Microsoft Responds to Secure Boot Story, Doesn’t Address Issue

The story about how secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog – but didn’t take any of the worries away. In fact, Red Hat’s Matthew Garrett, who originally broke this story, has some more information – worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.

A short recap: if OEMs want to partake in the Windows 8 Logo Program (and they all want to), they will have to implement secure boot on all Windows 8 machines. Secure boot requires signing keys from either Microsoft or the OEMs themselves to be installed into the firmware – any binaries, drivers, or operating systems not signed by one of those signing keys will refuse to work on that machine.

Secure boot is part of UEFI, and in some cases, you will be able to go into UEFI and disable it. However, the fear is that OEMs will not include the option to disable it – there’s enough historical precedence to assume this will be the case. Just look at any of the gazzilion crippled BIOS implementations out there today.

Microsoft tried to address this lingering, but potentially very problematic issue in a blog post today, but sadly, none of our concerns were addressed. Microsoft does not intend to mandate OEMs include the option to turn secure boot off (surprising!), which means OEMs are free to omit this option from their firmware implementations.

And this is exactly what some of them intend to do, according to Red Hat’s Matthew Garrett in a response to Microsoft’s blog post. “Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we’ve already been informed by hardware vendors that some hardware will not have this option,” he notes on his own blog.

Garret explains that Microsoft still dominates the desktop/laptop market. As tough a reality check as it may be, Apple’s worldwide marketshare there is still below 5% (not that they care though – they have a far larger share of the profit) and Linux barely even registers as a rounding error. This means that Microsoft still wields considerable power in this market.

“Why is this a problem? Because there’s no central certification authority for UEFI signing keys,” Garrett explains, “Microsoft can require that hardware vendors include their keys. Their competition can’t. A system that ships with Microsoft’s signing keys and no others will be unable to perform secure boot of any operating system other than Microsoft’s. No other vendor has the same position of power over the hardware vendors. Red Hat is unable to ensure that every OEM carries their signing key. Nor is Canonical. Nor is Nvidia, or AMD or any other PC component manufacturer. Microsoft’s influence here is greater than even Intel’s.”

This could be disastrous for end users. They will lose considerable control over their own hardware if Microsoft gets its way. “The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality,” Garrett details, “The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware.”

This is going from merely potentially maybe kind of problematic into full-on dangerous. From what both Microsoft and Garrett have told so far, this seems like a perfect storm for Microsoft – they will essentially lock people into using Windows without actually doing any of the locking themselves; they’re basically relying on the utter incompetence of OEMs. And let’s face, three things in life are certain: death, taxes, and incompetent OEMs. This is so damn clever and diabolical I just can’t help having some admiration for it.

I’m not really sure what we can do at this point to prevent this from getting really bad. All I can think of is that clever hackers start work right away on cracking the living daylights out of secure boot – you know, just to be prepared.

187 Comments

  1. kragil 2011-09-23 10:38 pm EST
    • JoeBuck 2011-09-23 11:35 pm EST
  2. Tsuroerusu 2011-09-23 10:46 pm EST
    • kristoph 2011-09-24 5:28 pm EST
      • Soulbender 2011-09-24 11:17 pm EST
        • modmans2ndcoming 2011-09-25 9:42 pm EST
          • Alfman 2011-09-25 10:33 pm EST
          • Soulbender 2011-09-26 7:20 pm EST
          • modmans2ndcoming 2011-09-27 2:41 am EST
          • Alfman 2011-09-27 3:31 am EST
          • Soulbender 2011-09-28 7:46 pm EST
          • segedunum 2011-09-27 12:13 am EST
  3. zztaz 2011-09-23 11:03 pm EST
    • n4cer 2011-09-23 11:23 pm EST
    • Drumhellar 2011-09-24 1:02 am EST
      • zztaz 2011-09-24 1:36 am EST
    • Icaria 2011-09-24 6:40 am EST
      • Alfman 2011-09-24 7:04 am EST
    • segedunum 2011-09-27 12:14 am EST
  4. moondevil 2011-09-23 11:09 pm EST
    • f0dder 2011-09-23 11:32 pm EST
      • zztaz 2011-09-24 1:02 am EST
        • Dr.Mabuse 2011-09-24 5:48 am EST
        • f0dder 2011-09-24 5:53 am EST
          • moondevil 2011-09-24 10:48 am EST
        • viton 2011-09-26 4:50 pm EST
      • redshift 2011-09-24 5:52 pm EST
        • Neolander 2011-09-25 7:02 am EST
          • MysterMask 2011-09-27 6:24 am EST
          • Neolander 2011-09-27 4:09 pm EST
          • MysterMask 2011-09-28 8:26 am EST
          • Alfman 2011-09-28 9:27 am EST
          • MysterMask 2011-09-28 5:19 pm EST
          • Alfman 2011-09-28 8:06 pm EST
          • Neolander 2011-09-28 5:29 pm EST
      • lucac81 2011-09-24 6:31 pm EST
      • Bill Shooter of Bul 2011-09-24 7:38 pm EST
  5. der_FuX 2011-09-23 11:34 pm EST
    • pgeorgi 2011-09-24 8:17 am EST
    • Soulbender 2011-09-26 7:24 pm EST
  6. andih 2011-09-24 12:21 am EST
  7. ronaldst 2011-09-24 12:22 am EST
    • daedalus 2011-09-26 9:39 am EST
  8. Flatland_Spider 2011-09-24 12:51 am EST
    • Icaria 2011-09-24 6:49 am EST
      • Flatland_Spider 2011-09-26 5:11 pm EST
        • Icaria 2011-09-27 3:41 am EST
  9. sprag 2011-09-24 12:56 am EST
    • segedunum 2011-09-27 12:19 am EST
  10. Hieper 2011-09-24 1:30 am EST
    • satsujinka 2011-09-24 1:49 am EST
      • BluenoseJake 2011-09-24 12:36 pm EST
    • SonicMetalMan 2011-09-24 2:01 am EST
    • Dr.Mabuse 2011-09-24 5:46 am EST
      • Icaria 2011-09-24 6:54 am EST
        • Alfman 2011-09-24 7:22 am EST
          • Icaria 2011-09-24 8:27 am EST
          • Alfman 2011-09-24 9:13 am EST
        • Neolander 2011-09-24 2:48 pm EST
        • gilboa 2011-09-24 8:23 pm EST
          • Icaria 2011-09-25 5:17 am EST
          • gilboa 2011-09-25 7:59 am EST
          • Icaria 2011-09-25 9:04 am EST
          • gilboa 2011-09-26 6:41 am EST
          • Icaria 2011-09-26 8:04 am EST
          • gilboa 2011-09-26 10:25 am EST
        • Dr.Mabuse 2011-09-26 1:40 am EST
          • Icaria 2011-09-26 4:05 am EST
    • noamsml 2011-09-24 4:20 pm EST
      • Alfman 2011-09-24 4:30 pm EST
  11. Shadowmane 2011-09-24 2:04 am EST
    • BluenoseJake 2011-09-24 12:37 pm EST
    • Wafflez 2011-09-25 1:30 am EST
    • Delgarde 2011-09-25 11:24 pm EST
  12. Luminair 2011-09-24 2:46 am EST
    • WorknMan 2011-09-24 2:57 am EST
      • Alfman 2011-09-24 5:02 am EST
        • WorknMan 2011-09-24 5:56 pm EST
          • Luminair 2011-09-24 9:08 pm EST
        • trev 2011-09-26 5:46 pm EST
  13. anarchisttomato 2011-09-24 6:29 am EST
  14. MacTO 2011-09-24 6:54 am EST
    • BluenoseJake 2011-09-25 12:14 pm EST
  15. Lazarus 2011-09-24 7:23 am EST
  16. The123king 2011-09-24 8:26 am EST
  17. Paddlaren 2011-09-24 8:57 am EST
    • moondevil 2011-09-24 10:50 am EST
      • Paddlaren 2011-09-24 12:46 pm EST
        • delta0.delta0 2011-09-24 4:54 pm EST
  18. BluenoseJake 2011-09-24 12:40 pm EST
  19. shollomon 2011-09-24 3:19 pm EST
  20. TechGeek 2011-09-24 5:44 pm EST
    • n4cer 2011-09-25 5:27 pm EST
  21. adinas 2011-09-24 6:17 pm EST
