LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

October 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS October 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Red Hat engineer renews attack on Windows 8-certified secure boot
From:	Yasha Karant <[log in to unmask]>
Reply To:	Yasha Karant <[log in to unmask]>
Date:	Thu, 20 Oct 2011 13:58:53 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (139 lines)
Although a number of comments on and off the SL list have opined that 
any discussion of UEFI is off-limits to this list, below is a popular 
press article concerning a view from Red Hat (the beloved TUV of this 
list) that presumably is on-limits.  Again -- is there a workaround were 
efforts to prevent the MS version of UEFI fail?

Please note from the article below that UEFI as contrived may not only 
prevent Linux from booting, but also prevent field hardware upgrades. 
(Please see the section beginning: "Microsoft claims that the customer).

Please do not "flame" me, or try to start a socio-political discussion; 
the practical issue entirely is one of engineering and workarounds if 
this cannot be stopped (so that the end-user/system administrator can 
install new keys, not just MS keys, or disable keys for the use of 
older, pre-UEFI board-level hardware components).

http://www.theregister.co.uk/2011/09/26/uefi_linux_lock_out_row_latest/

Red Hat engineer renews attack on Windows 8-certified secure boot

Linux lock-out row rumbles on

By John Leyden

Posted in Developer, 26th September 2011 11:06 GMT

A senior Red Hat engineer has lashed back at Microsoft's attempt to 
downplay concerns that upcoming secure boot features will make it 
impossible to install Linux on Windows 8 certified systems.

Unified Extensible Firmware Interface (UEFI) specifications are designed 
to offer faster boot times and improved security over current BIOS ROM 
systems. The secure boot feature of the specification is designed so 
that only digitally signed OS loaders will load, a security feature that 
would prevent the installation of generic copies of Linux or FreeBSD as 
well as preventing rootkits and other boot-time malware from running.

A digitally signed build of Linux would work, but that would mean 
persuading OEMs to include the keys. Disabling the feature would allow 
unsigned code to run. However, it is unclear how many OEMs and firmware 
vendors will follow this route, which isn't required for Windows 8 
certification.

The forthcoming secure boot feature has created a huge row with computer 
scientists, such as Ross Anderson of Cambridge University (here), and 
open-source developers who accuse Microsoft of pushing lock-in and 
decreasing consumer choice. Microsoft responded by saying consumers 
would continue to control their PC and cited the example of one OEM, 
Samsung, which is including a "disable secure boot" feature on prototype 
versions of its tablet PC.

Power play

This response has failed to satisfy critics of the technology. Matthew 
Garrett, power management and mobile Linux developer at Red Hat, who was 
among the first to flag up concerns over the technology, said that 
Microsoft's response fails to address his central point that "Windows 8 
certified systems will make it either more difficult or impossible to 
install alternative operating systems".

Red Hat, he explains, has been working with Linux suppliers, hardware 
manufacturers and BIOS developers since becoming aware of the issue in 
early August.

Garrett said that Windows 8 certification requires that hardware ship 
with UEFI secure boot enabled. A feature allowing secure boot to be 
disabled – necessary to run Linux and FreeBSD on certified systems – is 
not required for certification. "We've already been informed by hardware 
vendors that some hardware will not have this option," Garrett writes in 
a flow-up blog post to his original critique of the technology.

In addition, Windows 8 certification does not require that the system 
ship with any keys other than Microsoft's. Such systems will only 
securely boot Microsoft operating systems.

A system that ships with Microsoft's signing keys and no others will be 
unable to perform secure boot of any operating system other than 
Microsoft's," Garrett writes. "No other vendor has the same position of 
power over the hardware vendors. Red Hat is unable to ensure that every 
OEM carries their signing key. Nor is Canonical. Nor is Nvidia, or AMD 
or any other PC component manufacturer."

Neither of the two options – the first being to get OEMs to include keys 
for a digitally signed copy of a particular build of Linux and the 
second being allowing users to disable secure boot – look likely in most 
circumstances. The upshot of this, as things stand, is that Linux fans 
will only be able to run the alternative operating system on a small 
minority of Windows 8-certified hardware.

Control

But the issue goes beyond operating system choices and also affects 
other modification a user might choose to make to their PC, Garrett 
argues. He reckons Microsoft is pushing control of what can or can't be 
done on a PC away from consumers towards hardware manufacturers.

"Microsoft claims that the customer is in control of their PC," he 
writes. "That's true, if by 'customer' they mean 'hardware 
manufacturer'. The end user is not guaranteed the ability to install 
extra signing keys in order to securely boot the operating system of 
their choice. The end user is not guaranteed the ability to disable this 
functionality. The end user is not guaranteed that their system will 
include the signing keys that would be required for them to swap their 
graphics card for one from another vendor, or replace their network card 
and still be able to netboot, or install a newer SATA controller and 
have it recognise their hard drive in the firmware. The end user is no 
longer in control of their PC."

Garrett isn't opposed to secure boot or UEFI as such but the way 
Microsoft is "misusing" the technology to "gain tighter control" over 
the desktop operating system market it already dominates.

"Microsoft's rebuttal is entirely factually accurate," Garrett writes. 
"But it's also misleading. The truth is that Microsoft's move removes 
control from the end user and places it in the hands of Microsoft and 
the hardware vendors. The truth is that it makes it more difficult to 
run anything other than Windows. The truth is that UEFI secure boot is a 
valuable and worthwhile feature that Microsoft are misusing to gain 
tighter control over the market. And the truth is that Microsoft haven't 
even attempted to argue otherwise," he concludes.

Boot(ing-up) Note

Red Hat has done some testing work with the UEFI Forum, an industry 
group that is overseeing the development and introduction of the 
next-generation start-up specification. However this testing work 
happened before the implications of the secure boot feature became 
clear, Garrett told El Reg.

We're contributing members of the UEFI forum, which means we have access 
to the specification drafts and contribute towards the language in 
them," Garrett told El Reg. "We also typically attend some of the UEFI 
testing events. While the UEFI specification for secure boot has been 
public for some time, Microsoft's plans for it only became known very 
recently. We're still at the point of working out how some of the fine 
details are going to work. So, yes, while we do some testing with the 
forum, the last testing event was from before Microsoft let us know they 
were going to do this."
ATOM RSS1 RSS2
LISTSERV.FNAL.GOV