Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat Clarifies Doubts Over UEFI Secure Boot Solution

Posted by Unknown on from the there-goes-freedom-one dept.

sfcrazy writes "Red Hat's Tim Burke has clarified Fedora/Red Hat's solution to Microsoft's secure boot implementation. He said, 'Some conspiracy theorists bristle at the thought of Red Hat and other Linux distributions using a Microsoft initiated key registration scheme. Suffice it to say that Red Hat would not have endorsed this model if we were not comfortable that it is a good-faith initiative.'" Color me unimpressed, and certainly concerned: "A healthy dynamic of the Linux open source development model is the ability to roll-your-own. For example, users take Fedora and rebuild custom variants to meet personal interest or experiment in new innovations. Such creative individuals can also participate by simply enrolling in the $99 one time fee to license UEFI. For users performing local customization, they will have the ability to self-register their own trusted keys on their own systems at no cost." From what I can tell, the worst fears of the trusted computing initiative are coming true despite any justifications from Red Hat here. Note that the ability to install your owns keys is certainly not a guaranteed right.

69 of 437 comments (clear)

  1. So where's the security? by TheRaven64 · · Score: 5, Insightful

    If anyone can pay $99 to get a key that lets them install malware in anyone's firmware, then there is obviously no security in the system. I'd have thought this would be excellent grounds for an antitrust investigation...

    --
    I am TheRaven on Soylent News
    1. Re:So where's the security? by itsthebin · · Score: 4, Informative

      notwithstanding that we have just had news of a major security breach that used Microsoft security certificates

      --
      ...I obey the laws of physics....
    2. Re:So where's the security? by Anonymous Coward · · Score: 2, Insightful

      If anyone can pay $99 to get a key that lets them install malware in anyone's firmware, then there is obviously no security in the system

      Not really. If you get a signing key, you will be registered, and any malware can be tracked back to you. So "anyone" cannot do this. Only large corporations, with no liability, and lots of money, will be able to install malware from now on. YEAH!

    3. Re:So where's the security? by neokushan · · Score: 4, Informative

      Not quite, summary:

      For users performing local customization, they will have the ability to self-register their own trusted keys on their own systems at no cost.

      The $99 license is for if you want to distribute yours to other machines. The point is that it's a price that hits a line between "too expensive and will put vendors out of business" and "So cheap any asshat can get one". What it boils down to is the CA correctly authenticating the buyer, if malware vendors get a key signed by them it's the CA's fault.

      Now someone who buys a key and recklessly leaves it lying around an insecure place, on the other hand, is a different matter....

      --
      +1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill
    4. Re:So where's the security? by Hatta · · Score: 5, Insightful

      Microsoft learned after their last antitrust investigation, and increased their political contributions by an order of magnitude, without changing their business practices at all. Now that Microsoft has paid the appropriate protection money, they can do whatever they want.

      --
      Give me Classic Slashdot or give me death!
    5. Re:So where's the security? by vlm · · Score: 5, Insightful

      So "anyone" cannot do this. Only large corporations, with no liability, and lots of money, will be able to install malware from now on

      Luckily large corporations never have data breeches, so its not like you'll be able to go to wikileaks or pirate bay to get a copy of the MS secret key, or the Dell key, etc.

      That large integer will of course be made illegal, so only private citizens will have unsecured systems. The hard core crooks and the slightly-bent will of course have free reign over everyones system.

      I'm sure they'll be another moronic legal battle where some 256 bit or 2048 bit or whatever integer is declared persona non-grata on the internet, stupid restraining orders, blah blah blah, all over again.

      Who wants to buy a tee shirt with Microsofts UEFI secret key on it? I give it a couple months till someone releases it, maybe even before the hardware hits the shelves, and a couple hours later I'll fetch it from pirate bay or whatever, and a couple hours later I'll put up a shirt design. Just to be a complete A-hole I'll also make shirts that have equations, too, so it'll be something like 32523136136 minus 1.

      I'll go further with my prediction. Malware will be found signed with a legit "major corporate" key BEFORE legit hardware/software using "major corporate" key hits the shelves, in at least one instance. In other words your new Dell, for example, will be ownable before you can even buy it.

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    6. Re:So where's the security? by vlm · · Score: 5, Funny

      Oh genius hits milliseconds after I hit the Fing submit button... A tee shirt with a QR code of the official microsoft secret signing key with iconic 1984 or maybe animal farm styling.

      Coming soon, from VLM enterprises...

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    7. Re:So where's the security? by betterunixthanunix · · Score: 2

      the scammer would have to first appear legit

      Microsoft: What do you think gives you the right to install your own bootloader, Mr. Mafia Guy? Scammer: I am deploying my own Linux Distro! Microsoft: $99 please!

