UEFI secure booting (part 2)

[mjg59]

Updated: Three things happened to defuse this situation:

1. Microsoft mandated that it be possible to disable Secure Boot on any Windows certified systems
2. Microsoft mandated that it be possible for the user to replace the original Secure Boot keys on any Windows certified systems
3. Microsoft were willing to sign alternative OS bootloaders with their signing keys

As a result, the worst case scenario did not come to pass and it's still possible for users to install Linux on their systems.

Original content follows:

Microsoft have responded to suggestions that Windows 8 may make it difficult to boot alternative operating systems. What's interesting is that at no point do they contradict anything I've said. As things stand, Windows 8 certified systems will make it either more difficult or impossible to install alternative operating systems. But let's have some more background.

We became aware of this issue in early August. Since then, we at Red Hat have been discussing the problem with other Linux vendors, hardware vendors and BIOS vendors. We've been making sure that we understood the ramifications of the policy in order to avoid saying anything that wasn't backed up by facts. These are the facts:

• Windows 8 certification requires that hardware ship with UEFI secure boot enabled.
  
• Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we've already been informed by hardware vendors that some hardware will not have this option.
  
• Windows 8 certification does not require that the system ship with any keys other than Microsoft's.
  
• A system that ships with UEFI secure boot enabled and only includes Microsoft's signing keys will only securely boot Microsoft operating systems.

Microsoft have a dominant position in the desktop operating system market. Despite Apple's huge comeback over the past decade, their worldwide share of the desktop market is below 5%. Linux is far below that. Microsoft own well over 90% of the market. Competition in that market is tough, and vendors will take every break they can get. That includes the Windows logo program, in which Microsoft give incentives to vendors to sell hardware that meets their certification requirements. Vendors who choose not to follow the certification requirements will be at a disadvantage in the marketplace. So while it's up to vendors to choose whether or not to follow the certification requirements, Microsoft's dominant position means that they'd be losing sales by doing so.

Why is this a problem? Because there's no central certification authority for UEFI signing keys. Microsoft can require that hardware vendors include their keys. Their competition can't. A system that ships with Microsoft's signing keys and no others will be unable to perform secure boot of any operating system other than Microsoft's. No other vendor has the same position of power over the hardware vendors. Red Hat is unable to ensure that every OEM carries their signing key. Nor is Canonical. Nor is Nvidia, or AMD or any other PC component manufacturer. Microsoft's influence here is greater than even Intel's.

What does this mean for the end user? Microsoft claim that the customer is in control of their PC. That's true, if by "customer" they mean "hardware manufacturer". The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality. The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware. The end user is no longer in control of their PC.

If Microsoft were serious about giving the end user control, they'd be mandating that systems ship without any keys installed. The user would then have the ability to make an informed and conscious decision to limit the flexibility of their system and install the keys. The user would be told what they'd be gaining and what they'd be giving up.

The final irony? If the user has no control over the installed keys, the user has no way to indicate that they don't trust Microsoft products. They can prevent their system booting malware. They can prevent their system booting Red Hat, Ubuntu, FreeBSD, OS X or any other operating system. But they can't prevent their system from running Windows 8.

Microsoft's rebuttal is entirely factually accurate. But it's also misleading. The truth is that Microsoft's move removes control from the end user and places it in the hands of Microsoft and the hardware vendors. The truth is that it makes it more difficult to run anything other than Windows. The truth is that UEFI secure boot is a valuable and worthwhile feature that Microsoft are misusing to gain tighter control over the market. And the truth is that Microsoft haven't even attempted to argue otherwise.

Comments

[benanov.livejournal.com]

"If Microsoft were serious about giving the end user control, they'd be mandating that systems ship without any keys installed. The user would then have the ability to make an informed and conscious decision to limit the flexibility of their system and install the keys. The user would be told what they'd be gaining and what they'd be giving up."

Sadly, this "inform the user" approach doesn't work 100% of the time. A lot of questions like this (say, on initial boot) are answered by someone who is not the user. Think "Best Buy Optimized."

I didn't think about the case of hardware swaps, and that's even more anti-consumer.

[pseudomonas]

Is there anywhere a lay summary of the issues that this throws up that I can send to MEPs etc?

