Matthew Garrett ([personal profile] mjg59) wrote2011-09-23 07:57 am
Entry tags:

UEFI secure booting (part 2)

Updated: Three things happened to defuse this situation:
  1. Microsoft mandated that it be possible to disable Secure Boot on any Windows certified systems
  2. Microsoft mandated that it be possible for the user to replace the original Secure Boot keys on any Windows certified systems
  3. Microsoft were willing to sign alternative OS bootloaders with their signing keys

As a result, the worst case scenario did not come to pass and it's still possible for users to install Linux on their systems.

Original content follows:

Microsoft have responded to suggestions that Windows 8 may make it difficult to boot alternative operating systems. What's interesting is that at no point do they contradict anything I've said. As things stand, Windows 8 certified systems will make it either more difficult or impossible to install alternative operating systems. But let's have some more background.

We became aware of this issue in early August. Since then, we at Red Hat have been discussing the problem with other Linux vendors, hardware vendors and BIOS vendors. We've been making sure that we understood the ramifications of the policy in order to avoid saying anything that wasn't backed up by facts. These are the facts:

  • Windows 8 certification requires that hardware ship with UEFI secure boot enabled.
  • Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we've already been informed by hardware vendors that some hardware will not have this option.
  • Windows 8 certification does not require that the system ship with any keys other than Microsoft's.
  • A system that ships with UEFI secure boot enabled and only includes Microsoft's signing keys will only securely boot Microsoft operating systems.

Microsoft have a dominant position in the desktop operating system market. Despite Apple's huge comeback over the past decade, their worldwide share of the desktop market is below 5%. Linux is far below that. Microsoft own well over 90% of the market. Competition in that market is tough, and vendors will take every break they can get. That includes the Windows logo program, in which Microsoft give incentives to vendors to sell hardware that meets their certification requirements. Vendors who choose not to follow the certification requirements will be at a disadvantage in the marketplace. So while it's up to vendors to choose whether or not to follow the certification requirements, Microsoft's dominant position means that they'd be losing sales by doing so.

Why is this a problem? Because there's no central certification authority for UEFI signing keys. Microsoft can require that hardware vendors include their keys. Their competition can't. A system that ships with Microsoft's signing keys and no others will be unable to perform secure boot of any operating system other than Microsoft's. No other vendor has the same position of power over the hardware vendors. Red Hat is unable to ensure that every OEM carries their signing key. Nor is Canonical. Nor is Nvidia, or AMD or any other PC component manufacturer. Microsoft's influence here is greater than even Intel's.

What does this mean for the end user? Microsoft claim that the customer is in control of their PC. That's true, if by "customer" they mean "hardware manufacturer". The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality. The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware. The end user is no longer in control of their PC.

If Microsoft were serious about giving the end user control, they'd be mandating that systems ship without any keys installed. The user would then have the ability to make an informed and conscious decision to limit the flexibility of their system and install the keys. The user would be told what they'd be gaining and what they'd be giving up.

The final irony? If the user has no control over the installed keys, the user has no way to indicate that they don't trust Microsoft products. They can prevent their system booting malware. They can prevent their system booting Red Hat, Ubuntu, FreeBSD, OS X or any other operating system. But they can't prevent their system from running Windows 8.

Microsoft's rebuttal is entirely factually accurate. But it's also misleading. The truth is that Microsoft's move removes control from the end user and places it in the hands of Microsoft and the hardware vendors. The truth is that it makes it more difficult to run anything other than Windows. The truth is that UEFI secure boot is a valuable and worthwhile feature that Microsoft are misusing to gain tighter control over the market. And the truth is that Microsoft haven't even attempted to argue otherwise.

(Anonymous) 2011-09-23 02:50 pm (UTC)(link)
Equally:

■Windows 8 certification does not require that UEFI secure boot can't be disabled

■Windows 8 startup does not require that the user be enables UEFI secure boot.

■Windows 8 certification does not prevent the system shipping with any keys other than Microsoft's.

■A system that ships with UEFI secure boot enabled and only includes Ubuntu's signing keys will only securely boot Ubuntu operating systems.

See the thing with this is that it is entirely down to what the OEMs decide to provide in their hardware implementation and that is fundamentally down to what purchasers want from their systems. Microsoft have no say other than it'll need a Microsoft key and secure boot support if they want to brand it as a Windows 8 PC, which makes sense.

It's not hard to see why, for example, a bank that runs Windows on it's corporate desktop might not want anyone booting from another OS that will be able to compromise system security and so will prefer systems that follow that approach. Equally systems sold to the general public will more likely have a flexible approach to how they're used.

It's about having the freedom to choose what functionality is in the PC you buy. Isn't that supposed to be a good thing?

(Anonymous) 2011-09-23 10:51 pm (UTC)(link)
The reason they have a dominant position in the first place is not because of signing keys, it's because there is no real alternative. Ask Red Hat, they completely abandoned the desktop market years ago.

Why not?

(Anonymous) 2011-09-28 02:10 pm (UTC)(link)
Is Microsoft going to dictate that you cannot turn off secure boot or alternatively you won't have the ability to install UEFI keys? There is no evidence for that and a lot of reason to believe that it won't happen. And if they try what will you get? Lots of hacked UEFI implementations.

I can see some organizations insisting on secure boot as policy. However the same organizations are very likely to insist on the ability to install keys as otherwise they cannot upgrade to a security fix for the OS kernel, MS or otherwise. I don't see where Microsoft will be able to force OEMs to omit these features because their large customers including governments are going to write these features as requirements in their purchase contracts.

Methinks this is a tempest in a teapot.

(Anonymous) 2011-09-23 06:32 pm (UTC)(link)
This is the standard Microsoft response. Saying that "freedom" is the freedom to be lead up the garden path, and that they're really not doing anything to cause trouble for other vendors - its the customer's demand that is causing this.

Whereas the truth is that Microsoft does everything they possibly can to stack the market in favour of it becoming a Microsoft-only space, from their massive discounts for OEMs who only sell Windows to the Windows logo programme here. They know full well that hardware manufacturers will do the bare minimum to get their hardware working just about well enough to pass muster with Microsoft, be that "it'll boot Windows" or "it'll get the Windows8 logo". And they are making that path of least resistance a path that locks up the platform.

Well said, but...

(Anonymous) 2011-09-25 11:09 am (UTC)(link)
This entirely depends on OEMs.
Ideally, the manual BIOS configuration screen would make it possible to disable secure boot or add/remove signing keys or whitelist image checksums. At worst, the end user would have to type a key with a PS/2 keyboard.

But, OEM tend to provide the absolute minimum to boot Windows. Matthew said that he knows that at least some OEM will not provide the option to disable secure boot and will only accept the Microsoft key.
I expect anti-trust laws to attack these OEMs, unless Microsoft used bribery to make OEM boot only Microsoft OSes, in that case, Microsoft is culprit.

(Anonymous) 2011-09-26 05:07 pm (UTC)(link)
Yeah, Matthew conveniently leaves those out. I guess they didn't fit his meme.