Skip to main content

Windows 8 Bootloader and Secure Boot

Continuing our tour of showing you what Windows 8 has changed in the Microsoft world, today it is time for the new Boot Loader and for the Secure Boot features. Windows developers are clearly upgrading each element and this is one of those that will change how OEM's design products and how clients are going to use these devices.

In a few words, the Windows Boot Loader is the sequence that takes care of the whole startup process. Illustrated in the image below, the Boot Loader can be seen right after you push the power button and until the Windows Lock Screen appears. Until now, even in the Windows 7 era, this element was designed using the MSDOS look, where every message appeared like a command line and navigation could only be done using a classic keyboard.

Now, in Windows 8, Microsoft needed something more palpable; something that looks friendlier and can be reached from a safe environment using a touchscreen panel. So, Windows Boot Loader 8 was born:

In this version, the layout has been changed with something more...dashing, I believe the word is. Those who will install multiple operating systems on the computer will always be greeted by the above message, where you can pick which OS should be loaded or, mess with some settings.

Inside the settings panel you will find the possibility of changing what the default OS should be and how long will the computer wait until it loads the default choice, in case you are not around. Also, advanced recovery tools may be found here, that can help the user change some critical settings, start a command prompt using administrative rights and maybe in the future, even enter Safe Mode. In order to access any advanced features in this panel you will be asked to enter your login credentials, a bald move that just made Windows a more secure environment and Microsoft introduce the Secure Boot option.

What is Secure Boot? Well, besides the above explained sequence that stops anyone from erasing critical files right from the boot screen, Secure Boot defines a set of rules that the operating system must use before it's accepted into the boot sequence. The main criteria is to have a Digital Signature key, a feature that is not present in some existing products on the market, like the open source RedHat. When announced, this created quite a stir because once Windows 8 would be installed other platforms wouldn't be accepted, unless they had this verification process.

Seen as a ban against smaller competitors, Microsoft has resolved the situation by implementing the feature on Opt-in bases. Typically, the OEM will decide if this verification rule should be applied or not to a device and if Microsoft should have the power to control what the computer boots or, what it doesn't.

We leave you with a comprehensive video, which will surely clarify the situation for those still dazed: