To the United States Department of Justice,
I would like to bring to your attention a matter of anticompetitive behaviour, which, in my honest opinion, will have a deep negative impact on the personal computer (PC) market.
== What are the names of companies, individuals, or organizations that are involved? ==
Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399
== How do you believe they have violated the federal antitrust laws? (For details on federal antitrust laws, see Antitrust Laws and You.) ==
Microsoft is using its market power in the PC operating system (OS) market to coerce computer hardware manufacturers to include a technology (SecureBoot) which, under its current form, will prevent consumers from installing and using the OS of their choice on their computers.
== Can you give examples of the conduct that you believe violates the antitrust laws? If so, please provide as much detail as possible. ==
Microsoft is including SecureBoot with its upcoming "Windows 8" OS, and is requiring that hardware manufacturers support this feature. SecureBoot requires that the computer's hardware initialization software (firmware) performs a cryptographic check of the OS before starting the OS. As part of SecureBoot, the OS loader (bootloader) must be signed with a cryptographic key, and the firmware checks this signature before loading the OS to ensure that it has not been modified by malicious software (malware).
Microsoft claims that SecureBoot is designed as a security feature against malware. However, as part of its requirements for SecureBoot, Microsoft only specifies that the bootloader must be verified against a Microsoft key. It does not specify any of the following: 1) The user being able to disable SecureBoot at his or her option 2) The user being able to specify his or her key and boot the OS of his or her choice As we have seen in the past, most manufacturers will adhere only to the minimum requirements set by Microsoft, and thus neither point (1) nor point (2) will be implemented in an overwhelming majority of firmware. This effectively prevents the user from using any other OS than Microsoft's Window 8, strengthening Microsoft's artificial monopoly in the OS market. Microsoft is well aware of the implications of not addressing points (1) and (2), but has remained silent on the issue.
== What is the product or service affected by this conduct? Where is the product manufactured or sold, or where is the service provided? ==
All future PC systems will be affected by this conduct.
== Who are the major competitors that sell the product or provide the service? ==
Apple sells its MacOS operating system with its macintosh line of computers. While Apple does not allow use of MacOS on non-Apple computers, it allows any OS to be installed and used on its line of computers. Since Apple computers are priced high, and are not as configurable as a regular PC, buying a Macintosh in order to be able to use the OS of their choice is not an option for the majority of users.
RedHat and Novell both sell their flavor of the GNU/Linux operating system. Their business relies on the user being able to install the OS of his or her choice, and they will be negatively impacted by Microsoft's conduct.
== What is your role in the situation in question? ==
I am a user of free and open source software (FOSS), including, but not limited to linux, GNU, KDE, apache, etc. I am also a software developer which has contributed to many of these projects (by improving their source code).
== Who is harmed by the alleged violations? How are they harmed? ==
All users of FOSS are harmed. By not being able to install the OS of their choice, they will be forced into using Microsoft's OS, or buying computers which implement points (1) or (2). Considering the proliferation of linux in the server and workstation segment, I do expect some manufacturers to implement either (1) or (2) in their server and/or workstation products; however, servers and workstations are significantly more expensive than regular PC systems. Thusly, FOSS users will be forced to either use Microsoft's OS, or spend a significantly higher amount of money on PC hardware in order to be able to use the OS and software of their choice.
I do believe that, if implemented ethically, SecureBoot has the potential to be a great technology, and a very effective way to defend against certain types of malware. However, in order for my previous statement to have any value, the user must be given the choice to use the OS of their choice on _any_ computer he or she chooses to buy. I very strongly believe that, the best way to ensure the users' freedom remains unaffected, is to have Microsoft modify its SecureBoot specification such that both the following are mandated by the specification: 1) The user, should he or she chose to do so, must be able to specify the cryptographic keys to use to use as part of the bootloader verification process (including having the option to blacklist any Microsoft keys installed at the factory). 2) The user, at his or her option, must be able to disable the cryptographic verification in his or her computer's firmware.
Sincerely, Alexandru Gagniuc