Red Hat Will Pay Microsoft To Get Past UEFI Restrictions

Thibault NĂ©lis thib at stammed.net
Tue Jun 5 05:35:08 UTC 2012 

On 06/05/2012 04:47 AM, Kevin Fenzi wrote:
> On Mon, 04 Jun 2012 18:06:24 -0700
> JD<jd1008 at gmail.com>  wrote:
>
>> On 06/04/2012 05:03 PM, Sam Varshavchik wrote:
>>>
>>> This has been explained in this thread before.
>>>
>>> It is logically impossible to have a so-called "secure-boot" for
>>> both a free OS and a non-free OS on the same platform. Since, by
>>> definition, a free OS allows unrestricted access to the hardware, a
>>> free OS can then be trivially used to bypass any secure boot
>>> hardware restrictions for a non-free OS.
>
> I'm not following your logic there...

Because there's none.  Not sure I want to argue again, so let's just say 
Sam and I have different interpretations of the facts.  In mine, it is 
perfectly possible to have multiple keys in the same firmware at the 
same time, and perfectly possible to securely dual-boot systems.

For this to work, you can't have a universal key for free OSes (or any 
OS) as Sam rightly points out, which is why every OS must have a key of 
its own in every device (not realistic in practice) or obtain a 
signature from a "certificate authority", "trust broker", or 
"intermediary" (whatever you want to call it) whose sole job is to 
verify that every OS it signs is doing a good job at securing itself so 
that it won't be used to chainload the others.

To do such a job, you'd want an intermediary that you can trust, and 
that is unbiased, which is not the case with Microsoft (and which is the 
basis of this whole controversy), because whenever someone shows signs 
that it isn't willing to plug its known security holes, the intermediary 
should blacklist its key.  The reason is that the trust relationship is 
broken.  The effect is that its users won't be able to use secure boot 
with that key anymore, and will either have to find another intermediary 
that is willing to trust the OS developers, or let the users sign it 
themselves, provided they themselves trust the OS developers, which is 
hopefully the case for any OS.  If users don't trust their own OS, they 
will migrate and this OS will be doomed anyway (not talking about 
Windows and Mac users, who don't have alternatives like we have with our 
different distributions).

> No one has wanted to be this 'authority'. Perhaps someone will come out
> appear now given all the press.

Precisely.  I'd like to add something I haven't seen in explained 
clearly anywhere yet:  Microsoft really didn't have to provide 
signatures for $99.  If they hadn't, other operating systems would be 
*forced* to do the right thing and provide this service themselves or 
pay another organization to do it (if they want a zero-config secure 
boot out of the box, that is, anyone can still provide secure boot 
without all the hassle, but users would have to configure it).

Now we already argued about why they would do it, and I believe they 
have many reasons (control, a little income, being first in a potential 
new market).
-- 
t

More information about the users mailing list