      --
      Palm trees and 8
    8. Re:So where's the security? by Anpheus · · Score: 5, Insightful

      You're confusing the keys that have previously been publicly available and the private keys here. Unlike the previous keys, this isn't part of a DRM scheme where the user has to be able to decrypt content and simultaneously "not have" the key to do so. DRM is fundamentally flawed in that regard, and DRM schemes are routinely broken because they cannot both obscure the content and show it to you at the same time. At some point, your computer has to possess the ability to unlock the next frame, and smart people figured out how to copy that. Ta-da, AACS key, or HDCP master key. Those weren't failures of public key cryptography, they were leaked because the universe is at odds with DRM.

      What private keys of note have been hacked? Recently, a weak Microsoft intermediate certificate key was exploited to use to generate code signing certs, but that was a weak key with a poor algorithm (MD5 hashed thumbprint). Or Sony's private key for the PS3? Well, they implemented their crypto wrong, one of the supposed-to-be-random parameters was instead hardcoded as a constant. Oops.

      Dell, Microsoft, the big players, they all work very hard to make sure their private keys are secure. Would you care to take a wager on whether or not the Microsoft root key will be released within the next year? (By root I mean whatever key is the common root used to sign a plurality of UEFI signed bootloaders, if they use many intermediate CAs, it would have to be whatever key is for all of those CAs. If they use one intermediary that signs a majority of the bootloaders, then it must be that one - does not have to be _the_ Microsoft key.)

    9. Re:So where's the security? by betterunixthanunix · · Score: 4, Insightful

      If you get a signing key, you will be registered, and any malware can be tracked back to you. So "anyone" cannot do this.

      So all it really takes is a stolen credit card?

      --
      Palm trees and 8
    10. Re:So where's the security? by Anonymous Coward · · Score: 5, Informative

      Actually, this is not quite correct. For ARM systems, Windows forces hardware manufacturers to make it IMPOSSIBLE for someone to install another OS. (It's in their license for Windows 8)

    11. Re:So where's the security? by ZeroSumHappiness · · Score: 3, Informative

      The software you put on the machine should be signed. So long as you use signed software the whole thing is a no-op for you. If you want to install a Linux distro that has not been signed with Microsoft's keychain, however, you'll have to either turn off secure boot or install that distro's key into the UEFI.

    12. Re:So where's the security? by ArsenneLupin · · Score: 2

      There are attacks other than mathematical or algorithmic. What do you want to bet that Microsoft's key management infrastructure is lacking, and is accessible to temps and students who only stay there for 6 months. Somebody is going to sneak away the key on an USB stick, and release it into the wild after they have long left Microsoft. And on which one of the thousands of students who passed by during that time will they pin the blame?

    13. Re:So where's the security? by vlm · · Score: 3, Insightful

      There are attacks other than mathematical or algorithmic.

      Financial? somebody@something.ru offers $100K to someone at microsoft.com who is being outsourced to India to ... plus or minus an order, or two, of magnitude.

      Religious/political? Somebody of a certain religious persuasion is contacted by a guy on line who convinces him that the only way to save *.il from a second holocaust is to provide the secret signing key to enable the stealthy deployment of stuxnet 2.0 to really shut down the iranian nuke program this time. Of course the guy doing the convincing is secretly J Random Malware Author, whoops. Or maybe he really is from *.il and he really is preventing a nuclear holocaust using the key, but his kid / coworker / ex wife / competitor / guy trying to set him up to take the fall / something else releases the key to the public. Or he just loses the thumbdrive with the key. Or the story for plausible deniability, is he loses the thumbdrive containing the key and another dude just happened to find it, although in reality it was all scripted out.

      You trust *.microsoft.com to keep it safe, well that's a little optimistic of you, but whatever. The problem is the random collection of "friends of microsoft" in the govt and govt contractors trying to write undetectable cyberwarfare software. So now you have to trust all of *.mil and quite a bit of *.com not to screw up.

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    14. Re:So where's the security? by badfish99 · · Score: 3, Interesting

      So I'm a philanthropically-minded linux user with $99 to spare. I give that money to Microsoft, and they give me some magic key that lets me write linux kernels that will run on anyone's machine. I immediately publish that key on my website, for anyone to use. Now any criminal can use this key to run their malware on any machine.

      Obviously it doesn't work like this, or the whole scheme would be useless. So how is it going to work?

      I read TFA, and as far as I can tell, it *does* work like that: for $99, I get my key sent to the hardware vendors to be put into their UEFI boot chips. So will everyone get a free "bios upgrade" when I deliberately leak my key?

