

MS washes its hands of the UEFI/Linux mess - jfruh
http://www.itworld.com/it-managementstrategy/207277/microsoft-washes-its-hands-uefilinux-mess

======
16s
RMS made this prediction in 2003. Most people called him crazy and fringe at
the time, but he was 100% right. Here's a quote:

"Some versions of treacherous computing would require the operating system to
be specifically authorized by a particular company. Free operating systems
could not be installed."

Source URL: <http://www.gnu.org/philosophy/can-you-trust.html>

~~~
cooldeal
Apple proved him right long before this. But there was no outrage against
Apple, since they make shiny things that everyone likes. And people actually
liked the security that this gave them. The battle was lost then.

~~~
jimktrains2
I don't remember a time I couldn't put linux on an apple. Maybe I'm wrong or
forgetting something.

~~~
garrettl
iPhone, iPod Touch, iPad

~~~
daed
If those are the examples, can't we go further back and blame other cell phone
manufacturers? Or get mad that Nintendo didn't make it easy for us to put our
own OS on the NES?

------
Osiris
Wouldn't this entire situation be solved by simply including an option in the
UEFI firmware to disable secure boot by the user? That would allow a power
user that wants to install an alternate OS to disable the feature and install
anything they'd like.

I understand that this may affect dual-booting. In those cases, we already
know that Windows 8 will boot in non-secure scenarios (like on existing
computers, including those with UEFI firmware). So wouldn't it be possible to
simply turn off the feature and still be able to dual-boot Windows 8 and
another OS?

~~~
Permit
Wouldn't that completely undermine the benefits of UEFI? An attacker could
just enable BIOS and there'd be no benefit from UEFI at all.

~~~
Osiris
You are presuming physical access to the box in order to make the change in
the firmware. If they have physical access, secure boot is meaningless. Secure
Boot is to make it impossible for software to manipulate the boot process and
install malware.

------
ori_b
From the actual source:

<http://mjg59.livejournal.com/138973.html>

<http://mjg59.livejournal.com/139232.html>

<http://mjg59.livejournal.com/139356.html>

This article is overly hyping the situation.

~~~
ajross
The article is a little breathy, but it's a serious problem. If we don't get
some kind of industry consensus on this, we're looking at a future where those
of us who want to use a Linux desktop[1] are going to have to do it on
jailbroken hardware. While the enthusiast motherboard community might be OK
with some extra firmware settings and UIs, laptop vendors are simply never
going to install and test extra junk that someone doesn't force them to. This
is very scary.

[1] You can tell us apart by the fact that we're taking this issue seriously.
People who code on Macs and deploy to Linux servers (probably 70% of the user
base on news.yc) obviously won't see a personal impact.

~~~
ori_b
I agree that it should be fought. Running around panicking about how evil MS
is will just waste time.

Talking to hardware vendors to ask them what is needed to get Linux to run on
their systems is the most productive course of action at the moment, I
believe.

~~~
ajross
No offense, but Linux people have been trying to engage hardware vendors for
decades now. If the hardware happens to be a rack server or Android phone,
they tend to have decent success. If it's a laptop, the answer (if one comes
back) is generally "You want to run what now?"

No one cares. Margins are too thin to "engage the community" or any other such
nonsense. Does it run Windows? Ship it.

~~~
ori_b
No offense, but Linux people have been screaming at Microsoft for decades now.
It hasn't made a single difference. However, at this point, nearly all
hardware out there has some degree of Linux support, often with the help of
the vendor directly.

There are two choices that might accomplish anything: Work with the vendors
and try to work out a solution, or lawyer up.

------
Someone
"Microsoft will argue--in fact, has argued in a rebuttal on this matter on
Sept. 22--that this is a security matter for Microsoft Windows deployments,
and they are in no way influencing what the hardware vendors are doing with
their keys"

That "no way" is the big legal question. I can see this go both ways. If most
hardware manufacturers decide to only ship with MS keys, I think a judge could
rule that Microsoft still has too much market power to let a free market
optimize things for the good of the consumer. I do not see a judge decree that
before there are any indications that it will become true, though.

(totally unrelated questions that I am curious about: how will this signing
stuff work when running Windows in a VM? Would MS dare charge companies that
want to include a MS key in their hardware? What if that company is called
Apple?)

~~~
recoiledsnake
>I think a judge could rule that Microsoft still has too much market power to
let a free market optimize things for the good of the consumer

How is the good of the consumer going to be served by allowing rootkits to
load even before the antivirus can?

>(totally unrelated questions that I am curious about: how will this signing
stuff work when running Windows in a VM? Would MS dare charge companies that
want to include a MS key in their hardware? What if that company is called
Apple?)

You have got it backwards. Windows 8 will boot on any machine or VM regardless
of secure boot, UEFI, BIOS or what have you.

