Slashdot Mirror
Richard Stallman Speaks About UEFI
An anonymous reader writes "Despite weaknesses in the Linux-hostile 'secure boot' mechanism, both Fedora and Ubuntu decided to facilitate it, by essentially adopting two different approaches. Richard Stallman has finally spoken out on this subject. He notes that 'if the user doesn't control the keys, then it's a kind of shackle, and that would be true no matter what system it is.' He says, 'Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot.' Stallman adds that 'this is not a security feature. This is abuse of the users. I think it ought to be illegal.'"
All those Win8 machines people are going to kick to the curb, and places like RE-PC won't even be able to make sell them as "boot only" boxes ready for another OS because the boot is locked down at the hardware level.
The Hardware is crippled for the sake of Microsoft. Period.
Secure boot is Microsoft's attempt to maintain computer OS market share as their influences is being stripped away by the likes of Google (Android) and Apple (iOS). With HTML5 on the way, we will have WEB based applications that rival desktop versions, and run on ANY device. The OS is just a layer to get to where the real work gets done, information exchange.
AND the worst part is, secure boot doesn't actually fix the problem it pretends it solves. It can't. This is the whole DRM of DVD's and BluRay all over again. Look at how well that is working out.
DRM is broken by design.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
But I couldn't boot into my OS.
Richard's story, The Right To Read, has already sort of predicted this move.
Despite what people say about Restricted Boot, it opens up the world of computers to a whole new set of attacks... by megacorporations like Microsoft.
It's not that simple. Many users don't know what UEFI or Restricted Boot are. If they see a Certified for Windows 8 logo on a computer when they're buying it, they don't know that means extra restrictions for them.
Not everybody cares about computers, which is why Restricted Boot is so bad.
If Microsoft got what it demands, that ARM devices that runs Win 8 be permanently locked, then the only option that I have, as a consumer, is to NOT BUY THAT DEVICE
No point of supporting dictatorial regime, be it political dictatorial, or hardware dictatorial
Muchas Gracias, Señor Edward Snowden !
Manufacturers should be free to do whathever they want with the devices they create. If they want to lock them, fine. If they want to lock them because a carrier asks? fine, lock it for that carrier or ignore the carrier. It's still their choice
I also can understand hardware requirements for a licensed OS, such a certain button layout, screen resolution, etc. Those make sense and ensure it runs as intended. The same way, Microsoft can make their own devices and lock them and it's their choice.
But manufacturers being forced by to lock the devices by the mobile OS supplier? That's abuse!. It's Microsoft abusing their desktop PC monopoly power, patents, etc. against the OEMs. What is MS afraid of, people installing Android or Ubuntu on their newly acquired devices?
the only option that I have, as a consumer, is to NOT BUY THAT DEVICE
There is no way to run Windows RT applications if you do NOT BUY THAT DEVICE. What do you recommend for people whose job involves running a Windows RT-exclusive application? Or do you expect such applications not to exist?
No point of supporting dictatorial regime, be it political dictatorial, or hardware dictatorial
Tell that to anybody who has ever bought a video game console.
Let me explain ... me I just bought an wireless access point ... and I have no intention at all of using it
as an access point. I want a device with a set of excellent antenna's, great rx sensitivity and it has to
have monitor mode so I can capture raw 802.11 frames and I have to be able to make it send arbitrary
802.11 frames as well.
Yeah I found a great little device for doing just that ;-)
Thankfully this device is not locked down with a secure boot loader !!! I did have to open it up and access
the serial port on the board to load dd-wrt (an alternative linux distribution for wifi routers) but it was *easy*
and the chipset it has is a.) linux supported and b.) the chipset and the linux driver support monitoring
and injection.
IF SECURE BOOT COMES AROUND WE WONT BE ABLE TO DO THAT ANYMORE!!
If the router had had a secure boot scheme I would have had to first work hard on getting around that. JTAG. ... the ARM
Glitching, and in a few years from now even these techniques might not work anymore. In FACT
chips do have a jtag interface but now there's SECURE MONITOR MODE for jtag meaning you have to first
do a cryptographic challenge/response sequence before you get access to the chip via JTAG.
WTF!! I FUCKING OWN THIS BOX WHO THE FUCK ARE YOU TO KEEP ME FROM USING IT AS I SEE FIT, YOU SCUM!!
Anyhow here's the game plan that's been decided in the back room .... There will be secure boot on commodity hardware.
Vendors who are in the club will get their code signed easily. For a while small fries will also get their code signed for a
fee. The consumer will have the impression that there is still choice, Linux is not going to go away tomorrow, a signed and
authorized kernel will be available.
However, you will find that you're going to be locked out more and more out of your system. At some point you will not be sure
anymore what is running in the background and what backdoors are introduced into the system. You will have to trust a kernel
image that is given to you encrypted and that may contain all sorts of things.
