Slashdot Mirror
FSF Criticises Ubuntu For Dropping Grub 2 For Secure Boot
sfcrazy writes "The Free Software Foundation (FSF) has published a whitepaper suggesting how free operating systems can deal with UEFI secure boot. In the whitepaper, the foundation has criticized the approach Canonical/Ubuntu has taken to deal with the problem. The paper reads: 'It is not too late to change. We urge Ubuntu and Canonical to reverse this decision, and we offer our help in working through any licensing concerns. We also hope that Ubuntu, like Fedora, will actively support users generating and using their own signing keys to run and share any versions of the software, and not require users to install a key from Canonical to get the full benefit of their operating system.'"
Grub is old tech. It needs to use the modern method. It ain't going away, deal.
a true geek would never use that watered down bullshit.
... for someone to hack the secure boot BIOS and provide an easy way for users to reflash theirs from Windows or whatever OS is preinstalled on the machine when bought new. No doubt this will prevent windows being reinstalled but unless you want a dual boot machine I doubt this matters much.
On a related note, how will this affect linux being booted from within windows (if anyone still uses that approach)?
'nuff said.
Sure does like to dictate what people use, kinda funny that way
Go ask Novell how well chasing that Microsoft interoperability trains works.
not as much, but still (for planning to use the MS key). It's a very bad position we (Free Software) are in with Restricted/Secure boot. I think it's time the Linux friendly vendors really get behind CoreBoot [http://www.coreboot.org/Welcome_to_coreboot] and let us be truly independent.
As it is setup right now:
Binaries can only be signed with one key. If you use Microsoft's key, you can't use your own.
Not all vendors may support letting users add their own keys. (and even if they do it certainly complicates a fresh install).
ARM will be completely locked down if vendors want MS to run on it.
If you use the Microsoft key, they can revoke your access (they likely need cause, but still)
Microsoft is being reprehensible as usual. Hardware vendors have always been cowed by them - now Ubuntu is following their lead.
I switched from SuSe to Ubuntu, now it looks like I'll switch to Fedora. At lease Linux, from the source, remains free of the the manipulations of the monopolists.
[Disclaimer: I’m always posting anonymously, since I consider the /. moderation system fundamentally broken.]
Grub 2 is vastly over-engineered, and even though it is more complex, it’s more limited. (Example: The whole multi-boot mess.)
For the sole purpose of making it "easier" on the Windows crowd that can't even be expected to edit a config file (or tie their shoes?). Which is a huge fallacy, since that's already way beyond the point of maximum efficiency, deep down in "so easy, it's less efficient” territory, where it's actually harder again if you have any ambitions or half a brain.
And it results in a vicious cycle of dumbing down the thing and users adapting to it by becoming dumber, until it ends up being something like Clippy, MS Bob, or the iPad in a Idiocracy...
Anyone who can handle a general-purpose computer, which I think anyone here can, has less hassle staying with Grub 1, and be done with it. (Or choosing something else, of course.) :)
There is no point in changing a running system that does everything that's needed. And we definitely don’t need a script generating really stupid config files for us, since we got the working brain, and so can handle writing text that follows rules ourselves.
Grub 2 is the same cancer that is killing Linux, that is Ubuntu Unity, Gnome 3, KDE 4, recent versions of Firefox, etc.
Ubuntu/Canonical has been the worst type of Karma whores since the beginning. They built a following by pimping the philosophy of freedom, only to abandon these ideals once the foundation was set. They have enouraged people to accept non-free video and wireless drivers, while companies like RedHat have tried to work with Vendors and educate folks about why this is a bad thing. Now with their app store with non-free projects; they've even undone this feat with kneeling towards Redmond (secureboot). I know not all Linux users care about freedom, but it is sad how even prominent linux users feel like they've accomplished something by getting their local school or whatever to use Ubuntu. People may complain about the free software philosophy all they want, but soon if Ubuntu continues, its going to be a much lesser degree of the early iterations of Windows with lots of propreitary-ness with bits and pieces of freedom (Windows started out using some BSD code). tl:dr Shuttleworth and Canonical are hypocrites and karmawhores.
