IT HAS not been a good week for software freedom. Canonical gave Microsoft more control over GNU/Linux and rather than file a formal complaint (e.g. antitrust) about Microsoft's trap Red Hat decided to dive right into it.
In November 2006, when Novell signed a patent licensing deal with Microsoft, the free and open source software community, for the most part, was predictably appalled.
But recently when Red Hat announced that it had signed a deal with Microsoft to ensure that Linux could be installed on PCs that were Windows 8-capable - in other words, those that supported secure boot - there was very little outcry. Red Hat is now trying to justify this act.
In Novell's case, it was a last-ditch - albeit foolish - attempt to try and revive its business. After a series of unwise decisions that saw it lose its number-one position in the networking business (and yes, Microsoft, took it for a ride during those days), Novell had come to the point where it was willing to try anything. SUSE Linux was looked upon as some kind of saviour after Novell bought the company in 2003 but battles between suits and geeks ensured that neither party's tactics were implemented.
Hence Novell got into bed with Microsoft. One of Novell's best and brightest, Jeremy Allison, found the atmosphere suffocating and left the company in disgust, ending up later at Google.
But after Red Hat announced its Judas Iscariot act recently, the scenario is very different. Hell, we even have the announcement of the deal being made by the wispy-thin Matthew Garrett, once a renowned flame-master on mailing lists, but now one of the best and brightest at Red Hat, one who pledges allegiance to peace, civility, diversity, and probably the Dalai Lama too.
Tim Burke of Red Hat wrote a masterful apologetic for Microsoft's strong-arming and takeover of the most basic operation of a computer-- starting it up. Executive summary: We are in this 100% with our good friends in Redmond.
Allow me to hit the high points:
"One security threat that has been getting a lot of interest lately is the ability to ensure the integrity of the early boot sequence"
Only because the richest software company on the planet is utterly incompetent, and incapable of building a secure operating system. So instead they bully the rest of the world into trying to mitigate the security disaster that is Microsoft Windows.
"The mechanism used to confirm the integrity of operating system software...uses traditional key signing and variations of checksumming... Performing the checks early is crucial as it provides a safe, verified starting point."
ORLY? Key signing is the answer, eh? Oopsie, no it isn't, as the Flame malware proves. Flame spoofs Microsoft's own Certificate Authority, takes over Windows Update, and fools Windows computers into thinking they're installing genuine proven-trusted signed Microsoft code. See:
Microsoft Security Advisory (2718704) Unauthorized Digital Certificates Could Allow Spoofing
Flame malware mimics a Windows update
Flame Malware Hijacks Windows Update Mechanism
Those wacky malwares, don't they read Microsoft press releases on how Microsoft realio trulio this time for real has made Windows like all secure?
The other complaint about UEFI Secure Boot is that it doesn't add any security. There's two aspects to this - people either think it'll be quickly broken, or people think that the public availability of signing services will render it useless.
Comments
finalzone
2012-06-09 18:45:06
Dr. Roy Schestowitz
2012-06-10 10:30:12
finalzone
2012-06-10 16:06:21
https://www.redhat.com/apps/store/desktop/
Otherwise, why investing on applications like NetworkManager and Gnome 3 those have nothing to do with server?
Dr. Roy Schestowitz
2012-06-10 16:14:19
finalzone
2012-06-10 22:56:40
twitter
2012-06-10 19:15:28