EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.17.12

TechBytes Episode 69: Richard Stallman on Restricted Boot (UEFI), Coreboot, GRUB, and Boot Freedom

Posted in TechBytes at 8:22 am by Dr. Roy Schestowitz

Techbytes 2012

Direct download as Ogg (0:13:28, 5.5 MB)

Summary: The first part of our interview with Richard Stallman covers Restricted Boot and related issues

I first interviewed Richard Stallman about 5 years ago. Yesterday I spoke to him about the subject of much debate in the Free software world right now. Here is a transcript of our conversation.

Dr. Roy Schestowitz: I want to know how big a threat you think the so-called “secure” boot is considered to be to the Free software movement.

Richard StallmanDr. Richard Stallman: It’s a disaster. Well, except that it’s not secure boot that’s a disaster, it’s restricted boot. Those are not the same. When it’s front of the control of the user, secure boot is a security feature. It allows the user to control what programs can run on a machine and thus prevent — you might say — unexpected malware from running. We have to distinguish the unexpected malware such as viruses from the expected malware such as Windows or Mac OS or Flash Player and so on, which are also malware; they have features that hurt the user but users know what they are installing. In any case, what secure boot does is that it causes the machine to only work with (?) programs that are signed with a certain key, your keys. And as long as the user controls which keys they are, then it’s a security feature. However, it can be chained into a set of digital handcuffs when the user doesn’t control the keys. And this [is] happening.

“We have to distinguish the unexpected malware such as viruses from the expected malware such as Windows or Mac OS…”Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot. Now, this is not a security feature. This is abuse of the users. I think it ought to be illegal.

It’s a matter of control by the vendor of course, not control by the user himself

Exactly, and that’s why it’s wrong. That’s why non-free software is wrong. The users deserve to have control of their computers/

I think that not only Windows is going to be an issue in fact, if you consider the fact that even a modified kernel is going to be in a position where it’s perhaps not seen as verified for execution. Right, I’m saying, it might not only be a malicious feature in case of something like Windows running on it, it’s also for — let’s say — a user of the offered operating system but it’s free if the user wants to modify the operating system, for example…

The thing is, if the user doesn’t control the keys, then it’s a kind of shackle, and that would be true no matter what system it is. After all, why is GNU/Linux better than Windows? Not just ’cause it has a different name. The reason it’s better is because it’s freedom-respecting Free software that the users control. But if the machine has restricted boot and the users can’t control the system, then it would be just as bad as Windows. So, if the machine will only run a particular version of GNU/Linux, that is a restriction feature. And I haven’t heard anyone doing that yet with GNU/Linux, but that’s what Red Hat and Ubuntu are proposing to do things — somewhat like that — for future PCs that are shipped for Windows. But it’s not exactly that. And my reason is, the users will be able to change the keys. They will be able to boot their own modified version of the system of Fedora or Ubuntu if they want. So, what Fedora and Ubuntu were proposing doesn’t go all the way there. They’re proposing to do things to make it more convenient for users to install the standard version of those systems. But if things go as it has been announced, users will still be able to change the keys and boot their own versions. So, if all the restricted boot — but it will be something that goes sort of half-way there — it’s somewhat distasteful.

“The thing is, if the user doesn’t control the keys, then it’s a kind of shackle, and that would be true no matter what system it is.”On the other hand, with Android, which is another mostly Free operating system which contains Linux but doesn’t contain GNU, it’s quite common for the product to have something equivalent to restricted boot, and people have to struggle to figure out how they can install a modified and more free version of Android. So, the presence of the kernel Linux in a system doesn’t guarantee it’s going to be better. And I’ve heard someone say — oh, it hasn’t been checked — that a particular or kind of Android device is actually using an Intel chip with restricted boot.

One of the concerns that I think is worth raising is the fact that, as far as I know, with many of the embedded devices, especially those based on ARM, I believe it’s not even possible to get into boot menu to disable so-called “secure”…

That’s where Microsoft is really going all out, because Microsoft has ordered essentially — demanded — that those shipping ARM devices for Windows 8 make it restricted boot with no way to get around it.

Yeah, which also means of course waste of… all sorts of impacts on the environment. Any time that hardware become obsolete with the operating system itself is not being used of course…

“So it’s a very damaging thing that Microsoft is doing and so we need to look for every possible way to stop them or tweak what they’re doing.”Well, it’s worse than that. It means basically that those devices, you have to throw them out if you want to escape to the free world. And this — in the past — we were able to install, to liberate a computer by installing Free software on it instead of its user-restricting operation system, and this of course was tremendously helpful to the spread of GNU/Linux because it meant that users could move to freedom. It would be much harder if they had to buy another computer to do so. So it’s a very damaging thing that Microsoft is doing and so we need to look for every possible way to stop them or tweak what they’re doing.

Well, I wanted to ask you, one of our readers — his name is Will — is asking me if you have seen any new good hardware that can take coreboot.

I’m sorry, what?

One of my readers — a guy called Will — he has asked me if you have seen any new good hardware that can take coreboot.

“So, what we really need to do is make coreboot libre, just as we make Linux libre (which doesn’t have the blobs)…”I don’t know. Basically, I don’t keep track of hardware models. I only remember their names anymore, except for the one I use, which is, the Lemote Yeelong and it doesn’t run coreboot but it will run timar [?] in GRUB, it has a Free BIOS. When it comes it has a Free BIOS, which is why I chose it. But in terms of running coreboot, well, the machine which you run coreboot on are Intel-type machines. Now, there are a couple of… there is a problem, and that is, a lot of the Intel — and also AMD — CPUs require a microcode blob, and coreboot has these microcode blobs, which is the same kind of problem as firmware blobs in Linux. So, what we really need to do is make coreboot libre, just as we make Linux libre (which doesn’t have the blobs), keep (?) the coreboot libre (which doesn’t have the blobs) and then we need to see which processors actually run adequately without any microcode blob. And we’re looking for somebody who wants to lead this project ’cause it takes work. Now, leading this project doesn’t mean that you personally get all these kinds of hardware; oh, no, it would be asking the whole community to test things, but somebody has got to ask the community to do it, spread the word, receive the responses, put them together, and publish the list. Would (?) he like to do that? If he is really interested in having the answer to this question, maybe he’d like to help get the answer, and that would help the whole community.


More from Stallman is to be published in coming days.

We hope you will join us for future shows and consider subscribing to the show via the RSS feed. You can also visit our archives for past shows. If you have an Identi.ca account, consider subscribing to TechBytes in order to keep up to date.

As embedded (HTML5):

Keywords: UEFI Coreboot GRUB GNU FSF

Download:

Ogg Theora

Past shows in this series:

Show overview Show title
Episode 66: Tim and Roy TechBytes Episode 66: First of the Second Series
Episode 67: Tim and Roy TechBytes Episode 67: Nokia Down, Android Up
Episode 68: Roy TechBytes Episode 68: Solo With Patents, Apple Bans, and Android World Domination
Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. The Patent Trolls' Lobby, Bristows and IAM Among Others, Downplays Darts-IP/IP2Innovate Report About Rising If Not Soaring Troll Activity in Europe

    Exactly like last year, as soon as IP2Innovate opens its mouth Bristows and IAM go into "attack dog" mode and promote the UPC, deny the existence or seriousness of patent trolls, and promote their nefarious, trolls-funded agenda



  2. Links 20/2/2018: Mesa 17.3.5, Qt 5.11 Alpha, Absolute 15.0 Beta 4, Sailfish OS 2.1.4 E.A., SuiteCRM 7.10

    Links for the day



  3. Replacing Patent Sharks/Trolls and the Patent Mafia With 'Icons' Like Thomas Edison

    The popular perceptions of patents and the sobering reality of what patents (more so nowadays) mean to actual inventors who aren't associated with global behemoths such as IBM or Siemens



  4. The Patent Trolls' Lobby is Distorting the Record of CAFC on PTAB

    The Court of Appeals for the Federal Circuit (CAFC), which deals with appeals from PTAB, has been issuing many decisions in favour of § 101, but those aren't being talked about or emphasised by the patent 'industry'



  5. Japan Demonstrates Sanity on SEP Policy While US Patent Policy is Influenced by Lobbyists

    Japan's commendable response to a classic pattern of patent misuse; US patent policy is still being subjected to never-ending intervention and there is now a lobbyist in charge of antitrust matters and a lawyer in charge of the US patent office (both Trump appointees)



  6. The Patent Microcosm's Embrace of Buzzwords and False Marketing Strives to Make Patent Examiners Redundant and Patent Quality Extremely Low

    Patent maximalists, who are profiting from abundance of low-quality patents (and frivolous lawsuits/legal threats these can entail), are riding the hype wave and participating in the rush to put patent systems at the hands of machines



  7. Today, at 12:30 CET, Bavarian State Parliament Will Speak About EPO Abuses (Updated)

    The politicians of Bavaria are prepared to wrestle with some serious questions about the illegality of the EPO's actions and what that may mean to constitutional aspects of German law



  8. Another Loud Warning From EPO Workers About the Decline of Patent Quality

    Yet more patent quality warnings are being issued by EPO insiders (examiners) who are seeing their senior colleagues vanishing and wonder what will be left of their employer



  9. Links 19/2/2018: Linux 4.16 RC2, Nintendo Switch Now Full-fledged GNU/Linux

    Links for the day



  10. PTAB Continues to Invalidate a Lot of Software Patents and to Stop Patent Examiners From Issuing Them

    Erasure of software patents by the Patent Trial and Appeal Board (PTAB) carries on unabated in spite of attempts to cause controversy and disdain towards PTAB



  11. The Patent 'Industry' Likes to Mention Berkheimer and Aatrix to Give the Mere Impression of Section 101/Alice Weakness

    Contrary to what patent maximalists keep saying about Berkheimer and Aatrix (two decisions of the Federal Circuit from earlier this month, both dealing with Alice-type challenges), neither actually changed anything in any substantial way



