EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.17.12

TechBytes Episode 69: Richard Stallman on Restricted Boot (UEFI), Coreboot, GRUB, and Boot Freedom

Posted in TechBytes at 8:22 am by Dr. Roy Schestowitz

Techbytes 2012

Direct download as Ogg (0:13:28, 5.5 MB)

Summary: The first part of our interview with Richard Stallman covers Restricted Boot and related issues

I first interviewed Richard Stallman about 5 years ago. Yesterday I spoke to him about the subject of much debate in the Free software world right now. Here is a transcript of our conversation.

Dr. Roy Schestowitz: I want to know how big a threat you think the so-called “secure” boot is considered to be to the Free software movement.

Richard StallmanDr. Richard Stallman: It’s a disaster. Well, except that it’s not secure boot that’s a disaster, it’s restricted boot. Those are not the same. When it’s front of the control of the user, secure boot is a security feature. It allows the user to control what programs can run on a machine and thus prevent — you might say — unexpected malware from running. We have to distinguish the unexpected malware such as viruses from the expected malware such as Windows or Mac OS or Flash Player and so on, which are also malware; they have features that hurt the user but users know what they are installing. In any case, what secure boot does is that it causes the machine to only work with (?) programs that are signed with a certain key, your keys. And as long as the user controls which keys they are, then it’s a security feature. However, it can be chained into a set of digital handcuffs when the user doesn’t control the keys. And this [is] happening.

“We have to distinguish the unexpected malware such as viruses from the expected malware such as Windows or Mac OS…”Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot. Now, this is not a security feature. This is abuse of the users. I think it ought to be illegal.

It’s a matter of control by the vendor of course, not control by the user himself

Exactly, and that’s why it’s wrong. That’s why non-free software is wrong. The users deserve to have control of their computers/

I think that not only Windows is going to be an issue in fact, if you consider the fact that even a modified kernel is going to be in a position where it’s perhaps not seen as verified for execution. Right, I’m saying, it might not only be a malicious feature in case of something like Windows running on it, it’s also for — let’s say — a user of the offered operating system but it’s free if the user wants to modify the operating system, for example…

The thing is, if the user doesn’t control the keys, then it’s a kind of shackle, and that would be true no matter what system it is. After all, why is GNU/Linux better than Windows? Not just ’cause it has a different name. The reason it’s better is because it’s freedom-respecting Free software that the users control. But if the machine has restricted boot and the users can’t control the system, then it would be just as bad as Windows. So, if the machine will only run a particular version of GNU/Linux, that is a restriction feature. And I haven’t heard anyone doing that yet with GNU/Linux, but that’s what Red Hat and Ubuntu are proposing to do things — somewhat like that — for future PCs that are shipped for Windows. But it’s not exactly that. And my reason is, the users will be able to change the keys. They will be able to boot their own modified version of the system of Fedora or Ubuntu if they want. So, what Fedora and Ubuntu were proposing doesn’t go all the way there. They’re proposing to do things to make it more convenient for users to install the standard version of those systems. But if things go as it has been announced, users will still be able to change the keys and boot their own versions. So, if all the restricted boot — but it will be something that goes sort of half-way there — it’s somewhat distasteful.

“The thing is, if the user doesn’t control the keys, then it’s a kind of shackle, and that would be true no matter what system it is.”On the other hand, with Android, which is another mostly Free operating system which contains Linux but doesn’t contain GNU, it’s quite common for the product to have something equivalent to restricted boot, and people have to struggle to figure out how they can install a modified and more free version of Android. So, the presence of the kernel Linux in a system doesn’t guarantee it’s going to be better. And I’ve heard someone say — oh, it hasn’t been checked — that a particular or kind of Android device is actually using an Intel chip with restricted boot.

One of the concerns that I think is worth raising is the fact that, as far as I know, with many of the embedded devices, especially those based on ARM, I believe it’s not even possible to get into boot menu to disable so-called “secure”…

That’s where Microsoft is really going all out, because Microsoft has ordered essentially — demanded — that those shipping ARM devices for Windows 8 make it restricted boot with no way to get around it.