This is the start of a sea change in who controls our computers. Yes, for now you can turn it off (oh, sorry, unless you're using an ARM system), but this is just the first step. They can't go the entire way all at once. They've tried before, and learned they have to go one step at a time. Each step doesn't seem so bad, until finally, all the cards fall into place.
Already most of our mobile devices no longer belong to us, unless you manage to defeat the device's security that is meant as security against YOU, the owner of the device. Bought anything with iOS, or about 95% of the Android devices? Or WP7? Sorry, someone else owns it even after you purchased it. That's the world that many powers like Microsoft and many governments desire for the whitebox PC. A locked down device that obeys other masters, only booting "trusted" OSs that let those masters have the final say over what your computer does. Because a world where a billion individuals had control over their own computers could not be allowed to persist. It threatens too many corporations and governments.
Of course, people will buy these increasingly locked down PCs just like they are falling all over themselves to buy tablets, so this world WILL come to pass. All we can do is figure out how to deal with it.
With all due respect, the FSF can go fuck themselves. GRUB2 is a terrible boot loader, much more complex and restrictive than it needs to be. Ubuntu is moving to a less-restrictive, hopefully most simplified, boot process. In other words, Canonical is going with the best tool for the job, the FSF wants them to toss out the right tool in favour of their horrible mess. Canonical is making the right choice for their users.
Have anyone read the FULL FSF papper before posting the same "WinxLinxMacOS" or the "DRM FLAME" on this topic?
Novell made a killing and and was an industry powerhouse for decades. Much of their wealth came from making the Microsoft environment easier to use.
Also many of Microsoft's biggest competitors started of by being compatible with Microsoft. Google providing Exchange protocol services, Office file format compatibility, same with Apple, OpenOffice, etc. And that hasn't worked out too bad for them.
My big concern is corporate computers. If your company is issuing you a computer, and they don't realize that some engineers want to run Linux, they may not let you install new keys or disable the secure boot. This is where it's a good idea to have one vendor using the Microsoft key, and other vendors using their own keys (and hopefully getting major PC sellers to include those keys). That way we at least have one solution that will work even on a locked-down system.
I think Red Hat's strategy is to be the Linux distribution that will work without having to mess with any secure boot issues, which is why they're going to use the Microsoft key.
We have always been at war with Eastasia.
I don't understand how Intel supports this. They have pumped a lot of money and support into Linux in the past. Why would they now produce products that freeze it out?
Is there any way to get editors who know enough English to at least filter out sentences like:
It's not like it would have been hard to change it to:
BLOCKQUOTE>The Free Software Foundation (FSF) has published a whitepaper recommending ways for free operating systems to deal with UEFI secure boot.
And yes, I know that being a grammar nazi is unfashionable. But illiteracy really does work to convince people you have nothing to say worth reading...
"I do not agree with what you say, but I will defend to the death your right to say it"
they may take away the capability to disable it entirely
They already are taking it away on ARM based systems. "On an ARM system, it is forbidden to enable Custom Mode. ... Disabling Secure MUST NOT be possible on ARM systems" (page 122 of Windows Hardware Certification Requirements)
Although it was obvious the FSF would take this position, as it should, isn't it strategically wise to have multiple solutions for users to load a (mostly) free software OS on hardware with UEFI? For similar reasons, I think it's good to have Android devices running ClockworkMod so that they may boot CyanogenMod/Replicant. I understand that we (free software advocates) should always be encouraging consumers to make smart choices and purchase devices that will run free software (and a complete free software stack, when that's possible).
However, free software would become an "oasis in a desert", rather than a large and thriving ecosystem, if binary blobs, non-free drivers, non-free BIOS's, firmware hacks, etc. weren't around. It would become increasingly difficult to bring in more users. Those who have developed free software implementations to replace proprietary ones originate from all over the free software spectrum, so the pool of developers would also shrink.