    15. Re:So where's the security? by vlm · · Score: 2

      Oh how about this political attack - I predict the key used for all Chinese military cyberwarfare will be the Lenovo key.

      Another "fun" thing to think about - what happens during bankruptcy, purchasing, downsizing, etc? Who owns Gateway now, or rephrased, who owns Gateway's key? If you want a legit key, the best way might be to legit buy it.

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    16. Re:So where's the security? by neokushan · · Score: 2

      Who said UEFI was a magic bullet that protected you from all kinds of malware? Nobody did, nobody is dumb enough these days to say that their security is unbreakable. The point is to make it harder, the harder you make it then the less likely someone will break it. There will always be one person smart enough to get around it, (or someone dumb enough to let them in) but the alternative is just giving up.

      As for the CA's, be thankful of all the recent exploits of them because now that we know they're the weak link, we can regulate the shit out of them. Don't do your job right? We'll shut you down and give your authority to someone else. I'm not saying that's what's going to happen, merely that it's what should happen.

      --
      +1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill
    17. Re:So where's the security? by neokushan · · Score: 2

      This is a good point and I would also like to know how it works. Keep in mind though, UEFI and BIOS are two separate things and many of the limitations of BIOS don't apply. There's no reason why your OS shouldn't be able to add or revoke certificates while running, in much the same way that a good UEFI motherboard lets you overclock and adjust settings on the fly, in Windows (And possibly other OS', I cannot comment on that).

      If that's the case, then a leaked certificate is no worse than it is today - your OS just updates the certificate store.

      --
      +1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill
    18. Re:So where's the security? by bws111 · · Score: 4, Interesting

      Untrue. The requirement is that secure boot can not be disabled. If you have a signed bootloader (like one from Red Hat, Fedora, or any other distro that pays the $99 to use this service) you can boot any OS you want.

    19. Re:So where's the security? by AmiMoJo · · Score: 3, Informative

      It doesn't say you can't let the user add their own certs and self-sign either. Slightly more work for us but much more security for the clueless majority.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    20. Re:So where's the security? by shutdown+-p+now · · Score: 2

      I'm sure that governments wouldn't need fake credentials in the first place.

    21. Re:So where's the security? by bws111 · · Score: 3, Informative

      It does not work like that. Here is a very simplified overview of how it works:

      Someone writes a bootloader. That bootloader gets digitally signed.

      At boot time, UEFI finds the bootloader, and verifies that it was signed by someone trusted by the UEFI, and that the code is intact based on the signature.

      If the above test passes, the boot loader is loaded, and UEFI uses TPM to leave a trace that UEFI (signed by x) says that the boot loader is OK. Control is passed to the boot loader

      The boot loader finds the next thing in the boot sequence (kernel, probably) and performs the same validation of it and leaves another TPM trace that says the bootloader (signed by y) says the kernel is OK.

      This process repeats with everything that is loaded, right up to the application.

      At any point, a piece of code can use TPM to check all of the traces leading up to itself. If any of those traces were made by someone you don't trust, the whole thing can be considered to be untrusted.

      So, in your scenario, you give your $99 to Microsoft, and get a key that can be used to sign your bootloader. If you want, you can hand that key out, and anyone can sign a bootloader, including malware writers. However, just because someone verified that your bootloader was not tampered with (ie UEFI verifying the signature) does not mean that anyone has to trust your bootloader. As soon as the Windows kernel gets running and checks with TPM and finds out that the bootloader was signed by badfish99 it can switch into 'untrusted' mode, whatever that means. And if you somehow manage to replace not only the bootloader but also the kernel, the next thing loaded can find out that the kernel was not signed by someone trusted. And so on. In order to effectively install something untrusted without being detected you pretty much have to replace the whole system, from bootloader to applications and everything in between.

    22. Re:So where's the security? by MarcQuadra · · Score: 2

      Actually, there is. Microsoft is prohibited from doing this on x86-based stuff by the antitrust agreement they're in. They can't prohibit vendors from allowing other operating systems and locking-in 'wintel' hardware/software. The agreement does NOT cover ARM.

      --
      "Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
    23. Re:So where's the security? by exomondo · · Score: 2

      Now that would be grounds for antitrust.

      Why? Windows RT has no marketshare, in fact Windows has virtually no presence on the ARM platform at all, anti-trust requires a monopoly position which MS does not have on ARM nor is their ARM version of Windows tied to their x86 version so there is no leverage of monopoly position either.

