Red Hat Clarifies Doubts Over UEFI Secure Boot Solution

sfcrazy writes "Red Hat's Tim Burke has clarified Fedora/Red Hat's solution to Microsoft's secure boot implementation. He said, 'Some conspiracy theorists bristle at the thought of Red Hat and other Linux distributions using a Microsoft initiated key registration scheme. Suffice it to say that Red Hat would not have endorsed this model if we were not comfortable that it is a good-faith initiative.'" Color me unimpressed, and certainly concerned: "A healthy dynamic of the Linux open source development model is the ability to roll-your-own. For example, users take Fedora and rebuild custom variants to meet personal interest or experiment in new innovations. Such creative individuals can also participate by simply enrolling in the $99 one time fee to license UEFI. For users performing local customization, they will have the ability to self-register their own trusted keys on their own systems at no cost." From what I can tell, the worst fears of the trusted computing initiative are coming true despite any justifications from Red Hat here. Note that the ability to install your owns keys is certainly not a guaranteed right.

So where's the security?

[TheRaven64]

If anyone can pay $99 to get a key that lets them install malware in anyone's firmware, then there is obviously no security in the system. I'd have thought this would be excellent grounds for an antitrust investigation...

Re:So where's the security?

[Hatta]

Microsoft learned after their last antitrust investigation, and increased their political contributions by an order of magnitude, without changing their business practices at all. Now that Microsoft has paid the appropriate protection money, they can do whatever they want.

Re:So where's the security?

[vlm]

So "anyone" cannot do this. Only large corporations, with no liability, and lots of money, will be able to install malware from now on

Luckily large corporations never have data breeches, so its not like you'll be able to go to wikileaks or pirate bay to get a copy of the MS secret key, or the Dell key, etc.

That large integer will of course be made illegal, so only private citizens will have unsecured systems. The hard core crooks and the slightly-bent will of course have free reign over everyones system.

I'm sure they'll be another moronic legal battle where some 256 bit or 2048 bit or whatever integer is declared persona non-grata on the internet, stupid restraining orders, blah blah blah, all over again.

Who wants to buy a tee shirt with Microsofts UEFI secret key on it? I give it a couple months till someone releases it, maybe even before the hardware hits the shelves, and a couple hours later I'll fetch it from pirate bay or whatever, and a couple hours later I'll put up a shirt design. Just to be a complete A-hole I'll also make shirts that have equations, too, so it'll be something like 32523136136 minus 1.

I'll go further with my prediction. Malware will be found signed with a legit "major corporate" key BEFORE legit hardware/software using "major corporate" key hits the shelves, in at least one instance. In other words your new Dell, for example, will be ownable before you can even buy it.

Re:So where's the security?

[Anpheus]

You're confusing the keys that have previously been publicly available and the private keys here. Unlike the previous keys, this isn't part of a DRM scheme where the user has to be able to decrypt content and simultaneously "not have" the key to do so. DRM is fundamentally flawed in that regard, and DRM schemes are routinely broken because they cannot both obscure the content and show it to you at the same time. At some point, your computer has to possess the ability to unlock the next frame, and smart people figured out how to copy that. Ta-da, AACS key, or HDCP master key. Those weren't failures of public key cryptography, they were leaked because the universe is at odds with DRM.

What private keys of note have been hacked? Recently, a weak Microsoft intermediate certificate key was exploited to use to generate code signing certs, but that was a weak key with a poor algorithm (MD5 hashed thumbprint). Or Sony's private key for the PS3? Well, they implemented their crypto wrong, one of the supposed-to-be-random parameters was instead hardcoded as a constant. Oops.

Dell, Microsoft, the big players, they all work very hard to make sure their private keys are secure. Would you care to take a wager on whether or not the Microsoft root key will be released within the next year? (By root I mean whatever key is the common root used to sign a plurality of UEFI signed bootloaders, if they use many intermediate CAs, it would have to be whatever key is for all of those CAs. If they use one intermediary that signs a majority of the bootloaders, then it must be that one - does not have to be _the_ Microsoft key.)

FUCKING stupid

[inode_buddha]

"Suffice it to say that Red Hat would not have endorsed this model if we were not comfortable that it is a good-faith initiative."

Fucking STUPID. Since when in their entire history has Microsoft ever done anything in "good faith"?? Morons! *ALL * you need to do is read a few court cases...

Re:Just say 'No'

[a90Tj2P7]

Secure boot, which is what you're concerned about, is just a feature in UEFI. Which has been the BIOS replacement for years. It's not new, it's not an MS creation, and it's not limited to secure boot. Saying you won't buy any PC or mobo that has UEFI because of secure boot is like saying you won't buy any with BIOS if it doesn't have overclocking settings.