~~~
Someone
1\. One man's root kit is another man's Linux kernel.

2\. Windows 8 may boot on untrusted hardware, but will it play rented movies,
work with Office 365, run apps from Microsoft's store, etc? If Windows on
untrusted hardware will not be a second-class citizen, why would Microsoft
bother with secure boot?

~~~
thwarted
Guh, one of the few times I do so on my phone, and I fat fingered the upvote
attempt. Wasn't there discussion about separating the arrows? Sorry.

------
Zirro
While I do understand the security argument, surely the manufacturers of
hardware wouldn't do this only to be allowed to use the Windows 8 logo? I have
never heard of a person who cares if there's a Windows-logo on their laptop or
not. In fact, the people I asked earlier today (both nerds and "normals")
consider it an ugly annoyance.

~~~
mjg59
Being part of the Windows logo program means getting access to some Microsoft
marketing budget. The incentive is the financial benefit, not the sticker
itself.

~~~
Zirro
I see, thanks for explaining. I suppose, as a large computer manufacturer,
actively/proudly refusing the Windows logo wouldn't please Microsoft either.

------
brudgers
What is interesting to me in terms of how this story is pitched is that
Microsoft's approach to operating systems is shifting to be similar to
Apple's, because one cannot run OSX on commodity hardware either.

~~~
evilduck
OSX isn't prevented from running on commodity hardware though a secure boot
process though. Non-secure UEFI motherboards can boot and install retail OSX
mediums (in fact, most hackintoshes are made possible through UEFI emulation
boot discs). The biggest hurdle is driver support for peripheral devices:
graphics, network, sound, wifi.

~~~
recoiledsnake
>OSX isn't prevented from running on commodity hardware though a secure boot
process though.

Windows 8 will run on any BIOS and UEFI, regardless of secure boot, there is
nothing in secure boot preventing you from running it anywhere.

------
kenjackson
The crazy thing about this is that one proposed solution, that MS require OEMs
to supply keys for Linux, could potentially be an antitrust violation, as MS
makes money from Linux too (thereby using their Windows monopoly to strengthen
their other business of patent licensing).

I don't think there's much of a case here. The UEFI hardening is clearly a
good thing for consumers, and having it as a logo requirement just makes
sense. And if MS is not using any influence to block other OSes, that seems
like the best you can ask for. And recall, OEMs can always ship without Win8
logo and not use hardening (or even UEFI at all).

~~~
FrancescoRizzi
> And recall, OEMs can always ship with Win8 logo and not use hardening (or
> even UEFI at all).

Sorry? I'm confused on this one.

* From the MS slides ( [http://video.ch9.ms/build/2011/slides/HW-457T_van_der_Hoeven...](http://video.ch9.ms/build/2011/slides/HW-457T_van_der_Hoeven.pptx) ): "UEFI and secure boot harden the boot process [...] Required for Windows 8 client"

* From the Garrett post ( <http://mjg59.livejournal.com/138973.html> ): "Microsoft requires that machines conforming to the Windows 8 logo program and running a client version of Windows 8 ship with secure boot enabled"

* From the IT World post linked up here: "And not just any old UEFI layer, either, but secure UEFI. Meaning a hardened boot process"

What am I mis-reading or missing? I'm not being testy, I just think you must
have spotted something I missed. Thanks

~~~
kenjackson
Actually, I mistyped. I meant to type, "OEMs can always ship withOUT Win8 logo
and not use ...". I've changed the post to now reflect that. Meaning that OEMs
needn't ship certified Windows 8 boxes and can still use BIOS if they want.

~~~
FrancescoRizzi
+1 for clarifying and fixing mate. Thanks.

------
bmelton
I think the flip side to this discussion is that there are ALSO Linux logo
programs (for at least RedHat) that will encourage the hardware manufacturers
to allow major Linux providers to use their keys.

That said, while Ubuntu, RedHat, Suse and other larger Linuxes might be able
to swing this for server equipment, someone trying to run a less popular Linux
on commodity desktop equipment could be well and proper screwed.

It's definitely a sticky situation, and while I don't know that you can infer
Microsoft's activities as anti-competitive because it should genuinely
increase the security of their bootloading process, which is great for
consumers using Microsoft operating systems.

That said, I am definitely terrified of the notion of not being able to
purchase an affordable Linux-compatible laptop.

~~~
pmr_
I'm even more so terrified at the idea that the vendor of my hardware may
decide what operating system I should and should not boot on it.

    
    
        Linux logo programs (for at least RedHat)
    

From mjg's posts I had the feeling that RedHat is afraid of what is going to
happen if UEFI really takes of in the form it currently is intended to and
that not a lot of manufacturers are keen of going through the trouble of using
even more keys than absolutely required to sell. Do you have any sources to
back that up?

I believe that it would be a bad step for one of the major Linux vendors to
bow to the whole idea of signed booting for all the smaller distributions.

~~~
bmelton
I would be very surprised if any of the major Linux vendors even attempted to
get a 'universal' Linux key. From the perspective of the major Linux
providers, getting logo certified is a competitive advantage against their
peers, and it would take a significant amount of altruism to obtain those keys
on behalf of others if it is even possible, which is anyone's guess.

As far as the OEM providers, no, I don't have any sources to back that up, but
I don't know how you could logically argue against the idea that RH logo
certification will increase sales to RH customers.

~~~
pmr_
Possibly I'm overly optimistic in regard to the altruism of the Linux vendors.
The old 'the whole ecosystem is going to suffer' argument is still pretty
strong with the OSS community but you certainly could be right.

------
xentronium
I don't understand from all these uefi-gate articles what exactly prevents
"secure UEFI" from being just a boot option.

~~~
kenjackson
Nothing. Some do this. It's up to the OEM. That's Microsoft's point. MS isn't
requiring that OEMs can't do this. If OEMs want to, they're completely within
their right to do so. It's up to them.

~~~
burgerbrain
" _Some_ do this."

Well that is the problem isn't it?

~~~
kenjackson
Take it up with the individual OEMs who don't build machines the way you like
them. Or better yet, buy those that build the ones you do like. This seems
downright silly to sue about.

~~~
burgerbrain
I'm not suing over it.. I'm just upset over the entire situation.

 _"buy those that build the ones you do like."_

There are two very large problems with this:

1) Now I have to do _yet another_ piece of needless research whenever I buy a
piece of hardware. That is a pain in the ass, pure and simple. 2) Everyone
else I know _won't_ be doing that research. So when my dad says to me again,
_"Hey, your mother is getting viruses again, stick her back on Ubuntu"_ , I
have _yet another_ thing to worry about.

Yeah yeah, I get it. They have a right to do it, the market will sort it out,
blah blah blah. Fact is, I also have a right to bitch about it, regardless of
their rights.

~~~
kenjackson
The Linux community should incentive it. RedHat should say to HP, Dell, and
Acer -- "for each UEFI Win8 logo machine you ship, where you enable the
ability to disable secure booting we give you five dollars". Or letting them
keep a larger percentage of RH license revenue, or whatever.

~~~
burgerbrain
The only thing that would incentive in OEMs pulling more shit like this in the
future.

------
recoiledsnake
I was sympathetic to the Red Hat guy until this:

>The final irony? If the user has no control over the installed keys, the user
has no way to indicate that they don't trust Microsoft products. They can
prevent their system booting malware. They can prevent their system booting
Red Hat, Ubuntu, FreeBSD, OS X or any other operating system. But they can't
prevent their system from running Windows 8.

Err what? This boggles the mind. If you don't trust MS, DO NOT INSTALL
WINDOWS. See, it's that easy.

>If Microsoft were serious about giving the end user control, they'd be
mandating that systems ship without any keys installed. The user would then
have the ability to make an informed and conscious decision to limit the
flexibility of their system and install the keys. The user would be told what
they'd be gaining and what they'd be giving up.

Huh what? You want my mom to make an informed and conscious decision about
certificate chaining? I can see with going very well with 95% of PC users.
This is typical behavior from geeks, putting the decision of about the choice
of modules.conf vs. conf.modules which the user doesn't care about and just
wants the software to work.

~~~
bad_user

         If you don't trust MS, DO NOT INSTALL WINDOWS
    

If Windows is the only thing that a computer will allow, then that really
isn't an option. It's like saying that when owning an iPhone you have the
option of not installing iOS.

    
    
         You want my mom to make an informed and 
         conscious decision
    

Dude, "mom" arguments are really retarded, IMHO in the same category as "think
of the children".

I agree with security-by-default arguments, but let the user have the choice
of overriding those settings -- it doesn't have to be convenient for power-
users, it just has to be doable.

Otherwise the hardware ain't yours anymore, you just payed for an overpriced
license to use it as an appliance.

~~~
recoiledsnake
>but let the user have the choice of overriding those settings

How is MS restricting that? They even let the user do it on their own tablets
that they got Samsung to make for them!