    24. Re:So where's the security? by Kalriath · · Score: 2

      Unfortunately, Slashdot doesn't have a "-1, Wrong" moderation.

      UEFI is not BIOS, and BIOS is not UEFI. In fact, most brand name computers these days don't even have a BIOS, they have a BIOS emulator running on the UEFI platform.

      --
      For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
  2. User key management by Junta · · Score: 4, Interesting

    self-register their own trusted keys on their own systems at no cost.

    How? Most reasonable mechanisms that could be envisioned would likely be considered an 'attack vector' in certain scenarios. I'm genuinely curious as to the mechanisms allowed for end-user key management in this sort of system.

    --
    XML is like violence. If it doesn't solve the problem, use more.
    1. Re:User key management by robmv · · Score: 2

      Using to the UEFI settings in your firmware. there is no automated way to do it, the 'attack vector' possibility is the reason. Red Hat will use this method of signing the bootloader using Microsoft signing services to help the common user to install a Linux distribution without messing with scary UEFI screens. The real problem now is: Will hardware vendors always provide a screen to add/change the keys?. Unless it is enforced by Microsoft Windows OEM licensing rules (not know about this) or government regulation, The answer is not every manufacturer will provide that

    2. Re:User key management by MickyTheIdiot · · Score: 2

      See my other post...

      If the signing key is breached (not out of the question with MS's track record recently) then the hardware is permanently untrusted.

      So you have to make the hardware trusted again.

      Sounds like a boon to Dell and to computer shops to me, unless you create a simple way for a user to fix the problem, at which point your purpose was defeated.

    3. Re:User key management by Jiro · · Score: 2

      No, and that's one of the problems. From the link in the article to the technical blog:

      Right now you can load arbitrary code into grub 2 at runtime, and that defeats the point of secure boot. So that'll be disabled. Next we'll be adding support for verifying that the kernel it's about to boot is signed with a trusted key. And finally we'll be sanitising the kernel command line to avoid certain bits of functionality that would permit an attacker to cause even a signed kernel to launch arbitrary code.

      grub will no longer be able to load anything. grub has to be signed, and it will also only load a kernel that is signed, and require device drivers that are signed.

      Of course this will be a disaster for anyone who wants to compile their own kernel.

    4. Re:User key management by WebCowboy · · Score: 4, Insightful

      How? Most reasonable mechanisms that could be envisioned would likely be considered an 'attack vector' in certain scenarios. I'm genuinely curious as to the mechanisms allowed for end-user key management in this sort of system.

      Secure boot specification describes three "modes" of operation:

      1) standard: Accept software signed only by keys included in the factory BIOS (ie. Microsoft-issued keys)
      2) custom: Accept software as in 1) but also allow keys signed by another authority/the user. This allows the user to flash in their own key and spin their own Linux/BSD/alternative OS and sign it so it will work with secure boot. NOTE you would also need custom mode in Windows 8 if you are employing custom or in-house drivers or other software that talks too closely to hardware.
      3) setup(?): Seems to be a special mode--I think it is a one time setting that changes back after reboot? The setup mode is so that your software installer--an alternative OS or a driver in Windows or otherwise, would be able to push its key into te system's firmware during the install process so you don't have to do that step in the UEFI setup manually. Once a key is installed from a software setup process the system would revert to custom modefor subsequent boots.

      Besides that UEFI secure boot can be disabled entirely so you can run unsigned system software and none of the above would matter.

      The deal with Red Hat and the Devil (um, the evil Microsoft one not the cute FreeBSD one) commits Microsoft to distributing keys signed by them to anyone who ponies up $99 and fills out the requisite forms. In return you get a key to sign your own OS or other privliged software (drivers/kernel modules...) issued through a Microsoft CA that will work in mode 1) above. That is, you can create a distro or driver setup disk that will work with a "factory default" UEFI setting.

      I personally have no problems with this scheme except for two critical points:

      1) Microsoft alone is the caretaker (cert. authority) for ALL standard keys. This constitutes a monopoly. Monopolies are not illegal but using them to supress potential competitors IS illegal, and this arrangement sets up Microsoft with the ability to get into amti-competitive shenanigans (again). The $99 fee is not a problem--there is no expiry on your key and you can sign all your stuff with it--I may get one for my own business should I run into issues with custom mode or disabled secure boot. A BIG problem is that nothing commits them to being honest with the CAs. There isn't going to be just one root cert form Microsoft, and nothing stops them from using a "special" certificate class for the $99 certs. That would let them revoke all of them "killswitch" style for whatever reason (the root gets compormised, or they just don't like what they keys are being used for), so anyone who does a bios update or gets a new machine would be SOL if MSFT doesn't re-issue you a new key and won't take another $99 from you.