I think you always want both: the hardcores who will run free software and free software only, and those who will make compromises on devices until (if/when) stable free software is developed for those devices. The FSFE's advice on installing CyanogenMod seems like a sensible approach that takes this into consideration. Likewise, why not help someone install as much free software as possible on a device with a non-free BIOS/bootloader?
It seems to me that UEFI will die a quick death if we A) fight very vocally against it, B) convince powerful corporations and governments that it's bad for them, C) ignore it where/when we can, and D) help others to circumvent it when necessary. It doesn't seem much different than the DRM problem in that way.
I would be very happy with Canonical's UEFI strategy if the following from this past /. comment can be done:
- Canonical will get efilinux signed with microsoft keys. So GRUB2 has to be made bootable from efillinux (efilinux is rather primitive, it just loads a kernel from a set collection of blocks from the device and run it. It shouldn't be too much difficult to have efilinux load and execute a GRUB2's "stage 1.5" or "stage 2").
Thus efilinux is the part that needs to be signed with microsoft's key (and efilinux's license makes it possible. Although that also means that you won't be able to hack it).
...
- GRUB2 can load coreboot (an opensource firmware) payloads, so it could also load SeaBIOS (a legacy BIOS implementation as a coreboot payload).
- GRUB2 can also load windows XP's boot loader.
So if any of the above is possible (either chainloading efilinux to grub2, or signing grub2 in a gplv3 compatible way). That means that grub2 could be used to boot windows XP on secure-boot hardware. (with seabios providing the legacy bios compatibility, and windows XP's ntldfr being loaded from grub2).
That unfortunately-complex method of chaining together multiple bootloaders seems to allow for any OS, even legacy ones, to boot (or at least attempt to boot) on UEFI hardware. Such a door might be closed if Canonical decides it won't play ball with Microsoft, and that seems like a door worth having open. However, I welcome any rebuttals...I don't know nearly enough about the issue.
Although it was obvious the FSF would take this position, as it should, isn't it strategically wise to have multiple solutions for users to load a (mostly) free software OS on hardware with UEFI? For similar reasons, I think it's good to have Android devices running ClockworkMod so that they may boot CyanogenMod/Replicant. I understand that we (free software advocates) should always be encouraging consumers to make smart choices and purchase devices that will run free software (and a complete free software stack, when that's possible).
However, free software would become an "oasis in a desert", rather than a large and thriving ecosystem, if binary blobs, non-free drivers, non-free BIOS's, firmware hacks, etc. weren't around. It would become increasingly difficult to bring in more users. Those who have developed free software implementations to replace proprietary ones originate from all over the free software spectrum, so the pool of developers would also shrink.
I think you always want both: the hardcores who will run free software and free software only, and those who will make compromises on devices until (if/when) stable free software is developed for those devices. The FSFE's advice on installing CyanogenMod seems like a sensible approach that takes this into consideration. Likewise, why not help someone install as much free software as possible on a device with a non-free BIOS/bootloader?
It seems to me that UEFI will die a quick death if we A) fight very vocally against it, B) convince powerful corporations and governments that it's bad for them, C) ignore it where/when we can, and D) help others to circumvent it when necessary. It doesn't seem much different than the DRM problem in that way.
I would be very happy with Canonical's UEFI strategy if the following from this past /. comment can be done:
- Canonical will get efilinux signed with microsoft keys. So GRUB2 has to be made bootable from efillinux (efilinux is rather primitive, it just loads a kernel from a set collection of blocks from the device and run it. It shouldn't be too much difficult to have efilinux load and execute a GRUB2's "stage 1.5" or "stage 2"). Thus efilinux is the part that needs to be signed with microsoft's key (and efilinux's license makes it possible. Although that also means that you won't be able to hack it).
...