I think your problem

[(Anonymous)]

is with UEFI. This is nothing to do with Windows 8. I am not sure what makes you go about whining on Windows 8 though. If user wants to install other OS they will get the keys from OEM or disable the secure boot. Doesn't Chrome OS comes with something like this?

How are they misusing?

[(Anonymous)]

Why do you subscribe to 80s boot loader. This could be better from the security stand point. To make it work with UEFI is your problem not theirs. I dont see this as being MS in control. I agree with you on OEM being in control. As the previous user indicated doesn't Google Chrome OS doesn't do something like this?

Another misuse of monopoly

[https://www.google.com/accounts/o8/id?id=AItOawkztmvh3F32KzM11EajT4PC9eXpIo0881A]

I think that in the EU Microsoft is on very thin ice considering how we've reacted to their misuse of monopoly in the past. This time however they're trying to hide behind that minor detail that Microsoft is "only" a board member of UEFI forum. I'd say they're shooting themselves in the leg with these kind of stunts. They're certainly not looking at the big picture. Instead of forcing others they should be doing something others really want to adopt (and not sue them over adopting it either).

You can't expect to be running a successful company if you're this fearful of competitors.

Microsoft is a Monopoly if This happens

[(Anonymous)]

Microsoft will have a monopoly IF this happens. However, I think that most companies wouldn't necessarily force UEFI secure booting. According to the Tested Podcast, there are already UEFI level 2 systems out there that can do this.

Most system vendors I know wouldn't lock you into....well anything. They'd rather make a sale then force you to use something you don't want.

I DO think having a central management authority over UEFI secure boot keys should be done or at the very least something like a multivendor alliance (like Open Handset Alliance but better...).

This has anti-trust implications

[(Anonymous)]

It would surprise me if the first motherboard manufacturer to sell a Windows-booting-only motherboard in the US to find itself, along with Microsoft, explaining in Federal Court just how this key signing scheme doesn't violate the Sherman Antitrust act or section 3 of the Clayton Act.

If I were a manufacturer I might think long and hard about having to make that argument, especially if my co-defendant was a convicted monopolist.

Planned obsolecence at its best

[https://www.google.com/accounts/o8/id?id=AItOawnICbHaV3lMV4mOH5Vwq2G6wJ-9Y8kg-ao]

Hm...
If Microsoft changes its UEFI keys on a future version of Windows, hardware that only stores the former version of Microsoft's keys on the bootloader will be stuck forever on an old version of the operating system.

What does this mean?

[(Anonymous)]

The article is not very clear.

Does it mean that there will be hardware that refuses to boot anything that is not signed by Microsoft? (due to "incentives" provided by Microsoft)

If so, I assume that would be a gross violation of Antitrust laws everywhere and Microsoft should be brought to court ASAP over it if it happens, and warned in advance of this beforehand.

If instead it just means that the BIOS/bootloader won't give you "warm fuzzy security feelings" when you boot something not signed by Microsoft, most likely nobody really cares.

How many...

[(Anonymous)]

...Linux users buy a pc from an OEM?
versus buying from a component retailer?

Do you think ASUS, MSI etc will ship their consumer boxed MB's with secure boot enabled? Not if they want to shift any they units won't.

Of course the MB's they supply to HP, DELL etc will have exactly what the OEM wants on it and nothing else.

So we have a situation where Microsoft are looking at the issue from their perspective (shock horror), their competitors are throwing FUD.

You need to be engaging the Todd Bradley's of the world to get a commitment to allow disabling of secure boot if the USER wants to. That way we all win. 90% of the market sees no change and the rest get to choose. Note nothing to do with the OS vendor is required. The FOSS community is making itself look pretty crazy atm sadly.

[(Anonymous)]

If microsoft pull this off this anti-competitive behaviour, it can only end up in one place: the courts.

User in control ?

[https://me.yahoo.com/ydroneaud#8e5a5]

BTW, what is going to happen when the secure boot failed to actually boot your system because some malware "corrupt" some part of the system ?

What will happen to your data ?

How can you recover your system in this case ?

Will Microsoft provide some signed removable bootable device to restore its operating system on your system ?

How anti-virus vendor will be able to provide tools to remove malware is such cases ?