      2) Microsoft is not being platform agnostic. There is ARM and "everything else". MSFT has decreed that ONLY standard mode is permitted on ARM devices that have Windows installed--NO custom or setup modes and NO disabling of secure boot. Furthermore I am not sure if the $99 keys will work to build software for ARM devices (anyone know that one? MSFT could issue certs that only work on x86 architecture if they wanted to). You cannot get a shiny "built for Windows 8" sticker (who cares really) and it is against the license agreement to even install on "insecure" ARM hardware (THAT is something to care about). MSFT is (currently) an inconsequential player in mobile/ARM space so there isn't a big risk yet. However, they could leverage their desktop monopoly to push Windows 8 slates and smartphones in the enterprise and even elsewhere (smart glass in the home for example) and if they are successful it would entice vendors to lock out custom OSes.

      Regulatory authorities are going to have to keep a close watch on how MSFT conducts itself as s

    5. Re:User key management by vux984 · · Score: 2

      Problem 2) should be addresses ASAP.

      "Problem 2" is what you ALREADY have when you buy an iThing.

      Why should Microsoft be scrutinized harder than Apple in the ARM space? Why does Apple get a free pass, but "ARM must not tolerate being treated like this" by microsoft?

      Don't get me wrong, I agree with you... but I think all computing devices should be rootable by their owners, and I think that right should be protected by law, and the mechanisms to so should be included in systems... whether its a Win8 or iOS device.

  3. Faith by Wowsers · · Score: 2

    Red Hat has faith in Microsoft. More fool them!

    --
    Take Nobody's Word For It.
    1. Re:Faith by MickyTheIdiot · · Score: 2

      Watch Ubuntu & Debian continue to rise as Red Hat turns into corporate asshats, becoming the thing we were all trying to avoid.

  4. I hope a gang of lawyers by FudRucker · · Score: 2, Insightful

    rips Microsoft a "new one" in a class action and/or anti-trust suit

    and Fedora/Redhat are feeble minded idiots for paying Microsoft,

    --
    Politics is Treachery, Religion is Brainwashing
    1. Re:I hope a gang of lawyers by cryptizard · · Score: 3, Informative

      It has been stated many times, the fee is not going to Microsoft but Verisign. Essentially Red Hat is gaining the ability to run their own root of trust by having a signed "stage 0" bootloader that will in turn load any image signed by Red Hat's private key. This micro-bootloader will most likely just chain load a special version of grub that will verify the kernel is signed by a correct key (at this point, any key that Red Hat wants). I really don't see the problem with any of this. As they said in the first report, any big name, trustable Linux organization could volunteer to get their root key signed using this same arrangement and then run a free, open root of trust that could verify other distributions. The problem is no one wants that kind of responsibility. The only downside to this whole mess is that not all motherboards will offer you the ability to install your own root certificates, which could impact the ability to homebrew a Linux distro, but in the end people that care about that kind of thing will only but motherboards that have that ability.

    2. Re:I hope a gang of lawyers by Anonymous Coward · · Score: 3, Informative

      The problem is no one wants that kind of responsibility. The only downside to this whole mess is that not all motherboards will offer you the ability to install your own root certificates, which could impact the ability to homebrew a Linux distro, but in the end people that care about that kind of thing will only but motherboards that have that ability.

      The point of open-source is to be able to run any code you want, not just those signed by large corporations. Users, previously not belonging to your elite category, who bought a motherboard without checking, and who now realise the benefits of a custom kernel, will find that they have no option but to buy a new machine.

    3. Re:I hope a gang of lawyers by Vanderhoth · · Score: 2

      This micro-bootloader will most likely just chain load...

      This is the problem I see. Using words like "most likely" and then saying "I really don't see the problem with any of this" is a problem. You've constructed an ideal situation that you think will work correctly. "Most likely" this will not be the case and as such will cause issues with attempting to install any OS that is not Windows 8. Another big problem is by the time we know ALL the facts about how the UEFI and its implementation It will be too late to do anything about it and we'll be forever stuck paying to install anything, that's not a commercial OS, on machines we've rightfully bought.

      And I'm not accepting that "For users performing local customization, they will have the ability to self-register their own trusted keys on their own systems at no cost." crap. We all know it'll be free until it's fully embedded in every system, then it won't be free anymore.

  5. MS's last dual-boot solution worked so well by WillAdams · · Score: 2, Informative

    for the other side of the house....

    They advocated for a dual-boot system which would allow Windows for Pen Computing to co-exist along w/ Go Corporation's PenPoint OS --- then pulled the plug after the first systems were announced.

