Bonum Certa Men Certa

Microsoft Proves Techrights Right by Screwing UEFI 'Partners'

UEFI



Summary: Linux booting still an issue on new PCs as Microsoft fails to deliver hardware keys

James Bottomley, who had been paid by Novell (Microsoft) before he left, is developing "secure boot" and finding out that UEFI promises are empty. From his blog:



Asked support why the process was indicating failed but I had a valid download and, after a flurry of emails, got back “Don’t use that file that is incorrectly signed. I will get back to you.” I’m still not sure what the actual problem is, but if you look at the Subject of the signing key, there’s nothing in the signing key to indicate the Linux Foundation, therefore I suspect the problem is that the binary is signed with a generic Microsoft key instead of a specific (and revocable) key tied to the Linux Foundation.

However, that’s the status: We’re still waiting for Microsoft to give the Linux Foundation a validly signed pre-bootloader. When that happens, it will get uploaded to the Linux Foundation website for all to use.


So they are losing time and they gave Microsoft the carte blanche to carry on with UEFI.

Will Hill wrote: "Predictable, jerk around. Restricted Boot is defective by design."

Katherine Noyes says:



In any case, the end result is that, despite paying its $99 fee, the Linux Foundation so far still does not have a validly signed pre-bootloader.


Steven J. Vaughan-Nichols also complains:

By design, Microsoft has made installing and booting Linux on Windows 8 PCs with UEFI (Unified Extensible Firmware Interface) Secure Boot troublesome. Many of the major Linux distirbutors, including Fedora, openSUSE, and Ubuntu, have proposed different ways of addressing this problem. The Linux Foundation, which supports all Linux, recently proposed a universal plan for addressing the UEFI Secure Boot issue. Unfortunately, it's been delayed.

The plan was, as James Bottomley, Parallels' CTO of server virtualization and well-known Linux Kernel maintainer, explained on October 10th, 2012, to "obtain a Microsoft Key and sign a small pre-bootloader which will, in turn, chain load (without any form of signature check) a predesignated boot loader which will, in turn, boot Linux (or any other operating system)."


Red Hat too was bamboozled by Microsoft, the longtimes convicted thug. This is what happens when you become UEFI 'partners' with the monopolist rather than file an antitrust complaint. As Larabel puts it:

Linux Foundation Struggles With Microsoft UEFI Signing



James Bottomley has written about the problems being faced by the Linux Foundation in having a Microsoft-approved validly-signed UEFI pre-bootloader.

There's many hurdles to jump from Microsoft and Verisign/Symantec for obtaining a valid signing key. There's third-party open-source tools for handling much of the signing process, but in the end Windows is still needed due to a Silverlight-based file uploader for the UEFI binary. The Mono-based Moonlight doesn't work with the Silverlight uploader. After uploading the cabinet file for signing, there's a seven-stage process.


That is how bad it is. Pogson puts it more crudely:

M$ Sabotages UEFI “Secure Boot” for Linux Foundation



[...]

I have always thought it was a mistake to do anything in GNU/Linux the M$’s way. They will do anything to prevent GNU/Linux being more widely accessible for consumers. Expect nothing but “accidents”, failures, disasters and the inevitable legal suits to result. They’re all good for M$ keeping the cash-cow flowing a bit longer.


Muktware says:

Microsoft may have attracted some headlines and discussion on Slashdot for being a 'sponsor' at the Linux Foundation's Europe event LinuxCon. But this sponsor is not giving the Linux Foundation any special treatment when it comes to UEFI Secure boot.

If you remember the Linux Foundation earlier announced their workaround for the UEFI Secure boot for the Linux community. That's getting delayed.

James Bottomley, chair of the Linux Foundation's Technical Advisory Board, explains in his blog the 'technical' and 'paper' challenges there are to get a Microsoft signed key and implement it.

He detailed the entire painful process to get a Microsoft signed key. While is extremely easy to pay $99 and get a Verisign verified key the rest of the process is quite daunting and challenging, which also requires one to use Microsoft technologies.

[...]

The foundation somehow managed to create and upload the file which had to go through seven stages and "unfortunately, the first test upload got stuck in stage 6 (signing the files)."

There were some email exchanges between Microsoft and Bottomley to sort the problem but at the moment the cart is stuck in mud.
We're still waiting for Microsoft to give the Linux Foundation a validly signed pre-bootloader. When that happens, it will get uploaded to the Linux Foundation website for all to use.


UEFI apologists hopefully learned their lesson by now. Microsoft has crooks trying to save Windows by breaking Linux.

Comments

Recent Techrights' Posts

Next Month 'New Techrights' Turns Two
Next month, on the fourth week, it'll be 2 years since the migration
Online Safety Act Tries to Accomplish the Impossible
All I can say is, "good luck with that!"
Microsoft Windows "Market Share" Measured Around 2.7% in Iraq, Plunges to 6.5% in Saudi Arabia
Microsoft isn't on the agenda in Iraq
 
Brittany Day Entered LLM Slop Into LinuxSecurity.com and Something Hilarious Happened: The Site is "Exploited"
The brainless, effortless copypasta of "slop artists" shows its limits
Links 03/08/2025: Microsoft Exchange 0-day Exploited and Avoidable Nuclear Escalation
Links for the day
Definitely Not a Ponzi Scheme
Bitcoin v Microsoft
The Electronic Frontier Foundation (EFF) is a Billionaires' Lobby
Billionaires that control tech companies
Microsoft Borrows 3 Billion Dollars Per Month, a Company Truly Worth Trillions Would Not Do This
if Windows (and Office) "market share" fell from about 90% to barely 30%, how come Microsoft is now "valued" at 20 times more?
It's Even Worse Than Microsoft Lunduke Puts It; GNOME is SLAPPing Journalists
In our experience, GNOME is so malicious - some elements of it in particular - that it would launch multiple simultaneous SLAPP campaigns not only against journalists but also their spouses
GNU/Linux Adoption Reaches All-Time Highs in Chile, statCounter Indicates
This month marks 4 years since Vista 11 came out (as a fake "leak") and some surveys still measure its adoption at less than 40%
Slop Will Not Change the World
Some of us grow up sooner and leave that nonsense behind (or altogether avoid/skip it)
Gemini Links 03/08/2025: Nostalgia and TOFU
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, August 02, 2025
IRC logs for Saturday, August 02, 2025
Google Throwing Out the Search Engine With the Bathwater is a Complete and Utter 'Shi---ow' as the Company Drowns in Debt, Layoffs, and Worse
The mainstream media almost never mentions GAFAM debt
Operating Systems' Statistics in New Zealand: GNU/Linux Up, Windows Down to All-Time Lows
Remember all this when the media says that Microsoft became like 10 times more valuable in those 15 years (from 400 billion to 4,000 billion in alleged "worth")
GNU/Linux Share in Sweden Has Doubled Since PewDiePie, A Swede, Recommended It
months ago he moved to GNU/Linux, then told others to consider doing the same
GNU/Linux Hits Record High in Portugal
GNU/Linux picking up in Portugal
Gemini Protocol is Not Dying, It's Growing
When people say things like "Gemini Protocol is dying" the data does not support them
GNU/Linux is Thriving This Summer
It is meanwhile acknowledged, even by Microsoft pushers, that many GNU/Linux PCs will get sabotaged next month
The End of Microsoft's Reign in Spain: Windows Falls to All-Time Lows in Spanish Web Traffic
Windows sank to new lows in Spain
The Bots Never Sleep: In The Weekends, Slopfarms Dominate Google News, