27 pm

    Given the tenor of your post, I have to ask why you even bother to read any subject matter involving Linux since it is obvious you have nothing but contempt for the OS. Clearly, you are an embittered Windows user dabbling in open source OS alternatives but I' confused as to why.

  14. PrattleOn Boyo
    May 30, 2015 at 5:16 pm

    Since there are plenty of older hardware (Pre UEFI) laptops/desktops in the market, I don't see see Secure Boot posing much of a problem for Linux users. It's no secret that MS continues to heavily borrow from Linux features all the while continuing to lock down the hardware to appease the likes of the MAFIAA and other industry cretins that don't approve of consumer ability to customize/build their systems and otherwise install the OS/sw of their own choosing. Locking out Linux users by removing the ability to disable Secure Boot is a surefire way for OEMs to shoot themselves in the foot.

  15. Blue Dragon (Onaj tamo)
    May 30, 2015 at 4:40 pm

    Of course it is a problem,because it will present another barrier for newbies to enter the Linux world.

  16. Frank Schmeisser
    May 29, 2015 at 7:18 pm

    I've been using various Linux distros almost exclusively since 2006. My last Windows was XP, and good riddance!. I rework used machines from the pre-Win8 era and make them fly. M$ is grasping for straws as they missed the internet, then missed mobile computing, and is a minor player in the server market. Once again, M$ is trying to assert its monopoly by pulling us back to the dark ages.

  17. 45f25ff0
    May 29, 2015 at 2:58 pm

    Because, simply put, Linux still sucks pretty badly. It's fine only for casual use, but anything professional is out of question: why should a company invest everything on something so useless? I've been using Linux for 13 years, and I never thought once I could permanently switch to it at work

    • Kosta Kolundzija
      May 30, 2015 at 2:06 am

      Finally, a resonable comment from somebody who has been using Linux for such a long time.

    • Blue Dragon (Onaj tamo)
      May 30, 2015 at 4:37 pm

      Because everyone who uses computers professionally is a graphic/cad designer. There aren't hundreds of thousands programmers,web developers and system administrators out there.

    • Justin Pot
      June 2, 2015 at 7:37 pm

      You've got a point, Blue Dragon: there are some professions for which Linux works. But you also need to concede that lots of people are choosing not to use it, and that there's a reason for that. I love Linux, but there's all kinds of reasons someone might opt for another system.

  18. Min Soe Han
    May 29, 2015 at 7:09 am

    I am not worried. I believe in Linux developers and community. Let say HP decided to choose Secure Boot enabled by default with no option to disable it, then I will go for Acer, Asus, Lenove, etc or other, may be Chromebooks. Even if all of OEMs decided to obey what Miscrosoft wants, I am going to get a powerful android device and wait for the day Linux developers find workaround. OS revolution should be introduced in small and medium businesses' Office Rooms for cutting budget, getting rid of virus, solid stability, modernize, bleeding edge and customization for whatever they need. I want to say users who know only about Windows that "just learn new and enjoy it. helpful forums are ready to help you if you have problem with it".

  19. Marcel Delorme
    May 29, 2015 at 4:53 am

    If this only applies to OEM equipment, couldn't a person build their own box and install what they want? With laptops it might not be as simple, but I think you can still buy one with no OS. I thought MS was on the right track announcing 10 as the last OS and offering long term updates. Now, I wonder if it is to restrict our options. I dual boot because I need MS for work/school, but use Mint for my personal preference.

    • Blue Dragon (Onaj tamo)
      May 30, 2015 at 4:39 pm

      You are implying that no motherboard developer will close off even motherboards that are not part of an OEM setup.

  20. John Oh
    May 29, 2015 at 2:58 am

    I doubt, whether any manufacturers which are facing multi million dollar losses over the last few years, will accept that their machines should be limited... It could be the nail in the coffin for the likes of HP IBM etc. There are many manufacturers who would loose customers if they did that. Linux users are perhaps just ten percent of their base, but its that lost income that could cause that!....

  21. James Van Damme
    May 29, 2015 at 12:30 am

    I presume if any OEM tried to pull this, adverse public opinion would really hit the fan. As for me, if someday in the far future an ex-Windows 7 machine doesn't fit my needs, there will be a chromebook that I can install Linux on. Or Linux-only laptops like System 76.

  22. Clive Richards
    May 28, 2015 at 11:02 pm

    I don't fully understand - in the article it states that smaller distros would not have the funds to get a digital signature but in one of the replies it says that it is up to the OEM's to decide. If secure boot is intended for the safety of computer users then creators of operating systems should surely be able to get a digital signature without charge? It is a similar situation with the numerous false positives thrown up by anti virus and firewall programmes. Shouldn't there be an international safety standard that all software has to meet. The AV companies should collectively provide free certification as well. Without this people will not be able to afford to develop free software and operating systems safely

  23. Jeff Kelly
    May 28, 2015 at 11:00 pm

    Why cant a computer company put out a line of machines for Linux. All we need is the hardware and we can install what ever distro we want. They need to make entry as well as higher end machines and then people can make the choice to live under the bondage of Microsoft or explore a whole new world .