It's the future they want. The ability to access/erase/modify your data, activate your microphones and video cameras, prevent you ... and they will detect that you tried and put you away.
from doing anything they don't want you to. Sure there will be exploits for a while and ways to regain access however limited or temporary
but as the game plan advances.. give it another 10-15 years at the rate tech is advancing and it will be VERY HARD TO IMPOSSIBLE for
YOU small fries to do anything about it. Maybe someone with millions of $$$ can hack their devices but you with a small salary will
not
Well that's their game plan .... Now YOU!!!! need to do something about it!!!
IT STARTS WITH SAYING NO TO ARM AND BROADCOM HARDWARE
IT STARTS WITH INFLUENCING BUYING AT WORK.
IT STARTS WITH GETTING RID OF THEIR STOCK
IT STARTS WITH CALLING THEM UP AND BUGGING THE SHIT OUT OF THEM
IT STARTS WITH EDUCATING EVERYBODY ELSE AROUND YOU.
Enough all caps. But yeah to drive the point home.
It starts with easy things and yes.. the way freedom is going away it may well end someday with a whole lot of violence, blood and tears ...
Enough. Think this one through. Do you want to spend the rest of your life with locked down ipads never sure if
they're watching you with it, too scared to type anything 'radical' into it, too locked down to do what you want
while the box has the 100x the power tech has to do but is using that to make your life hard and miserable???
Help me out here, I don't want this kind of future.
Any time I see a response to the tune of "... so and so is free to make a choice about such and such", I also think that there is no such thing as "free to choose" if one does not/can not/will not understand the finer details involved in that choice.
I can only freely choose to not buy this if I understand what does and does not work and how it can/will impact me. Most typical computer purchases are not made with this level of understanding.
-- Humans, because the hardware IS the software.
If Microsoft got what it demands, that ARM devices that runs Win 8 be permanently locked, then the only option that I have, as a consumer, is to NOT BUY THAT DEVICE
No point of supporting dictatorial regime, be it political dictatorial, or hardware dictatorial
The elephant in the discussion is the iPad, an ARM based device with a locked bootloade. No one wants to talk about making it illegal, only Windows RT tablets must be outlawed, Apple is free to do whatever they want. Say you bought an iPad on Slashdot, automatically get +5 for not choosing a PC with Windows. But guess what? Apple bans Firefox from the iPad while you can even install Linux on a PC.
This space for rent.
He may be dogmatic, but he's also right WAY more than he's wrong. All of open source owes him a lot.
the slippery slope argument is a logical fallacy
Logical fallacies work only in the case where all premises are known with certainty. Where premises are not knowable with such certainty, or where premises change over time with a change in culture, fallacies become heuristics.
> Windows tablets would be the cheap end of the market
There seems to be the idea that:
Apple desktop = expensive. Windows PC = cheap.
Therefore:
Apple tablet = expensive. Windows tablet = cheap.
There is no evidence for this, except contrary evidence that Windows XP and 7 Slates were more expensive than iPads by quite a margin. In fact the unwillingness of OEMs to build Windows 8/RT tablets leading to MS having to build their own Surface seems based on the fact that they (OEMs) could not build any that would be competitive pricewise with iPad given they would have to give MS $80.00.
MS may well have to subsidize Surface, they will _not_ be cheap.
With x86 tablets, they will be even more because the i5 is way more than an ARM SoC.
all the way to the death camps
You know, using a slippery slope argument is a shockingly bad way to convince someone that a slippery slope isn't a logical fallacy. Just saying.
-1 overrated isn't the same thing as "I disagree".
Given the density of NOR flash these days - and no, I'm not talking about SSDs - can't any vendor just throw the Linux kernel into the BIOS, and then have everything else - from x11 and up - on the HDD/SSD? That way, the booting experience will be smooth w/o needing to have GRUB or GRUB2, and beyond that, everything will be on the hard drive. Note that this assumes that only 1 OS is on the computer (which is the way I generally prefer it - I don't have any computer share OSs.
Socialism != Death Camps. That's Fascism or Dictatorships you're thinking of. There are many mildly socialist countries on the planet today, and none of them have death camps - not even mild ones.
-- Let us endeavor so to live that when we pass even the undertaker shall be sorry. -- M. Twain
Let me clarify what some people are saying about how Microsoft can't demand locked BIOS because of anti-trust laws.
They are wrong. MS can demand secure boot. As long as there is a way for other comercial companies to get into this scheme, they can't be accoused of monopolizing the market.
And why would they? Secure boot won't prevent Google from releasing another TV OS. Won't prevent Apple from selling more iPads, won't even prevent System 76 from selling Ubuntu. But your S76 laptop won't have the DRM hardware module to run Netflix and your PVR that does have it won't install another OS.
Freedom will be isolated to specific machines to be easily ignored while all useful applications will be restricted to a "safe zone". That is, safe from user's freedom.
But... the future refused to change.