Linked by Elv13 on Sun 17th Jun 2012 10:35 UTC
Hardware, Embedded Systems "The UEFI secure boot mechanism has been the source of a great deal of concern in the free software community, and for good reason: it could easily be a mechanism by which we lose control over our own systems. Recently, Red Hat's Matthew Garrett described how the Fedora distribution planned to handle secure boot in the Fedora 18 release. That posting has inspired a great deal of concern and criticism, though, arguably, about the wrong things."
Thread beginning with comment 522764
To view parent comment, click here.
To read all comments associated with this story, please click here.
Alfman
Member since:
2011-01-28

jefro,

I think your understanding of secure boot is flawed to be suggesting that linux users (and the alternative OS crowd at large) are crying about fixing the problem themselves. We're certainly not crying because we're lazy or incapable of implementing secure boot ourselves. If this is what you think, then your assumptions are invalid. To gain a better understanding of why secure boot is so controversial, for starters you should read Matthew Garrett's reports.

The problem for us is that even if we implement secure boot in our alternative/independent/non-commercial/etc operating systems, it will not run on off the shelf consumer hardware in secure boot mode because it's not signed by microsoft's key. Microsoft is going to be alone in having a "skeleton" key that can run on 100% of secure boot enabled consumer hardware.


You see, it's NOT a matter of us making our operating systems secure boot compliant, it's a matter of who controls the keys. Very few independent software developer has the power to get their keys in consumer devices that would otherwise support their code, not even Red Hat does. This is why they are seeking to boot as a subordinate to microsoft's bootloader & keys, because at least that way Fedora will boot everywhere windows can. However by doing so they've implicitly granted microsoft the technical ability and right to control our usage of Fedora Linux on our own machines, which is outrageous.

In principal, we believe the owners should control their own keys to their own hardware.

Secondly, there are plenty of security issues with the design of secure boot itself. As these new secure boot systems enter consumer homes, all windows users will be vulnerable to signed & hacked Fedora images, all Fedora users will be vulnerable to signed & hacked Windows images. Remember to add in everyone else who gets permission to branch off microsoft's bootloader. Secure boot with MS keys necessarily becomes a global failure mode where the weakest link dictates the security of the whole model. What do you think about that? From a security perspective, this is awful, and there's no good reason for it.

Of course they might resort to revoking/reissuing 3rd party keys of legitimate partners who've been compromised, but that'll cause it's own havoc. We're not protesting a secure boot feature in general so much as the current flawed and restricted implementation of it.

Reply Parent Score: 3