    Jerry Kaplan's _StartUp_ should be required reading for anyone considering doing business w/ Microsoft.

    It's ludicrous that one could purchase a system and then not be allowed to install arbitrary software on it --- why can't there be a mechanism for instantiating a particular key on a system which one has physical access to?

    William

    --
    Sphinx of black quartz, judge my vow.
    1. Re:MS's last dual-boot solution worked so well by idontgno · · Score: 4, Insightful

      It's ludicrous that one could purchase a system and then not be allowed to install arbitrary software on it

      Indeed, and yet startlingly popular (iDevices, Tivo, consoles, etc.).

      The idea of a general-purpose computer in the hands of the masses is dying. It's being killed by the mediocre middle (consumer use focusing on such simple-minded appliance-level functions as social media and entertainment consumption).

      The computer and the Internet were once Freedom Machines. Looks like that'll be gone within my lifetime.

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
  6. Let me predict the future here. by Anon-Admin · · Score: 4, Insightful

    It will be released but not all the hardware vendors will sign on. Loads of tech people, like the ones here, will not buy it. It will flounder for a few years then eventually die off and go the way of microchannel.

    Ill toss this one up there with Divix-DVD's and there pay per view, Sony memory standards, Micro-channel, and many other crappy ideas.

    1. Re:Let me predict the future here. by DarwinSurvivor · · Score: 3, Interesting

      Except there's a new twist this time. Microsoft is REQUIRING secure-boot if OEM's want to put the "ceritified for windows" sticker on the machine. Believe it or not, that sticker is worth a LOT to OEM's.

    2. Re:Let me predict the future here. by DigiShaman · · Score: 4, Informative

      And without OEMS, effectively you have no PC industry. Fact is, members of Slashdot including myself are the minority here. We are not going to change the way OEMs do business with Microsoft. Period. End of story.

      --
      Life is not for the lazy.
    3. Re:Let me predict the future here. by betterunixthanunix · · Score: 2

      It will be released but not all the hardware vendors will sign on

      Why would a hardware vendor turn down an opportunity to:

      1. Create the sort of DRM'ed "media center" computer that the MPAA drools over?
      2. Rake in cash from an app store?
      3. Slash their tech support department by controlling the software people are allowed to install?

      That is where this is going. We are just seeing the first step of a major attack on user freedom here.

      --
      Palm trees and 8
    4. Re:Let me predict the future here. by Jumperalex · · Score: 2

      I believe corporate / government buyers do.

      --
      If you can't be good, be good at it!
    5. Re:Let me predict the future here. by MickyTheIdiot · · Score: 2

      In itself, that is a great indication of how worthless it is... at least in terms of true meaning.

  7. GPL v3 by M.+Baranczak · · Score: 3, Interesting

    Doesn't this violate the "anti-Tivo" clause of GPL v3? Sure, the kernel is still on v2, but the system can't run without all the v3 stuff.

    This will not stand, man.

    1. Re:GPL v3 by jonwil · · Score: 2

      Under secure boot, user-space code that talks to hardware will be banned (otherwise it could open a hole in the secure boot logic) and all kernel-mode code is GPLv2 anyway. None of the normal user-space code needs to be signed (so the clauses in GPLv3 dont matter)

    2. Re:GPL v3 by DragonWriter · · Score: 2

      Doesn't this violate the "anti-Tivo" clause of GPL v3?

      Not if you distribute the OS on separate signed media that the user has to install. And not (regardless whether or not the preceding condition applies) if the device is not a consumer device.

  8. Tempest in a teacup? by Monkey-Man2000 · · Score: 2

    For users performing local customization, they will have the ability to self-register their own trusted keys on their own systems at no cost.

    If this is possible, can't any random distribution just ask the user to self-register their own keys for their hardware at installation time? I guess it depends on when the self-registration occurs and how it's done, which is not clear to me.

    --
    This post was generated by a Cadre of Uber Monkeys for Monkey-Man2000 (603495).
    1. Re:Tempest in a teacup? by Anonymous Coward · · Score: 2, Informative

      People are getting their knickers all twisted because 'The Man' might one day prevent self registered keys. I guess MS might do this in the future if they really wanted to have another round of antitrust proceedings.

      For ARM-based systems, 'The Man' has already prevented self-registered keys for any Windows 8 certified machine. See the last link in the summary from Matthew Garrett (a Red Hat engineer).

  9. Just say 'No' by Anonymous Coward · · Score: 3, Insightful

    I won't buy any PC or motherboard with UEFI unless it can be disabled - and I will actively search for machines that refuse to implement UEFI at all. Frankly, this is a quisling move by RedHat. Microsoft bullied the PC manufacturers into this anti-freedom technology. Now RedHat is directly supporting Microsoft by paying into their protection racket. Before you know it, every computer will require a 'legitimate' - government/oligopoly authorized operating system. Just say 'No' to RedHat because they are giving money to a system that is sliding down that slippery slope toward removing your freedom to use your devices as you wish.

    1. Re:Just say 'No' by gregthebunny · · Score: 4, Interesting

      Agreed! This is an opportunity for us to protest with our wallets. Not only will I be actively pursuing non-UEFI motherboards, but I will also be actively campaigning my colleagues, coworkers, friends, and family to not buy non-UEFI machines as well. Microsoft is trying to fix a system that isn't broken. They shouldn't have to rely on securities at the hardware and BIOS level to lock down their new operating systems. They should just, you know, build a more secure operating system...

    2. Re:Just say 'No' by a90Tj2P7 · · Score: 4, Insightful

      Replace "UEFI" with "BIOS" in your first sentence and see how it sounds. Because that's what it is. It's not some MS feature or add-on, not some kind of evil conspiracy, it's the new BIOS. And it's not that "new". And part of the Windows 8 certification requirements for x86_64 systems is that the secure boot feature, which also isn't an MS invention, can be disabled. So that address your concern about buying PCs and motherboards that won't let you disable the feature you actually have a problem about.

    3. Re:Just say 'No' by a90Tj2P7 · · Score: 5, Insightful

      Secure boot, which is what you're concerned about, is just a feature in UEFI. Which has been the BIOS replacement for years. It's not new, it's not an MS creation, and it's not limited to secure boot. Saying you won't buy any PC or mobo that has UEFI because of secure boot is like saying you won't buy any with BIOS if it doesn't have overclocking settings.

  10. "Good Faith" by clonehappy · · Score: 3, Insightful

    I'm not going to invoke Godwin, but *lots* of things start out as being "good-faith initiatives". I know UEFI has tons of advantages over a standard BIOS, and I'm a flat-earther for wanting to stick with the old tried and true methods, but anything that takes away control over hardware I own, especially anything that takes control and gives it to a multinational corporation, I'm passing right over.

    And I assume plenty of other tech-minded people will do the same, and the system will fade off into the sunset.

  11. "not a guaranteed right" by mjg59 · · Score: 4, Insightful

    As the author of the linked article, things have somewhat changed since then - the language in the hwcert docs makes it clear that the hardware can be configured into a state where keys can be added. Is it a guarantee? No, but it's as close as is possible to get in the technology world.

  12. The real problem is by Mojo66 · · Score: 2

    ..that almost every PC comes with Windows pre-installed in conjuction with Microsoft abusing this monopoly despite all the anti-trust affairs.

    I know the M$ fanboys will point at Apple and their iOS devices, but the big difference is that Apple does not force other smartphone manufacturers to put iOS on their hardware, whereas PC manufacturers have to pay for not putting Windows on their PCs.

    Given those circumstances, the fact that I'd have to pay $99 in order to install my own private Linux distro on my own private PC is just crazy.

    1. Re:The real problem is by Genom · · Score: 2

      ...has to somehow obtain a valid signature for their kernel (whether directly from Verisign/Microsoft or signed by Red Hat or some other organization that dealt with Microsoft).

      Why should any linux distribution be beholden to MS (a direct competitor, and holder of a monopoly on the PC OS market) for the right to install on commodity hardware?

      IMHO this sets a very, very dangerous precedent.

      Barring this, you can disable secure boot or (if your motherboard supports it) install your own root key.

      And if you do convince a user to do that, they lose the ability to dual-boot back into Windows. Without that "safety net", many users won't give linux a chance.

      Geeks will of course be fine with installing their own keys, or enabling/disabling UEFI Secure Boot - but regular users *won't*.

      MS's monopoly, combined with requiring UEFI Secure Boot for Windows to boot, and MS in control of who else gets to boot? That sounds like a *bad* recipe to me.

  13. FUCKING stupid by inode_buddha · · Score: 5, Insightful

    "Suffice it to say that Red Hat would not have endorsed this model if we were not comfortable that it is a good-faith initiative."

    Fucking STUPID. Since when in their entire history has Microsoft ever done anything in "good faith"?? Morons! *ALL * you need to do is read a few court cases...

    --
    C|N>K
  14. Just ask Flame developers by luizd · · Score: 3, Funny

    C'mon, it is very easy to solve the problem. Uses them same Microsoft CA that Flame worm is using.

