06.29.12
With UEFI, Microsoft Assaults the General Public License (GPL) and Computing Freedom in General
Legal aspects of UEFI
Summary: Some GPL- and UEFI-related news
THE company which emanated from a Microsoft marketing exec to FUD the GPL (amongst other things) claims to have released a new thing, this time less on the propaganda side and more on the products side:
Black Duck Software announced new code analytics services to produce the new Black Duck Code Quality Audit (CQA) report.
Black Duck Software has announced the availability of expanded audit services with the addition of new code analytics that can help organizations acquiring new technology better track the code in their environments.
By tracking code they are able to issue reports with bias against GPL-type licences (they signed a deal with Microsoft before they started doing this). Meanwhile, Microsoft is putting the knife to the GPLv3-licensed GRUB 2, using its predatory UEFI plot [1, 2, 3, 4, 5, 6, 7]. Just as it arrives Canonical is left with little choice but to drop it (responses to UEFI varied from protest to abandonment of GRUB at Canonical and cowardly acts from Red Hat [1, 2, 3, 4]), due to Microsoft’s anti-competitive behaviour. The UEFI mess spreads further now:
Early support for UEFI SecureBoot is now available via qemu-kvm for messing with this troublesome technology in a virtualized world.
Before running for the hills thinking this is another attempt to thwart Linux by pushing UEFI SecureBoot into virtualized environments, this isn’t the case. This early SecureBoot support in qemu-kvm comes from the Linux kernel community. In fact it’s from James Bottomley, a well known kernel developer working in conjunction with the Linux Foundation.
The Linux Foundation Technical Advisory Board has been trying to get UEFI SecureBoot in qemu-kvm since real hardware relying upon this “secure” technology is still difficult to find until Windows 8 begins shipping. Bottomley built an Intel Tianocore boot system with the openSUSE Build System, discovered a gnu-efi bug, and made some other SecureBoot-related accomplishments for the benefit of Linux.
And that, with the demise of particular software, leads to the weakening of GPL along with freedom in computing. Microsoft knows what it’s doing here. Anything that harms copyleft licences is good for Microsoft.
As a side note, the above is part of a trend. Many journalists like to pick on Richard Stallman. Commonly enough they point to the fact that he does not browse the Web directly with a browser; Stallman sets an example and strives to be role model in some sense by drawing attention to the fact that the NSA et al. spy on Web surfers and he responds to this threat to human rights (he is, after all, an activist in this area) by one of the more reasonable actions, as not many options are left when sites do not support encrypted or anonymous routes in. Those who ignore this are either apathetic or pretend to not know this; the former is a case of ignorance and the latter is malicious — a strategy intended to daemonise Stallman and those who seek to highlight a real problem, maybe even address it or at least take it into account. Likewise, we have been seeing a daemonisation of the FSF, GNU. and the GPL, courtesy at times of Microsoft proxies. A lot of the time writers pretend not to understand “freedom” and use all sorts of straw man arguments. That could very well be seen when Stallman agreed to go on the Linux Action Show (we tried to ignore it so as not to give them attention because they are longtime FSF bashers). █
Content is available under CC-BY-SA
NotZed said,
June 29, 2012 at 7:45 pm
Go have a look at the membership of the linux foundation:
http://www.linuxfoundation.org/about/members
It’s a who’s who of multi-national, billion dollar companies. Like any union, the linux foundation exists to protect the interests of it’s membership. Big businesses love tivoisation, because it means they get to sell more disposable crap and ‘control the experience’ (i.e. force upgrades rather than let users do it themselves). This is what we have here, every computer sold has the potential to become a tivo-ised appliance, out of the countrol of the customer and in control of the vendor. What vendor wouldn’t jump at the chance?
And what does it matter if you get all the source to the kernel (even excluding all the binary modules which should never have been allowed in the first place) if you can’t modify it! Redhat or other commercial distributions don’t care: already you cannot modify and compile your own kernel without losing the support you supposedly paid for.
In short: don’t look to the linux foundation for any hope. Locked-down hardware and software is exactly what they want.
With the UEFI stuff we essentially have the age-old problem of the loss of the public commons to private interests; which is exactly what the GPL was designed to prevent. It even included the default language ‘and later versions’ because it could not foresee every future attack on it – but some short-sighted fools decided to remove that part against their own interests.
The only hope is that fsf-endorsed or at least linux-only hardware will become more common – e.g. the rhombus-tech efforts and less-common cpus. Economically it’s a no-brainer – with margins so thin every cent counts, let alone 10s of dollars of licensing costs per 10s of dollars manufacturing costs per unit – but the threat will then become the courts which are really just designed to protect the incumbents from competitors.