  22. TechGeek 2011-09-24 6:23 pm EST
  23. lucas_maximus 2011-09-24 7:01 pm EST
    • Thom Holwerda 2011-09-24 7:25 pm EST
      • lucas_maximus 2011-09-24 8:48 pm EST
        • TechGeek 2011-09-24 9:25 pm EST
          • Thom Holwerda 2011-09-24 9:25 pm EST
          • lucas_maximus 2011-09-25 8:16 am EST
        • Alfman 2011-09-24 9:39 pm EST
          • lucas_maximus 2011-09-25 8:13 am EST
    • rklrkl 2011-09-24 7:34 pm EST
      • lucas_maximus 2011-09-24 8:49 pm EST
        • js3456 2011-09-24 10:21 pm EST
    • TechGeek 2011-09-24 7:38 pm EST
      • lucas_maximus 2011-09-24 8:57 pm EST
        • Thom Holwerda 2011-09-24 9:06 pm EST
          • lucas_maximus 2011-09-24 9:09 pm EST
          • Thom Holwerda 2011-09-24 9:13 pm EST
          • lucas_maximus 2011-09-24 9:20 pm EST
          • lucas_maximus 2011-09-24 9:45 pm EST
    • shotsman 2011-09-24 8:45 pm EST
      • lucas_maximus 2011-09-24 9:47 pm EST
        • Alfman 2011-09-24 10:02 pm EST
          • lucas_maximus 2011-09-24 10:37 pm EST
          • nonoitall 2011-09-24 11:30 pm EST
          • Alfman 2011-09-25 12:56 am EST
          • lucas_maximus 2011-09-25 8:11 am EST
          • Alfman 2011-09-25 10:23 am EST
          • lucas_maximus 2011-09-25 12:28 pm EST
          • Alfman 2011-09-25 1:26 pm EST
          • Alfman 2011-09-25 2:08 pm EST
  24. darknexus 2011-09-24 8:20 pm EST
    • vault 2011-09-25 1:10 am EST
      • tux68 2011-09-25 6:54 am EST
  25. js3456 2011-09-24 8:24 pm EST
  26. Luminair 2011-09-24 9:15 pm EST
  27. oiaohm 2011-09-25 2:08 am EST
    • nonoitall 2011-09-25 3:07 am EST
      • oiaohm 2011-09-25 4:07 am EST
        • nonoitall 2011-09-25 5:32 am EST
          • oiaohm 2011-09-25 7:15 am EST
          • Alfman 2011-09-25 9:46 am EST
          • nonoitall 2011-09-25 10:19 am EST
          • nonoitall 2011-09-25 10:17 am EST
          • oiaohm 2011-09-25 12:18 pm EST
          • Alfman 2011-09-25 12:53 pm EST
          • nonoitall 2011-09-25 11:45 pm EST
  28. justSomeGuy 2011-09-25 4:08 am EST
    • oiaohm 2011-09-25 4:31 am EST
  29. Brendan 2011-09-25 5:33 am EST
  30. jbauer 2011-09-25 9:24 am EST
  31. shotsman 2011-09-25 10:10 am EST
    • BluenoseJake 2011-09-25 12:18 pm EST
      • shotsman 2011-09-25 4:57 pm EST
        • BluenoseJake 2011-09-26 1:47 pm EST
  32. _xenu 2011-09-25 2:13 pm EST
  33. benayed 2011-09-25 2:17 pm EST
    • Alfman 2011-09-25 6:01 pm EST
      • matthewp131 2011-09-25 6:58 pm EST
      • lemur2 2011-09-25 11:51 pm EST
        • Alfman 2011-09-26 3:22 am EST
          • lemur2 2011-09-26 10:11 am EST
          • Alfman 2011-09-26 3:59 pm EST
          • Neolander 2011-09-26 4:59 pm EST
          • Alfman 2011-09-26 5:32 pm EST
          • Alfman 2011-09-26 5:38 pm EST
          • lemur2 2011-09-26 11:10 pm EST
  34. matthewp131 2011-09-25 6:57 pm EST
  35. seishino 2011-09-25 9:48 pm EST
    • Lazarus 2011-09-26 1:06 am EST
  36. TechGeek 2011-09-26 1:17 am EST
  37. Alfman 2011-09-26 3:42 am EST
    • Neolander 2011-09-26 5:35 am EST
      • nonoitall 2011-09-26 5:53 am EST
        • Neolander 2011-09-26 5:17 pm EST
          • Alfman 2011-09-26 6:27 pm EST
          • Neolander 2011-09-26 7:06 pm EST
      • Alfman 2011-09-26 5:08 pm EST
        • Neolander 2011-09-26 5:40 pm EST
          • Alfman 2011-09-26 7:11 pm EST
          • Neolander 2011-09-26 7:30 pm EST
          • Alfman 2011-09-26 10:03 pm EST
          • Neolander 2011-09-27 5:41 am EST
          • Alfman 2011-09-27 6:59 am EST
  38. ahinterl 2011-09-26 9:31 am EST
    • Johann Chua 2011-09-26 9:54 am EST
    • Alfman 2011-09-26 3:52 pm EST
  39. axilmar 2011-09-26 11:24 am EST
  40. chrish 2011-09-26 12:32 pm EST
    • TechGeek 2011-09-26 1:31 pm EST
      • MollyC 2011-09-26 10:16 pm EST
        • lemur2 2011-09-26 11:52 pm EST
    • Neolander 2011-09-26 4:53 pm EST
  41. lemur2 2011-09-28 9:51 am EST