Following the unveiling of Windows 8, Microsoft faced criticism (particularly from free software supporters) for mandating that devices receiving its optional certification for Windows 8 have secure boot enabled by default using a key provided by Microsoft. Concerns were raised that secure boot could prevent or hinder the use of alternate operating systems such as Linux. In a post discussing secure boot on the Building Windows 8 blog, Microsoft developer Tony Mangefeste indicated that vendors would provide means to customize secure boot, stating that "At the end of the day, the customer is in control of their PC. Microsoft's philosophy is to provide customers with the best experience first, and allow them to make decisions themselves." Microsoft's certification guidelines for Windows 8 ultimately revealed that vendors would be required to provide means for users to re-configure or disable secure boot in their device's UEFI firmware. It also revealed that ARM devices (Windows RT) would be required to have secure boot permanently enabled, with no way for users to disable it. However, Tom Warren of The Verge noted that other vendors have implemented similar hardware restrictions on their own ARM-based tablet and smartphone products (including those running Microsoft's own Windows Phone platform), but still argued that Microsoft should "keep a consistent approach across ARM and x86, though, not least because of the number of users who'd love to run Android alongside Windows 8 on their future tablets." No mandate is made regarding the installation of third-party certificates that would enable running alternative programs.

Who is Tony Mangefeste?