[(Anonymous)]

Equally:

■Windows 8 certification does not require that UEFI secure boot can't be disabled

■Windows 8 startup does not require that the user be enables UEFI secure boot.

■Windows 8 certification does not prevent the system shipping with any keys other than Microsoft's.

■A system that ships with UEFI secure boot enabled and only includes Ubuntu's signing keys will only securely boot Ubuntu operating systems.

See the thing with this is that it is entirely down to what the OEMs decide to provide in their hardware implementation and that is fundamentally down to what purchasers want from their systems. Microsoft have no say other than it'll need a Microsoft key and secure boot support if they want to brand it as a Windows 8 PC, which makes sense.

It's not hard to see why, for example, a bank that runs Windows on it's corporate desktop might not want anyone booting from another OS that will be able to compromise system security and so will prefer systems that follow that approach. Equally systems sold to the general public will more likely have a flexible approach to how they're used.

It's about having the freedom to choose what functionality is in the PC you buy. Isn't that supposed to be a good thing?

[(Anonymous)]

> The final irony? If the user has no control over the installed keys,
> the user has no way to indicate that they don't trust Microsoft products.

Very much to the point. Trust depends on mutuality. It's put very well in this short video:
http://www.youtube.com/watch?v=UnXU7z2_6Jg (http://www.youtube.com/watch?v=UnXU7z2_6Jg)

antitrust anything, part N?

[(Anonymous)]

Seems like they don't mind another round of EU antitrust fines, even if they're highly "democrated" in the US...

[gerald_duck]

OK. First, a dumb question: what does secure boot buy you that can't achieve by locking the BIOS down to booting from the internal hard drive anyway? Why would I want secure boot? What am I missing here?

Secondly, I wholeheartedly agree with the comments that the EU isn't going to like the anti-compatitive nature of this if it happens in Europe.

Thirdly, I'm wondering what happens if someone buys a computer then goes down the path of not agreeing with the Windows licence conditions when it powers up. Historically, one's been able to install Linux at that point (then go hunting a refund for the cost of the OEM Windows licence, in an ideal world) but with secure boot, one might end up with a brick. The refund requests could get interesting.

Fourthly, I'm guessing there are ways to circumvent secure boot. It would be ironic if Microsoft's actions both gave circumventers an excuse under the DMCA in the USA and an incentive, à la Playstation and XBox.

Weak arguments

[(Anonymous)]

If the end user doesn't want Windows 8 running on his PC, then he shouldn't worry about key management and UEFI and such, he should just not buy a Windows 8 logo PC.

OEMs design computers and install operating systems according to customer demand. Not every PC is capable of running MacOS. Not every PC is capable of running Linux. If you want a Linux PC, buy a Linux PC. If you want a Mac, buy a Mac. Somehow it's expected that if you buy a Windows PC, that it must be capable of running every other operating system out there.

This is the age of appliance computing, brought to you by Apple. The age of tinkering has passed. There is nothing in Microsofts logo program that prevents OEMs from giving end users the options to disable Secure Boot, and nothing preventing them from engaging the Linux community to get some keys established.

I fail to see how this is Microsoft's problem to ensure that their business partners build products that support a competing product.

courts take a *l*o*n*g* time

[(Anonymous)]

Several people believe that the legal systems in USA and Europe will solve this problem by hauling Microsoft to court. There are problems with this:
1) Microsoft can point at the OEMs and say it was their fault for not providing the end-user with a way to add keys.
2) Even if the courts do direct this back at Microsoft - it could easily take five years before anything happens. At that point Microsoft gets slapped with a billion dollar fine and told not to do that again - but by that point the new nefarious Windows9 scheme is already underway.

Source based distro's?

[(Anonymous)]

Matthew, what does secure boot mean for source-based distributions like Gentoo? I understand that, if this scheme does not turn out to be gruesome, Red Hat, Canonical, etc. could get their keys to OEMs. What about the case where every user's kernel and bootloader is different? It seems the only option here is to allow users insert their own keys, which might be a real pain if one has to recompile these components very often.

Bug-free firmware?

[(Anonymous)]

Awesome that we will have bug-free firmware.
/sarcasm

In reality there will be bugs, naive implementations, etc. While (especially Windows pirates) will get through that (and stupidly continue dealing with it like there's no underlying problem), I don't want to have to fight to get my machine booting an OS I want (Gentoo here).