Yeah, which also means of course waste of… all sorts of impacts on the environment. Any time that hardware become obsolete with the operating system itself is not being used of course…

“So it’s a very damaging thing that Microsoft is doing and so we need to look for every possible way to stop them or tweak what they’re doing.”Well, it’s worse than that. It means basically that those devices, you have to throw them out if you want to escape to the free world. And this — in the past — we were able to install, to liberate a computer by installing Free software on it instead of its user-restricting operation system, and this of course was tremendously helpful to the spread of GNU/Linux because it meant that users could move to freedom. It would be much harder if they had to buy another computer to do so. So it’s a very damaging thing that Microsoft is doing and so we need to look for every possible way to stop them or tweak what they’re doing.

Well, I wanted to ask you, one of our readers — his name is Will — is asking me if you have seen any new good hardware that can take coreboot.

I’m sorry, what?

One of my readers — a guy called Will — he has asked me if you have seen any new good hardware that can take coreboot.

“So, what we really need to do is make coreboot libre, just as we make Linux libre (which doesn’t have the blobs)…”I don’t know. Basically, I don’t keep track of hardware models. I only remember their names anymore, except for the one I use, which is, the Lemote Yeelong and it doesn’t run coreboot but it will run timar [?] in GRUB, it has a Free BIOS. When it comes it has a Free BIOS, which is why I chose it. But in terms of running coreboot, well, the machine which you run coreboot on are Intel-type machines. Now, there are a couple of… there is a problem, and that is, a lot of the Intel — and also AMD — CPUs require a microcode blob, and coreboot has these microcode blobs, which is the same kind of problem as firmware blobs in Linux. So, what we really need to do is make coreboot libre, just as we make Linux libre (which doesn’t have the blobs), keep (?) the coreboot libre (which doesn’t have the blobs) and then we need to see which processors actually run adequately without any microcode blob. And we’re looking for somebody who wants to lead this project ’cause it takes work. Now, leading this project doesn’t mean that you personally get all these kinds of hardware; oh, no, it would be asking the whole community to test things, but somebody has got to ask the community to do it, spread the word, receive the responses, put them together, and publish the list. Would (?) he like to do that? If he is really interested in having the answer to this question, maybe he’d like to help get the answer, and that would help the whole community.


More from Stallman is to be published in coming days.

We hope you will join us for future shows and consider subscribing to the show via the RSS feed. You can also visit our archives for past shows. If you have an Identi.ca account, consider subscribing to TechBytes in order to keep up to date.

As embedded (HTML5):

Keywords: UEFI Coreboot GRUB GNU FSF

Download:

Ogg Theora

Past shows in this series:

Show overview Show title
Episode 66: Tim and Roy TechBytes Episode 66: First of the Second Series
Episode 67: Tim and Roy TechBytes Episode 67: Nokia Down, Android Up
Episode 68: Roy TechBytes Episode 68: Solo With Patents, Apple Bans, and Android World Domination
Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. The EPO Seems to Have Corrupted ILO/ILO-AT Like It Corrupted the Media and Academia (Using 'Toxic' EPO Budget)

    People are starting to notice and point out compositional flaws and potentially very serious conflicts of interest inside ILO, which is supposed to ensure justice for EPO workers and is instead stonewalling the vast majority of them (just like Battistelli's kangaroo courts inside the EPO)



  2. Benoît Battistelli's 'Dowry' From the Administrative Council of the EPO

    The dreadful state of the EPO, where one man controls everything and mismanages money (sending a huge amount of money to his other employer, giving himself a massive bonus or a "golden parachute", allegedly paying for national delegates' votes and gambling with EPO budget), won't be improved until the entire organisation removes "Team Battistelli" (the manifestation of Battistelli's 8-year rogue regime)



  3. Patent Extremism -- Like All Extremes -- Leads to Bad Outcomes

    Religiously believing in the value of all granted patents is a form of extremism which actively puts many lives at risk; the sooner this is realised, the better off society will be