- GRUB2 can load coreboot (an opensource firmware) payloads, so it could also load SeaBIOS (a legacy BIOS implementation as a coreboot payload). - GRUB2 can also load windows XP's boot loader. So if any of the above is possible (either chainloading efilinux to grub2, or signing grub2 in a gplv3 compatible way). That means that grub2 could be used to boot windows XP on secure-boot hardware. (with seabios providing the legacy bios compatibility, and windows XP's ntldfr being loaded from grub2).
That unfortunately-complex method of chaining together multiple bootloaders seems to allow for any OS, even legacy ones, to boot (or at least attempt to boot) on UEFI hardware. Such a door might be closed if Canonical decides it won't play ball with Microsoft, and that seems like a door worth having open. However, I welcome any rebuttals...I don't know nearly enough about the issue.
Geeks like to think that they can ignore politics, you can leave politics alone, but politics won't leave you alone.-rms
Intel knows where they can make money from GNU/Linux: servers. That is not the target of this restricted boot system, and even if these restrictions come to servers, nobody will complain -- professional IT workers can put a $99 signing key purchase on their budget and continue to deploy whatever they want. Desktop GNU/Linux is not going to make Intel all that much money, and they know it -- Windows and Mac OS X are where all the desktop money is.
Intel and everyone else knows that restricted boot environments for personal computers (desktops and laptops) will be hugely profitable. Entertainment companies love it -- they can deploy a new kind of DRM that won't be defeated for years (see: PS3). Software companies love it, because they can stop people from applying cracks to evade DRM. ISPs love it because they can better lock-down their networks if they can control the computers that can be connected to those networks. The potential for money-making deals is HUGE, and Intel knows that when their chips are the center of these profitable systems, they make lots of money.
At the end of the day, Intel could not care less about hackers or computing freedom; they exist to make money, and there is no money to be made in allowing desktop and laptop users to have freedom.
Palm trees and 8
Grub2?!?
What happened to LILO?
is that game sales subsidize console sales.
then get ready for a case where a porn game get's locked out of the app store and they sue for there 1st amendment rights
That sounds kind of like a story I read once ... Is Mordor anywhere near Redmond?
Half-joking, but I wonder if contracting out a community-speced and community-funded motherboard would be possible. It might be worthwhile if for no other reason than to possibly catch MS leaning on contract manufacturers from even considering fabbing a motherboard outside of their control.
At least for this round, FSF is saying that Fedora is using Grub 2 and Ubuntu is not. Both will be able to do 'SecureBoot' without divulging private keys, even though the former is using a GPLv3 bootloader. In a hypothetical where someone ships Red Hat Enterprise Linux on a system, they say the onus is on the hardware/firmware vendor and *not* Red Hat to facilitate the load. For that reason, Canonical also would not be forced to release keys, just that Canonical preloaded systems must include a contingency for disabling or user loaded keys.
I could see a scenario where this could be weird:
-Vendor ships an ostensibly Windows-only tablet, without option to replace keys or disable signing in firmware (I know, MS currently doesn't allow, but this is hypothetical)
-Fedora can still be installed, the boot loader they ship is signed.
-User has no signing key that would permit them to load without the approval of MS, and whatever costs are associated with that.
I presume from the writing that this is considered outside the scope of the anti-tivoization clause of GPLv3, which I now understand to specifically apply to preloaded GPLv3 software, and the software provider has no obligation to divulge signing secrets they use to work on the hardware vendor product. If all of x86 ecosystem one day was entirely MS signed and never pre-loaded Linux, would that prevent end-user freedom (a sort of holistic tivoization of an entire platform)?
XML is like violence. If it doesn't solve the problem, use more.
You DO know that the first amendment doesn't apply to private organizations, right?
To ensure perfect aim, shoot first and call whatever you hit the target
I'm a linux fan, and I build a LOT of custom systems for people (and sell them for a living).
So pissing me off costs a manufacturer a few hundred sales a year.
SO lets multiply that by a few thousand "linux fans" who are also responsible for corporate purchases, hardware sales at local shops, etc.
It adds up.
Let's have a look at the numbers:
In terms of annual sales figures, ASUS emerged as the highest grossing motherboard vendor with 21.6 million units sales in calendar year 2010, followed by Gigabyte with 18 million units.
ASRock Third Largest Motherboard Vendor
ASRock sold eight million motherboards in 2011, compared with ECS and MSI who sold seven million apiece.
ASRock
It is a good bet, I think, that corporate buyers will be looking for a board that does support Secure Boot.
Not immediately. At first it was a bit of a challenge.
but by law you can hack a phone for any software and any network.
So that may just have to come to pc's as well.
but anti trust comes into view with signed code?
Who controls the singing?
Who controls the app store?
What about banning apps based on content (not code)?
What about free OS (you can't go MS only)
What about older software and older hardware?
Let's get practical - where's an Ask Slashdot when you need it?
I build my own Linux boxes. How do I opt out of this and use what I've always been using? I don't care about secure boot. I don't want it. Will Gigabyte or someone build a motherboard without it? In the future, will this be optional and I can just disable it, or will I have to work around it and get a key to install to use hardware?
In 2015, when I build a replacement for my Core i7 development machine, what do I do?
See, this is why the corporate overloads invented the term "Reasonable And Non-Discriminatory" (RAND). It is an antitrust violation if your competitors have no way to install their software; it is not a violation if you provide a "RAND" path to do so, like charging $100 for a signing key. Even more so when you can provide real justification for the system -- which in this case is "security from malware!" and in a few years "security from pirates!"
Palm trees and 8
No but it does apply to the government that also enforces the DMCA.
but when it's the only app store then the issue is not so doesn't apply.
It will be like small town cable and phone only offering some channels and finding away to lock out satellite tv and other cable system in that town.
$2000?? some server are desktop like at price as low as $300
http://www.tigerdirect.com/applications/Category/guidedSearch.asp?CatId=30&sel=Detail%3B112_727_9505_9505
http://www.tigerdirect.com/applications/Category/guidedSearch.asp?CatId=30&sel=Detail%3B112_727_8915_8915
intel will have to look out for AMD as they can say RUN Linux on a AMD system with NO $99 signing key needed.
Not in Canada. As of this week, if there is even the slightest trace of a digital lock that protects ANY copyrighted information your phone, it is not illegal to root it. EVEN if you have a full legal right to do access the data (or you plan to remove the data).
The Free Software Foundation should work harder with commercial GNU/Linux vendors to help fund free software development and create a market. That is what could ultimately fix these types of issues. The majority of people will pay for GNU/Linux hardware. While nobody should be forced to go through these steps on a Microsoft Windows certified machines it's time we stop thinking about GNU/Linux as something that replaces Microsoft Windows or works alongside it. It's an operating system with its own merit and if people are told they need XYZ hardware from XXXX.com they will get that hardware and create a market force that ultimately fixes the problem. Screw politics. Make the difference by boycotting HP, Dell, Toshiba, Lenovo, and the other big players who are already LOCKING out GNU/Linux from machines through digital restrictions on the incompatible wireless cards that are allowed to be installed.
Nobody else is making an effort to ship freedom friendly hardware. They have even declared war on "Trusted Computing Technology" and non-free binary blobs so not only do you get a machine that is compatible with GNU/Linux you get one that has generally excellent support across distributions AND there isn't any risk from a vendor discontinuing support for a particular chipset. We can't rely on companies whom continuously let us down and ship hardware that isn't really even GNU/Linux compatible and yet advertise "Linux" on the box. It's the one thing that drives me nuts about ZaReason, System76, and others. They don't care. They simply are out to make a buck. They might ship with a free OS if you ask them to- but they won't make a concerted effort to further free software / GNU/Linux support or provide a decent system that will work going forward. System76 doesn't even do anything other than advertise Microsoft Windows systems and then ship with Ubuntu (I did a little research and was disgusted how they operate).
Please proofread your posts.
"Those who consume the bulk of goods are those who make them. We must never forget this secret of our prosperity."
It's too late for AMD to push Coreboot for Windows 8. If they want to ship Windows systems with Coreboot, they will need to set it up such that Coreboot loads a UEFI foundation like Tiano and use that to boot Windows.
I have no idea whether such a combination would meet WinLogo requirements or not, however. I don't believe Coreboot currently supports the TPM, so AMD would likely have to add the code for it themselves. Coreboot's original target is compute clusters and datacenters where TPM support is not wanted or needed.
Whilst being as good as h264 as an improvement over MPEG2.
It will get cracked/leaked, whatever.
trust me, somewhere, someone will find a mole to get into some deep dark whole to spill the secrets/keys, like bluray.
even if it is the secret service from china to spite/destabalize the wests security.
if its got 500 million in sales a year, it will get hacked in 1 day, just for the glory to say, 'eat shit fuckers'
Liberty freedom are no1, not dicks in suits.
you can boot of the network too dude.
if they left floppy boot on, open the pc and plug in a floppy drive if you can.
if no one is watching, pull the hardrive out and access it from your laptop's sata->usb cable, replace the 'recovery partition' with a linux installer.
Then boot to recover windows, which will install linux.
Liberty freedom are no1, not dicks in suits.
dual boot? I just run ESXi, and have 5-20 vms running of my choosing.
Direct Metal booting is so yesterday, in the future with 1ns flash ram, computers will NEVER reboot, unless theres an ESXi update.
Your VMs can reboot if needed, but else can run forever, even if all power is off, the future ram will have instant on-resume-mode.
Liberty freedom are no1, not dicks in suits.
It's true that Coreboot is pretty rare at present, but that's set to change drastically, as AMD is using Coreboot for all its new platforms. They started the process this 1st of June past.
Remember to sign this important FSF petition:
https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/statement
The last I knew getting a key will cost $99 for UEFI secure boot. I absolutely refuse to buy anything related to this whole problem, so my first step will be to disable UEFI secure boot and not even worry about it. I will probably use the Fedora or Ubuntu supplied key if I install GNU/Linux on other PCs that might be dual booting for other people, but disabling this technology seems like the best way to me to avoid all of these problems. If users want to buy a key feel free, but why would you want to? I understand that FSF wants to totally eliminate proprietary software, but I don't know how they can in this case. It's unfortunate that this even happened. This is one more reason I refuse to use Microsoft software, just too invasive.
Well, 10 years ago, everyone figured the Browser wars had ended (Netscape a pile or rubble, Opera a piddling 0.01%, websites that were IE only) and MS got complacent and then out of nearly nowhere (for the average consumer) Firefox came out and has, over the past years, taken a HUGE bite out of MS. Now, this bite was not profit, as MS gave IE away for free technically, but it added costs to MS's business since they now had to do more support (including being more standards compliant) and had to justify those changes to businesses that latched onto IE 6's non-standard way of doing things. All-in-all, MS has LOST a lot of money do to this fiasco, and they can't give it up without giving up many other tie-ins that keep their overall architecture Locked-in (and thus very profitable overall).
So, looking at things long term is where MS is coming from, right now they are dominate in the OS Market (just like they were dominate in the Browser Market), but what about 10 years from now? Will people, all of a sudden say, "Hey, I run android on my phone, my TV, my tablet, so I want Android from my PC too?". Well, how many people bought an iPod, iPad, iTouch, iWhatever, and then moved and bought a iMac for their next computer? Even if the count is 10% this is NOT good for MS since, from what I can gather, Android phones/tablets are selling at a far larger rate and Google does have the ability to be the "supplier" for an Android OS that could run any application that runs on the Android phone/tablet.
However, if MS can make it difficult for people to change OS and/or make it so that only through OEMs can you get an OS then this is to their advantage as they can then "redefine" the pricing of Windows to be almost free (or even negative)*1 and thus keep the OEMs from wanting to try any other offering.
*1 = If MS sells Windows for $10 per copy to an OEM, and the OEM then bundles software packages (they get paid for the lite versions to be installed) then it may/should be possible for an OEM to sell a Windows PC below physical cost and still make a profit... MS Could sell a "basic" version and then using nickle-and-dimeing techniques get their money like Apple does by selling addons for additional costs. Technically, they already do this with their 5-7 different versions of Windows based on what functionality you need (there was a time, W2K, when everything was in one package....)
Now, is this a conspiracy, no, this is prudent business planning (long term) that more businesses should do; however, it just sucks for the 1% niche that want "more" for/from their computer....
Who cares what toreballs says.
People who like to see a "fuck you !" said on camera by the interviewee.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
The FSF: we don't like how Ubuntu uses UEFI instead of Grub 2. We think this is bad for these reasons . . .
They don't like Ubuntu's *switch from Grub2 to efilinux* (in the wake of UEFI).
It comes from a problem with licensing.
The GPL license are made to allow each and every end user of some GPLed code to get/study/modify/hack/replace said code.
So if your Linux installation use a GPLed bootloader to load, you should be able to patch your very own custom version of said bootloader (to add support for whatever shit you want).
The GPLv3 was written to avoid "tivoization", situation where the code providers litteraly play by the rules of GPLv2 (make the source-code available for download on the website), but in practice don't follow the spirit of GPL and prevent the replacement of some firmware, because the device only boots signed code, and without the signing keys, there's no way to create a replacement which will be accepted by the device. You can get and study the code (from the website), you can eventually play a little bit around (on your PC or with an emulator) but you can't really modify and replace the copy on the device.
Grub2 happens to use GPLv3 license.
Canonical (and Fedoras)'s interpretation of the license:
- out-of-the-box, a lot of windows machine are able only to boot code signed by microsoft, because that's the only key loaded into them and because they are in secure-boot mode by default.
- to get a linux bootloader able to boot straight on such a machine (without requiring the user to play around with the BIOS), we need to provide at least one boot-loader signed with microsoft's key.
- signing GPLv3 code means that we must provide some way for the end users to replace said bootloader (like publishing the keys or something similar).
- on the other hand, microsoft explicitely forbids publishing their keys, etc.
- so no way to use GPLv3 code while still letting users replace the signed module.
- let's move to some more liberally signed code: let's switch from grub2 to efilinux and get efilinux microsoft-approved.
- microsoft signs the code, efilinux is booted, and then can chain load to anything we want. (eventually chain to grub2 too, because efilinux is seriously lacking in the "networking and other boot alternatives" department.)
Note that this (including the "chain efilinux to grub2") works not only on x86 hardware (which is mandated by microsoft to include non-secure boot), but also on ARM hardware (the Windows RT license require the device to be in full locked mode, only).
So if you want to get Ubuntu running on a microsoft surface, this works too.
In addition to that, Canonical plans to offer its own signing infrastructure, in a much more open-source friendly way. They'll petition manufacturer to include Canonical's key next to microsoft's key into the keychain on the TPM chip. So such machines can boot not only Windows 8, but can also boot anything signed by Canonical.
FSF criticism:
- it's sad that canonical drops support for Grub2 after so many release supporting it. (It's a piece of code that the FSF likes~)
- there are alternative way to use Grub2 with secure boot which are GPLv3 compliant in FSF's mind:
- get a Grub2 bootloader stage1 (the "efi executable" part) signed by microsoft.
- have regular users boot using grub2
- using a nice userfirendly GUI application, offer the possibility to upload new additioinnal keys into the TPM's keychain: the end user's key, canonical's key, or the key of any other opensource friendly signing infrastructure...
- a user wishing to modifiy/hack/replace grub2 can now do it, simply using the new key to get the custom grub2 booted instead of the key from microsoft.
- in that way the ability of users to hack/replace isn't prevented, even if it requires playing a bit around with the keychain on the TPM chip.
Note that I'm really not sure if it could work on ARM hardware. Windows RT's license explicitely requires that the device must be locked, and I don't know if adding new key into the keychain is among the stuff authorized by them. (Maybe it's not possible to load canonical's key into Microsoft Surface's TPM keymanager).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Binaries can only be signed with one key. If you use Microsoft's key, you can't use your own.
Well technically, you could provide several different binaries each signed with a different key. At worst you can always put a different bootloader on each CD.
The problem is that currently, there is only one key that you are guaranteed to find on almost every single UEFI system out-there: Microsoft's.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Why CoreBoot?
Because CoreBoot is a firmware, designed to initialise your hardware.
It exists already now, it's supported on several mainboards, and has some big name backing (AMD decided to support them actively, and starting from their next hardware iteration, CoreBoot will be their main focus for a firmware to boot their platforms).
It's a piece of binary code that you can flash to your motherboard.
What's wrong with stuff like OpenFirmware ?
OpenFirmware is a standard regarding how to handle booting, option roms, etc. all this in a clean and cross-platform way. It's not an actual firmware.
Supporting openfirmware means that a hardware manufacturer has to write their own openfirmware implementation (although it's not that complicated, when compared to monstruosities like UEFI) or port one of the existing one (which most of them target non-x86 platforms. So not much to leverage beside the Forth virtual machine)
In fact, coreboot *can* use openfirmware as an optional payload. Meaning that you can put support for that standard on coreboot, and then plug some hardware using openfirmware (like a PCI card from a PowerPC Mac) and have its option rom interpreted on coreboot (well, technically, on the Forth virtual machine running in the openfirmware payload in coreboot) and get the hardware initialized by coreboot.
Coreboot supports also other payloads: It can use SeaBIOS to provide a legacy BIOS interface (to boot a DOS or an older Windows). It can use TianoCore to provide UEFI standard compliance. It can also straight chain to Grub2 and use that as a boot menu. Etc.
So coreboot is a piece of code that current hardware manufacturer can already grab, which is very likely to support the hardware with which they want to build a motherboard (specially if they use latest generation of chips from AMD), and gives a lot of choice as to what standard to expose.
The best part is that coreboot is opensource. So if you, the end user, aren't happy with your firmware, you can still roll your own. (So if you like openfirmware that much, and have bought a motherboard running already on coreboot (or at least supported by coreboot), just roll your own coreboot+openfirmware)
There's no reason to ask HW manufacturers to adopt some completely new firmware stack when there are already-working ones which are more than "open" enough.
Also BTW: I'm under the impression that CoreBoot+openfirmware is currently the only openfirmware available stack for x86 hardware. Am I right ? Or are there other implementation of this standard on x86?
The only real problem here is with this new Secure Boot add-on, but there is no reason to throw the baby out with the bathwater. OpenFirmware / EFI can replace BIOS just fine and not have any restrictions. They already exist and manufacturers already know how to use them.
The problem is that Windows 8 license for x86 requires that the firmware be UEFI compliant, and has SecureBoot enabled by default (but asks for the option to disable it, or add new keys to the TPM chip).
And Windows RT license is even worse: Windows RT can only be shipper on tablets and netbooks where UEFI *IS LOCKED* in Secureboot mode.
So from now on, you now that the market will be flooded with motherboard and device which run on a UEFI compliant firmware, with UEFI in Secureboot mode, and only Microsoft's key in the TPM chip.
If you buy such a board, but that the board supports coreboot (because, for example, it's an AMD board, and runs coreboot+tiano core to provide the UEFI compliance), can just say "fuck it" to the whole story and flash instead a BIOS with coreboot + something saner.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
You have heard of Citizens United, right?
Wow, can't believe I missed that one!
s/not illegal/illegal/ :(
I don't need or want an operating system with it's own fucking shell just to boot my operating system with it's own shell.
Grub2 is the emacs of the boot loader world. It does everything you could possibly want, provided you want to spend 12 hours customizing it.