  24. Gregory Coe
    May 28, 2015 at 10:58 pm

    If and when I'm ready to update to a newer computer ( laptop ) that is running windows 8 or 10 and I can't dual boot or even install over those two, I would just purchase a new or used hard drive for the unit and then install my Linux / Ubuntu distro of choice. That is assuming the newer laptop unit with the newer hardware would even allow booting from DVD or Flashdrive with a different hard drive in it. If not then I would just buy the newest unit I could get that would allow booting from DVD and Flashdrive and live with it. PS my distro of choice is Zorin 9 core and I have been using it ( Zorin ) for over five years and would never go back to windows, but I have and will purchase laptops that will boot up what I want to use, or I will not update my laptops at all. The only reason I would ever have to buy a unit with Windows on it, is to install Zorin over the Windows or along side it, not being able to do that, well, then no reason to ever pick up a unit like that again. Ever.

  25. Scott Hunt
    May 28, 2015 at 10:29 pm

    is it possible to just install linux on another computer and take the hdd out and put in the new one as linux can work like that. then if not then manufacturers will suffer as there are a lot off Linux users than the manufacturers think there is as it's free easy to get hold off. versatile and when you tell it to do a task it will not moan about it and slow down. also manufacturers suffer as not a lot off people will buy laptops or computers .it's like there trying to get people to use tablets as there cheaper to make and store. as there try to DRM technologies theses's bugging as Linux users do sometime use windows so it not like there losing money over it. i am a Linux mint and windows user.

  26. Raymond Tu
    May 28, 2015 at 10:11 pm

    Is it just me or is anyone else wondering why are there bird photos in the article?

    • Michael O'Shaughnessy
      May 29, 2015 at 12:29 am

      I believe the pictures are of penguins, the bird associated with Linux.

  27. colonelangus
    May 28, 2015 at 9:22 pm

    Just to throw the information out there, it is possible to buy new computers with Linux preloaded on them, and indeed built specifically to run Linux. No need to worry about what the OEMs decide to do about Secure Boot.

  28. Robert Finley
    May 28, 2015 at 7:55 pm

    This doesn't block Ubuntu, the largest desktop Linux, so it is not intended to crush Linux. The first question that pops into my mind is "who does this help?". What does it crush? I don't know everything, but I know it crushes Tails ( Remember the Edward Snowden debacle? It is very realistic that this is actually designed to kill civilian ability to use liveUSB distros that the state sponsored level hackers use for total anonymity.

  29. Meena Bassem
    May 28, 2015 at 7:08 pm

    well, if i have to enable secure boot to use windows 10 (and give up linux, Hiren's boot cd, and all other live usb tools, the F**** windows 10.

    • Justin Pot
      May 28, 2015 at 7:24 pm

      This is more about specific hardware companies possibly making it impossible to boot anything that's not improved. Microsoft's role is only that they're not stopping them from doing this – this isn't part of Windows 10.

  30. Read and Share
    May 28, 2015 at 6:45 pm

    Gee, why is this such a big concern... if Linux enthusiasts keep waxing about how great and versatile Linux is? Seems a lot of folks like to brag about how they switched to Linux and 'never looked back'... but then they fret big time when they might not be able to dual boot with "Windoze" -- to use their term? Of course, it's not all the fault of the OS -- simple math seems to work against Linux desktop enthusiasts. When -- after 20+ friggin' years of desperately trying to give the darn thing away for free -- they've only managed to garner <2% of the world's desktops... there will always be gaping holes in terms of apps. Hence the perennial cry for Windows dual boot... For decades now, countless tech web sources have devoted amazingly disproportionate pages and resources to publicize Linux. But the world (98%+ -- myself included) -- just isn't interested -- or isn't interested enough to convert! I've given Ubuntu and Mint a couple of tries and always come away underwhelmed and unimpressed. Sorry. Maybe time to recognize the Linux desktop for what it is -- a tiny fringe that definitely has its place -- but a tiny, tiny fringe nevertheless? No, Linux won't end... but I am willing to bet almost anything it will never amount to anything more than what it is.

    • Read and Share
      May 28, 2015 at 6:54 pm

      Just want to emphasize that the focus of my post above is on the Linux desktop. I hope MS will be sufficiently accommodating -- but I also don't see why any private company should be made obligated to ensure that a measly 1 or 2% of users have the "right" to dual boot with another OS that just can't seem to stand on its own for the vast, vast majority of users??

  31. Captain Clueless
    May 28, 2015 at 6:17 pm

    Dumb question - how hard would it be for Linux Mint and other distros to get a digital signature? I presume its hard or they would have already done so already.

    • Harry Callahan
      May 28, 2015 at 6:23 pm

      For now, it costs $99. But Microsoft could change the rules at any time.

    • Justin Pot
      May 28, 2015 at 7:25 pm

      You can get a digital signature, the question is whether OEMs would add an exception for your signature or not. Ensuring that they do means having conversations with every company who plans to turn SecureBoot on.

  32. lsymrwuy
    May 28, 2015 at 4:44 pm

    Would you be able to install Windows 7 on Windows 10 hardware that requires secure boot?

    • Justin Pot
      May 28, 2015 at 7:25 pm

      Possibly, but even this might depend on choices made by the device manufacturer.

  33. 45f25ff0
    May 28, 2015 at 4:17 pm

    This is seriously never going to happen, unless MS wants to be taken to tribunal every other day

    • Justin Pot
      May 28, 2015 at 7:24 pm

      Microsoft isn't doing this, but they're also not stopping the OEMs from doing it. It's the OEMs who will face the tribunal, we'll see how it all ends up.