[Cialug] Restricted boot a very real possibility
Jeffrey Ollie
jeff at ocjtech.us
Tue Oct 18 14:32:07 CDT 2011
On Tue, Oct 18, 2011 at 1:38 PM, Adam Shannon <adam at ashannon.us> wrote:
> I was talking with a friend about this, and these were his remarks.
>
> This is the problem. It's up to OEMs to make sure that secure boot is
> toggle-able and if they choose not to, you can hardly blame MS.
> There's no reason any major *nix distro couldn't craft signed
> bootloaders and rootkit scanners and use those. In fact, I sincerely
> hope Ubuntu, Red Hat, SUSE, and every major distro standardize on a
> bootloader that can be cryptographically signed and can verify the
> boot path of a *nix install. I hope that Mac OS X adopts the same.
Major linux distros aren't the point. What about all of the different
BSD flavors? What about all of the RHEL knockoffs like CentOS and
Scientific Linux? Or the Ubuntu/Debian flavors like Mint? Or the
dozens of other flavors out there?
What about the girl in her basement that wants to learn kernel programming?
What about the kid that got a computer for Christmas and now wants to
install Linux on there?
I could go on and on.
> There's really no good reason at all for boot malware to continue to
> propagate on consumer devices when we have laid the foundations for us
> to stop it once and for all. I would even go so far as to say I think
> only enthusiast hardware should contain the toggle to turn it off.
Why should I pay extra for an "enthusiast" system? That sounds
expensive and elitist. You've just locked out a lot of people from
experimenting with their computer system. Just think about all of the
people you know in the open source community. I'll bet almost all of
them started out with a system that originally ran some other
operating system.
> The
> Linux foundation or another nonprofit entity should work with the OEMs
> to provide a secure boot path for open source operating systems that
> is a viable alternative.
No, it is not. One of they key principles of open source is that I
have all of the tools necessary to modify the software. Requiring a
cryptographic key to boot up an operating system defeats that
principle because Red Hat nor Canonical would be willing to share that
key with me...
> Yes, frankly all of those things are possible. But Microsoft is
> intelligently not making this decision. It's up to the individual
> OEMs. Microsoft is just saying: "If you want to sell Windows 8 as an
> OEM, you need to make sure you have a secure boot implementation, it
> is on by default, and it has the keys necessary to make *at least*
> Windows 8 work." But note what I didn't say, I didn't say that
> Microsoft went to the OEMs requiring that secure boot cannot be turned
> off. I didn't say that Microsoft said the only keys could be
> Microsoft's.
Yes, Microsoft is being very intelligent here. By requiring that
Windows 8 be bootable, but not requiring a toggle to turn secure boot
off they will effectively freeze out everyone else. OEMs are cheap
and they won't go to a lot of trouble to please the open source crowd.
Microsoft comes off sounding like the good guy here but in reality
they know that OEMs will try and get away with the minimum necessary
changes to keep running Windows, thereby shutting out non-Windows
operating system.
--
Jeff Ollie
More information about the Cialug
mailing list