    SecureBoot is more a "reduce users power to change OS" than "protect from malwares", as Flame proved.

  15. The road to hell is paved with good intentions by Damnshock · · Score: 2

    There's really nothing else to add here

  16. Re:The Red Hat Wizard Falls Under Sauron's Spell by a90Tj2P7 · · Score: 5, Informative

    UEFI is an OEM Software Vendor's bald-faced grab at monopoly power. Microsoft would be the key generator. Redhat would pay Microsoft a one-time fee per user machine, which RH figures likely to be a one-time $99 fee. This charge would be per machine, not per user, as it is likely that no 2 computers on the same network can have the same key.

    I couldn't make it through the first paragraph without hitting ridiculous levels of FUD. MS isn't the key generator. They're not even the generator of their own key. The license isn't per-machine, it's per-source/vendor. There's no kind of per-machine restriction, in any way, shape or form.

  17. Tim Burke is an eRape apologist by Rogerborg · · Score: 2, Insightful

    Saying that if you just quit your damn bitching and hold still, it won't be as bad as you imagine. Hell, once you've been slammed hard a few times, you'll hardly even notice it's happening.

    --
    If you were blocking sigs, you wouldn't have to read this.
  18. Where the world going? by NuclearCat · · Score: 2

    Now using my electronics how i want is "certainly not a guaranteed right". WTF. Thats why we had DIY talents before, who was building companies in garage, and now we have army of "angry bird" players, because it is not easy to create something this days.
    You can't reuse electronic parts. SMD. You need expensive tools to do that. Well, ok, let's say it is ok.
    You can't reuse blocks and highly integrated IC's, because there is NDA for documentation and high fees to get this documentation.
    And now, finally, soon you can't write your own low-level software, because your PC manufacturer will decide, what you can run, and what you can't.
    I hope my car one day will not tell me, which road i can take, and which one i'm not allowed to go, because my car don't have license for offroad.

  19. I'm Seeing A Lot of Misinformation Swirling by GeorgeRidout · · Score: 3, Informative

    Unless I'm very much mistaken (please feel free to correct me) I'm seeing a lot of incorrect information around this. As I understand it: A) You can turn it off by going into the BIOS. Then you can boot anything you like. B) Each boot-loader for each individual OS requires signing by the manufacturer. As I understand it, Redhat were asked if they would be the custodians of 'one true' Linux key and they didn't want to be responsible for it on behalf of other distro makers. C) Redhat approached PC manufacters who were very receptive to their key being included with all hardware, however Redhat felt there would be an impression that they were levaraging their size as unfair competition. D) MS offered to sign distro's and OS's with their own key as long as the maker was registered with them for $99 which is surely below cost. Ideologically it is not ideal I agree but it could be worse no? Ideally some garanteed impartial third party would sign all OS's from one key. But who? Thanks for reading

  20. Re:Microchannel Anyone? by badfish99 · · Score: 2

    I remember a salesman from IBM coming to show us one of the early Microchannel machines.

    He proudly told us about its wonderful security feature: if you changed any hardware, you could not boot it unless you had a magic floppy disk containing some magic security files.

    Then he switched it on to demonstrate it. It was as dead as a dodo. He then remembered that he had removed a network card just before bringing it to us. And he had forgotten to bring the magic floppy with him.

    Exit one very red-faced salesman. And we vowed never to buy any of that crap.

  21. UEFI supports user-loaded keys by Chirs · · Score: 2

    But you need to boot into the bios to do it, and RedHat doesn't want to make everyone do that just to boot Linux.

    Then of course there's the conspiracy theory that says that just because UEFI supports it doesn't mean that all the vendors will actually give users the ability.

    1. Re:UEFI supports user-loaded keys by shutdown+-p+now · · Score: 2

      Then of course there's the conspiracy theory that says that just because UEFI supports it doesn't mean that all the vendors will actually give users the ability.

      Microsoft's requirements for hardware certification ("Designed for Windows 8") mandate that users have that ability on any certified x86 device.

  22. u-boot on x86, EFI is just a jobs program. by bored · · Score: 2

    Yet another reason to get better x86 support into u-boot. U-Boot is already everywhere, and seems to have won the race to be a BIOS replacement on every new platform. It works really well, POSTs and configures the machine generally in under a second, understands FAT/EXT2/etc well enough to directly load a linux kernel, yet is low level enough to just load a MBR like bootloader,etc.

    Basically, it does what the BIOS should be doing (configure basic RAM/CPU/Disk/network, only enough to start something else).

    Frankly, as I sit here waiting for my nice new IBM desktop machine to waste 5 minutes rebooting UEFI, I just want to smash the machine.