Are we even that much better off from getting away from BIOS anyway? Just because something is old, standardised (yet still not very much open source) does not mean it does not work. Give me the REAL benefits of UEFI vs BIOS that aren't aesthetic improvements. I hear standard API, good. I hear 'awesome graphics', don't care. Boot time improvement? Maybe interested, not really (as I rarely reboot, only Windows and Ubuntu/Debian machines do that constantly; even Apple rarely sends an update that requires a reboot).

This is written on a Mac (Lion upgraded). We can still choose any OS we want here (except can't go down a version from the one that came with the machine), EFI (and we can even install 'old-fashioned' BIOS based OS's too). I wonder if Apple will get involved, but considering Microsoft's track record with Apple I think not. Apple sells hardware after all. This is much more reflected in the price of Lion.
'We don't care if Apple succeeds in their endeavour or not.' <-- technical evangelist at MS, revealed during the anti-trust case, regarding Apple using certain MS technology (Win32 for Mac primarily) to 'improve' their apps in MacOS

Buy Macs and tell Apple why. Tell them you like choice. Apple loves marketing random things that make no real sense to the average consumer, but 'sound good'. In the end, this would be good.

Appealing to the wrong authority

[quux.myopenid.com]

Matthew, I don't dispute the facts you present. But you also present the opinion that "If Microsoft were serious about giving the end user control, they'd be mandating that systems ship without any keys installed."

There's a problem. MS are in-scope to define the hardware features necessary to their own software. They would be out of scope to mandate even one iota more than that. Imho, a healthy market does not want MS (or any other vendor) mandating the set of keys which must be installed, even if 'the mandated set of keys' == 'no keys'. Similarly, MS should not be choosing the UEFI featureset delivered. Why should such this power be ceded to Microsoft? Answer - it should not. MS should only say which features are necessary to get its own products running. OEMs can deliver those features if they want MS software to work, but beyond that, no OEM should be taking its marching orders from MS.

There needs to be some other authority which provides mandates for things within this higher scope. Right now that authority is "the market" - but apparently you have little confidence that the market will demand the sort of openness you want to see. So I suppose you should start lobbying governments. Don't lobby MS to flex its muscles for you, because that cedes future power to them, which you might not want them to have.

Requesting a article on UEFI Secure Booting

[(Anonymous)]

You have no direct evidence that Microsoft is going to require OEM or PC vendors to do anything concerning keys generated by Microsoft. I could make the same unfounded statement concerning Red Hat's preferred PC Server and Workstation vendors (HP, IBM, Dell, etc.) using keys issued by Red Hat to lock out their competition like CentOS, Scientific Linux, Slackware, OpenBSD, etc. Try keeping your article on point using the facts instead of speculating. If you find evidence of a vendor producing a PC or PC components that are only valid with keys generated by a OS vendor then call them out publicly so that informed consumers can avoid purchasing these items and help drive sales to other vendors that do not follow these practices. An intelligent article that describes the technical merits and criticisms of UEFI secure boot would be more valuable than an anti-Microsoft article.

Alert EU comission

[(Anonymous)]

Please please please,
the only way i can think to avoid this is to alert the responsible authorities at Europe about the problem, letting them now about all the information we have and maybe give a plan to try to protect us.

They are the only ones that have fought the microsoft monopoly with some results.

It is best to alert them as soon as we can. The lawyers out there and for example fsf should do something.

FUD

[(Anonymous)]

I cannot believe how paranoid some Linux users are.
RedHat spreads FUD, and everybody is ready to scream bloody murder.

"there's no central certification authority for UEFI signing keys"
How is this Microsoft's fault? Maybe companies like RedHat should have brought this up when spec was finalized.

Many spammers use rootkit infested machines to do their work, yet RedHat is upset that Microsoft is trying to combat this in future machines.
Linux companies should work with OEMs on a plan. Microsoft is working within an industry standard and is not doing anything illegal. Period. End of story.

So I guess CoreBoot is dead?

[(Anonymous)]

I thought I remember reading something about a bigger vendor will use it. Someday. Maybe.