  12. Makan Delrahim is Wrong; Patents Are a Major Antitrust Problem, Sometimes Disguised Using Trolls Somewhere Like the Eastern District of Texas

    Debates and open disagreements over the stance of the lobbyist who is the current United States Assistant Attorney General for the Antitrust Division



  13. Patent Trolls Watch: Microsoft-Connected Intellectual Ventures, Finjan, and Rumour of Technicolor-InterDigital Buyout

    Connections between various patent trolls and some patent troll statistics which have been circulated lately



  14. Software Patents Trickle in After § 101/Alice, But Courts Would Not Honour Them Anyway

    The dawn of § 101/Alice, which in principle eliminates almost every software patent, means that applicants find themselves having to utilise loopholes to fool examiners, but that's unlikely to impress judges (if they ever come to assessing these patents)



  15. In Aatrix v Green Shades the Court is Not Tolerating Software Patents But Merely Inquires/Wonders Whether the Patents at Hand Are Abstract

    Aatrix alleges patent infringement by Green Shades, but whether the patents at hand are abstract or not remains to be seen; this is not what patent maximalists claim it to be ("A Valentine for Software Patent Owners" or "valentine for patentee")



  16. An Indoctrinated Minority is Maintaining the Illusion That Patent Policy is to Blame for All or Most Problems of the United States

    The zealots who want to patent everything under the Sun and sue everyone under the Sun blame nations in the east (where the Sun rises) for all their misfortunes; this has reached somewhat ludicrous levels



  17. Berkheimer Decision is Still Being Spun by the Anti-Section 101/Alice Lobby

    12 days after Berkheimer v HP Inc. the patent maximalists continue to paint this decision as a game changer with regards to patent scope; the reality, however, is that this decision will soon be forgotten about and will have no substantial effect on either PTAB or Alice (because it's about neither of these)



  18. Academic Patent Immunity is Laughable and Academics Are Influenced by Corporate Money (for Steering Patent Agenda)

    Universities appear to have become battlegrounds in the war between practicing entities and a bunch of parasites who make a living out of litigation and patent bubbles



  19. UPC Optimism Languishes Even Among Paid UPC Propagandists Such as IAM

    Even voices which are attempting to give UPC momentum that it clearly lacks admit that things aren't looking well; the UK is not ratifying and Germany make take years to look into constitutional barriers



  20. Bejin Bieneman Props Up the Disgraced Randall Rader for Litigation Agenda

    Randall Rader keeps hanging out with the litigation 'industry' -- the very same 'industry' which he served in a closeted fashion when he was Chief Judge of the Federal Circuit (and vocal proponent of software patents, patent trolls and so on)



  21. With Stambler v Mastercard, Patent Maximalists Are Hoping to Prop Up Software Patents and Damage PTAB

    The patent 'industry' is hoping to persuade the highest US court to weaken the Patent Trial and Appeal Board (PTAB), for PTAB is making patent lawsuits a lot harder and raises the threshold for patent eligibility



  22. Apple Discovers That Its Patent Disputes Are a Losing Battle Which Only Lawyers Win (Profit From)

    By pouring a lot of money and energy into the 'litigation card' Apple lost focus and it's also losing some key cases, as its patents are simply not strong enough



  23. The Patent Microcosm Takes Berkheimer v HP Out of Context to Pretend PTAB Disregards Fact-Finding Process

    In view or in light of a recent decision (excerpt above), patent maximalists who are afraid of the Patent Trial and Appeal Board (PTAB) try to paint it as inherently unjust and uncaring for facts



  24. Microsoft Has Left RPX, But RPX Now Pays a Microsoft Patent Troll, Intellectual Ventures

    The patent/litigation arms race keeps getting a little more complicated, as the 'arms' are being passed around to new and old entities that do nothing but shake-downs



  25. UPC Has Done Nothing for Europe Except Destruction of the EPO and Imminent Layoffs Due to Lack of Applications and Lowered Value of European Patents

    The Unified Patent Court (UPC) is merely a distant dream or a fantasy for litigators; to everyone else the UPC lobby has done nothing but damage, including potentially irreparable damage to the European Patent Office, which is declining very sharply



  26. Links 17/2/2018: Mesa 17.3.4, Wine 3.2, Go 1.10

    Links for the day



  27. Patent Trolls Are Thwarted by Judges, But Patent Lawyers View Them as a 'Business' Opportunity

    Patent lawyers are salivating over the idea that trolls may be coming to their state/s; owing to courts and the Patent Trial and Appeal Board (PTAB) other trolls' software patents get invalidated



  28. Microsoft's Patent Moves: Dominion Harbor, Intellectual Ventures, Intellectual Discovery, NEC and Uber

    A look at some of the latest moves and twists, as patents change hands and there are still signs of Microsoft's 'hidden hand'



  29. Links 15/2/2018: GNOME 3.28 Beta, Rust 1.24

    Links for the day



  30. Bavarian State Parliament Has Upcoming Debate About Issues Which Can Thwart UPC for Good

    An upcoming debate about Battistelli's attacks on the EPO Boards of Appeal will open an old can of worms, which serves to show why UPC is a non-starter


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts