• Freedom Included http://freedomincluded.com
• Garlach44 http://garlach44.eu
• InaTux http://inatux.com
• Lemote http://lemote.com/en
• Los Alamos Computers http://laclinux.com
• System76 https://www.system76.com
• ThinkPenguin http://thinkpenguin.com
• ZaReason http://zareason.com
But I want them to succeed-I'm willing to give them a little free publicity. (Emphasis on a little)
Secure Boot where you can only run Microsoft-approved software is bad for software freedom, no question about it. Secure Boot as defined by the spec, where there is no requirement to have preloaded MS keys and where users explicitly can load their own keys, is absolutely _good_ for software freedom -- it makes the "evil maid" attack much, much harder. (The "evil maid" attack on full-disk encryption involves someone having access to your computer while it's off, and trojanning the bootloader and having it leak your disk password or the contents of the disk once your system boots. People naively expect full-disk encryption to stop this, but it's as easy as booting from a CD or thumbdrive. With secure boot, it involves physically opening the case and probably replacing chips.)
Let's make sure that Secure Boot stays good for software freedom, instead of throwing out the technology along with the policy, and leaving users with no defense against this sort of attack.
Secure boot exists primarily because it provides a "feel good" answer to content providers about the feasibility of DRM. It's not an answer to real world security issues and never has been.
If you want the OS to trust the hardware it's on, you need a TPM, and you probably need the machine to be installed by someone who can communicate with the content provider. The entire point of Secure Boot is that it can be implemented just in existing UEFI code, _without_ the additional hardware of a TPM.
I develop an OS product that has no browser installed on it at all -- there's one small client application that just interacts with our one server product, and then boots everything else you might want to do in a VM. The biggest threat to the security of our outer layer is, in fact, an evil maid attack. It's certainly worth being aware of that threat, even if there are other, bigger threats. (Nobody says that we should stop worrying about buffer overflows while there are still cross-site scripting attacks, etc.)
That's a powerful sales tool. Systems that don't have secure boot have a much harder time selling their DRM implementations. And that's why we have secure boot. Don't fool yourself into thinking all problems are technical.
Given that this has not been done, and given the small number of people this scenario interests, given that thoses people are unlikely to be interested by Windows 8 to begin with, and even less by Windows RT, Secure Boot has not been designed by MS to prevent that, but really to prevent the installation of other operating systems. The FSF just fight Secure Boot for the real reason it has been created; if you create and alternate security feature for the "evil maid" scenario that preserve user freedom, that would be a completely different subject and you want angry the FSF with it. The FSF's attitude towards new technologies is not reactionary. They fight for user's freedom, as always.
The only way to defeat evil-maid attacks is for the early-boot code in your computer's firmware to cryptographically validate the bootloader or kernel that it's about to start, and make sure it's signed by a trusted authority, and make sure that it's possible for the computer owner to disable the ability for anyone other than him to change the set of trusted authorities. This happens to be exactly what Secure Boot does.
I wish the best of luck to FSF in stopping this. I don't have much I can donate, but I hope my little bit of support will help them.
Digital "rights" management is not about your rights, it's about restricting you from doing what you want with your content. Hence the R in DRM now means "restriction".
Same concept here.
"Digital Restrictions Management" worked better, because it still abbreviates as DRM so nobody goes "huh?" when you say it. "Restricted Boot" needs an accompanying explanation to tie it to the official name of 'UEFI "Secure" Boot', which makes the attempted rebranding counterproductive.
Is it possible to hack this or will it even affect geeks who do want to install the OS of their choice?
Most tablets and phones just happen to come with a different chip architecture, but there is nothing inherent to them that demands they should be restricted compared to the x86 alternatives.
Why should that make a difference?
I love how Windows RT devices which are struggling to ship a couple million are "ARM devices" but there is absolutely no mention of tens of millions of iPads, Kindle and some other Android tablets being sold with locked bootloaders.
Same with phones, are WP8 phones with a 3.5% marketshare(albeit increasing) a much bigger threat to user and software freedom than iPhones? Atleast with Microsoft you have the choice of OEMs, whereas with Apple you have no freedom of choosing the manufacturer. I think mentioning Apple undermines their point in such a serious way that the FSF(and Mozilla) hasn't mentioned it any of their long blog posts on Secure Boot.
Also, with the PCs sold being mandated by Microsoft to have a way for an end user to disable Secure Boot and Add/Remove their own keys, the user is completely in control and can even remove Microsoft's key if they so wish.
US $350,000 is a LOT of money to waste going after this, imagine what could be done with that money if it was spent on things like OpenOffice, Samba and other projects sorely lacking in money and resources. I think this is an exercise in baiting Microsoft haters part with their money rather than any productive exercise to increase computing freedom. I hope donators consider better uses of their money.
Despite this tarnished image of a former tech-innovist, does the FSF really still feel it's impossible to fight the root evil here because of public perception?
Is it only picking on Microsoft because that is easier to amass support against?
We, as hackers and developers, should support this. We should fight closed systems. We should fight against the forces against general purpose computing (Cory Doctorow has a nice speach on this) and we should fight those who seek to criminalize writing code because somewhere some troll has a vague patent with no implementation covering your work.
So yes. Support the FSF on this. But also boycot those who are the chief offenders here. Every dollar spent in an Apple-store is money spent against the core of your profession. Stop spending money there. And throw away your iPhones and Macbooks. They are bad karma and software blood-money.
The banner at the top of every page currently says
"Giants like Microsoft and Apple are trying harder than ever to control the software you use.
The FSF brings software freedom supporters together to amplify your voices and make an impact."
That being said I don't really think that not naming Apple right now, which already has an established closed platform (therefore uphill battle), detracts from them trying to stop Windows 8 machines becoming as closed as iPads before they even get a chance to take off the ground. Better (and easier) to kill off a bad idea early on.
Yeah, so they should have gone on an all out offensive when the iPad launched. Now there's a huge precedent they will have to try to explain away, why it doesn't apply and Microsoft's stuff have to be open but not their competitors'.
But for explaining why Microsoft should stop even if Apple has locked down devices, if a company is dumping oil in the ocean, people are allowed to complain and create a boycott against that company. If the companies defense is "well, other companies dump oil in the ocean too, so why are you picking on us?" the answer is not to say sorry and let them continue.
Huh? Where can I access the option on an iPad to turn off secure boot or to add my own keys or to delete Apple's? Windows 8 machines are much much more open than an iPad.
I wish people would stop repeating this like its some kind of iron clad gaurentee, Microsoft only changed the reqirement to begin with after there was a public outcry, and are free to change it again any time. (they likely will after more systems support secure boot)
also please consider the fact that how you should be able to disable secure boot is entirely unspecified. If early models are any indication, its going to be buggy and error prone on tons of systems.
> Every dollar spent in an Apple-store is money spent
> against the core of your profession.
> Stop spending money
> there. And throw away your iPhones and Macbooks. They are
> bad karma and software blood-money.
And also spent on patent trolling, stifling innovation, and leading the world of tech down a dark path (locked down "app store", restricted boot, the whole nine yards).
How does it feel to know your money will go directly to the cause of stopping the evolution of technology in its tracks?
Your view is terrifically selfish if nothing else.
>You know why FSF avoid fighting Apple? It's because that fight would reveal that they are fighting in the wrong war.
I have very mixed feelings about this very topic. As a developer, I completely agree with you. Hardware should be hackable and software replaceable.
But there's also another side: computing has become a lot easier for the average user. E.g. the iPhone and the iPad were the first computers that my mother really grasped and was able to use comfortably on her own. The limited walled garden approach to computing ensures that she doesn't accidentally install malware, etc. In the end, I think the secure, walled gardens are useful to the average user.
Of course, the inherent danger is unfair competition - the gatekeeper can decide to reject software whenever it wants and impose fees and crazy rules. Since in EU, we are not completely adverse to government intervention, I think it is best that the European union would regulate such walled gardens, e.g. by limiting the percentage that the gatekeeper can charge, by requiring that the gatekeeper accepts all software that is not malicious, and requiring that a method should be required to unlock hardware. I that putting think such regulations into place will be much more effective than fighting windmills.
Grandma will still use the same OS, and will still install apps from the app store, never knowing that she can even install apps from other places, and it will be just as easy as it if were without that sideloading option. Having the option to do other things doesn't interfere with any of that.
And even if it does change things a little in some extreme cases - but everything has its positive and negative sides. Everything. At the end of the day you have to decide which gives the greater benefit. And I think having "open" computing systems over completely closed ones, offers the greater benefit in the long term, just like having an open (also could be read as malware-filled, and cybercriminals-filled) Internet in the end if is of much greater benefit than having one fully controlled by the government and companies.
I'd love to see some real research on causality here, though, because correlation obviously doesn't imply causation (though it is a reasonable hypothesis, IMO).
I believe Cyanogenmod users have a much better security track record for the same social reasons that Desktop Linux users have better security. Case in point: the exynos root exploit was patched quickly for Cyanogenmod users . It may never be patched for "the rest of us."
If you are going to sell software to people then you certainly have some responsibility not to provide dangerous goods.
OK, but why not have a sanctioned, free, voids-your-warranty way to disable these restrictions, so that users who want to install software without using the app store can do so? This would not be hard. It could be buried somewhere deep where users cannot find it, it could be loaded with warnings, but all that would be fine.
Apple wants control, because control is profitable. Control lets them spot the next cool application early, so they will not be blindsided like they were by the Web. Control lets them promise developers and media partners that copyright infringement will not be such an issue. Control lets them maintain their image on a level that was not previously possible -- they can make sure that iPads are not associated with pornography, that iPhones are not associated with political cartoons, that nobody will point at Apple devices as a symbol of some national rebellion, and so forth. Control lets them slow down their competitors until Apple has a chance to market their solution (even if that solution is a total boondoggle).
It is hard to believe that Apple's policies on the app store were created with users as the top priority.
"the inherent danger is unfair competition - the gatekeeper can decide to reject software whenever it wants and impose fees and crazy rules"
Which is already what happens.
"I think it is best that the European union would regulate such walled gardens, e.g. by limiting the percentage that the gatekeeper can charge,"
Did they regulate video game consoles?
A device without a walled garden can still maintain a simplistic design, encourage a uniformed interface, and maintain a similar security against malware. However, it has a harder time to incentivize software developers to strictly follow the uniformed interface and to always use the official store. Android market place has also less incentives to turn away new software, because developers has an alternative (thus Android app store have incentives to be lenient). For the Iphone app store, there are no alternatives for developers so Apple can be as harsh they want (thus they have incentives to be harsh).
Unwalled gardens also has a harder time to discourage users to run unknown software with malware in them. In practice, iphone users are less likely to try run downloaded software from a random internet site (or dl via bittorent), because no legit iphone developer ask them to do it. Android developers however often teaches users to use third-party stores. Thus, a android virus has a much easier time spreading than a Iphone one because on user base are trained to run untrustworthy programs, and one user base is not.
Thus a walled garden has two functions. First it maintain a monopoly grasp on a market, to extract tax on each purchase. Second, it provide incentives to developers so they follow a strict uniformed interface, to App store approvers so they will be more strict in judging new software, and to users so they are less inclined to run untrusthworthy software.
The first thing should be regulated away. The second thing should be understood when designing unwalled devices so to create the correct incentive for everyone.
The key problem for mobile app developers is the rampant piracy on Android. iOS has nowhere as much piracy as Android. In this case, economics will dictate where app developers sell, will it not?
What we really need is a type of DRM that still permits general purpose computing. A safe way to store proprietary binary data (programs, media, etc) on the system in such a way the user cannot access it. This might mean restricting root, but it will mean goodbye to piracy. We could still give the user maximum power over the system in every way possible (allow him to install his own apps, access to most APIs, etc.)
There's not much more piracy on Android than iOS, and it doesn't matter anyway.
Can you back that up?
Still, the threat of Restricted Boot is a bit different than then ordinary threat from DRM, in that it targets general purpose computers instead of semi-specialized products like phones and e-readers. The ARM move, while not very threatening today, is the foot in the door to push lockdown to more devices than phones and e-readers. It moves the language from talking about devices (a phone, a e-reader, a microwave), to talking about CPU's in computers.
Microsoft makes a desperate attempt to secure a small anchor amid the avalanche of ARM-Android and inadvertently breathes new life into the Microsoft Meme: "Growth by Stifling Competition." Almost feel sorry for them.
On the other hand, if they do lock it down there are articles like this one.
I am certainly willing to pay a bit extra (higher cost, reduced performance) for an open platform.