  4. Even After SAS Institute, Inc. v Iancu (Decision on PTAB) There's No Stopping the Crackdown on Bogus US Patents

    Technology firms take advantage of PTAB, eliminating patents that should never have been issued by the US patent office in the first place; that makes it incredibly difficult for patent maximalists (led by Iancu) to phase PTAB out, more so after Oil States Energy Group v Greene’s Energy



  5. Can Alice/35 U.S.C. § 101 Stop Microsoft-Connected Patent Trolls in the US?

    The latest lawsuits and inter partes reviews (IPRs) which deal with Microsoft-connected trolls and other potentially-suspicious activities



  6. TC Heartland is Still Deterring and Suppressing Patent Trolls in the United States

    Eastern Texas is being 'evacuated' in the wake of TC Heartland, which continues to be brought up by legal defense teams



  7. The ILO Tribunal: Is It Still Worthy of Our Trust?

    Trusting ILO-AT has become a lot harder in light of its handling of EPO scandals



  8. The Dangerous Adoption of Patents on Life and Nature

    In the face of pressure from patent maximalists, as well as an appointment of a patent maximalist to the top of the US patent office, lawyers/law firms which strive to extend patent scope to life itself (or nature) seem to be getting their way



  9. Stronger Patents or None at All: How the Greed of Patent Law Firms and the Patent Office Contributes to Bogus Software Patents Being Amassed

    Alice Corp. v CLS Bank continues to be the sole recent reference for handling of software patents; that being the case, it's rather disturbing that patent law firms continue to recommend patenting of software and offer lousy excuses for that (mainly because they profit at the expense of those foolish enough to believe them)



  10. Patent Strengthening Would Necessarily Mean Lowering the Number of Patents Granted After Alice/35 U.S.C. § 101

    The concept of patent strength is being distorted in all sorts of ways and acronyms like IPR still being used not to describe the process by which bad patents get eliminated but to spread propaganda like 'intellectual' 'property' 'rights'



  11. Watchtroll's Reaffirmed Hatred Towards Science and Technology, Shattering the Myth About Patent Law Firms Trying to 'Help' Innovation

    The anti-technology rhetoric (what they call derogatorily "Big Tech") of patent maximalists is ruining their old narrative which goes something along the lines of helping inventors



  12. Nearly Half of Patent Applications at the EPO Are (at Least Partly) Software Patents, According to the EPO, and Not Many Patents Are European (Foreign, Not Domestic)

    With lack of care for examiners, for European businesses and for science in general the EPO carries on unabated; its agenda seems to be steered by Team UPC, which is looking to profit from lots of foreign lawsuits across Europe (relying on low-quality patents that wouldn't pass muster in national courts)



  13. Patent Factory Europe (PFE) is a Patent Troll's Publicity Stunt, Attempting to Frame a Predator as the Small Businesses' Friend and Ally

    Patent troll "France Brevets" with its tarnished name (it's the shame of France, a major source of shame other than Battistelli) has decided to do a charm offensive which characterises it as a friend of small firms (SMEs)



  14. Alice, Which Turns Four, Has Saved Billions of Dollars Previously Wasted on 'Protection' Money (Notably Patent Trolls)

    Alice has turned 4 (just five days ago) and software patents have never looked weaker (close to impossible to enforce in high courts in the United States), lowering the incentive to pursue such patents in the first place



  15. Links 23/6/2018: Kodi 18 Alpha 2, Peppermint 9, Wine 3.11

    Links for the day



  16. Somewhat Underwhelming Reception for US Patent Number 10,000,000 (Which Actually Isn't)

    While US patent number 10,000,000 did, in fact, get issued (several days ago) there are un-ignorable reminders that a lot more patents exist and the high number says more about neglected quality than actual, objective success



  17. The United States' Supreme Court Takes the Side of Patent Maximalists, for a Change

    WesternGeco LLC v. ION Geophysical Corp. reaches its conclusion; while it has zero effect on patent scope, it does serve to show that the US Supreme Court (SCOTUS) isn’t inherently biased against patents in general



  18. Mainstream Media in Germany Covers Battistelli's Corruption at the EPO Just as He Leaves

    Mainstream German media writes about Battistelli's scandals that nobody seems eager or wishes to discuss, let alone bring up; law-centric German media covers the now-famous open letter from German law firms (Grünecker, Hoffmann Eitle, Maiwald, and Vossius & Partner)



  19. Links 22/6/2018: PulseAudio 12.0, Krita 4.1 Beta, LabPlot 2.5, Git 2.18.0

    Links for the day



  20. “Dr Ernst Should be Forced by National Politicians to Step Down With Immediate Effect” After Battistelli's Latest EPO Scandals

    Further discussions about the horrible legacy of Battistelli and his protectors, who seem to be interested in a patent trolls-friendly patent system which devalues workers and consciously lowers the patent bar (at all costs, even violation of laws and constitutions)



  21. Links 21/6/2018: Microsoft's 'Damage Control' Amid Role in ICE Scandals, 11-Hour Azure Downtime (Again), GNOME 3.29.3, and More GNU/Linux Wins

    Links for the day



  22. Battistelli and Topić Lose Their Bogus 'Case' Against Judge Corcoran After They Defamed Him and Ruined His Career/Life

    The SLAPP action against Judge Patrick Corcoran, who has so far won all cases involving the EPO, is finally dismissed in Germany; what remains is an ugly legacy at the EPO, wherein everyone bold enough to say something about corruption at the top is having his or her life — not just career — destroyed



  23. Even Media of the Patent Microcosm Mentions the Decline in Quality of Patents at the EPO, Based on Its Very Own Stakeholders, While IAM Ignores the News

    The whole world basically accepts, based on patent examiners as well as those whom they interact with (patent agents), that patent quality at the EPO has sunk; but the EPO and IAM continue to vigorously deny that as it threatens some people's nefarious agenda



  24. Links 20/6/2018: Qt 5.11.1, Oracle Solaris 11.3 SRU 33, HHVM 3.27.0, Microsoft Helping ICE

    Links for the day



  25. Patent Extremists Are Unable to Find Federal Circuit Cases That Help Them Mislead on Alice

    Patent extremists prefer talking about Mayo but not Alice when it comes to 35 U.S.C. § 101; Broadcom is meanwhile going on a 'fishing expedition', looking to profit from patents by calling for embargo through the ITC



  26. What Use Are 10 Million Patents That Are of Low Quality in a Patent Office Controlled by the Patent 'Industry'?

    The patent maximalists are celebrating overgranting; the USPTO, failing to heed the warning from patent courts, continues issuing far too many patents and a new paper from Mark Lemley and Robin Feldman offers a dose of sobering reality



  27. The Eastern District of Texas is Where Asian Companies/Patents/Trolls Still Go After TC Heartland

    Proxies of Longhorn IP and KAIST (Katana Silicon Technologies LLC and KAIST IP US LLC, respectively) roam Texas in pursuit of money of out nothing but patents and aggressive litigation; there's also a Microsoft connection



  28. EPO Insiders Correct the Record of Benoît Battistelli’s Tyranny and Abuse of Law: “Legal Harassment and Retaliation”

    Battistelli’s record, as per EPO-FLIER 37, is a lot worse than the Office cares to tell stakeholders, who are already complaining about decline in patent quality



  29. Articles About a Unitary Patent System Are Lies and Marketing From Law Firms With 'Lawsuits Lust'

    Team UPC has grown louder with its lobbying efforts this past week; the same lies are being repeated without much of a challenge and press ownership plays a role in that



  30. The Decline in Patent Quality at the EPO Causes Frivolous Lawsuits That Only Lawyers Profit From

    The European Patent Office (EPO) will continue granting low-quality European Patents under the leadership of the Battistelli-'nominated' Frenchman, António Campinos; this is bad news for science and technology as that quite likely means a lot more lawsuits without merit (which only lawyers profit from)


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts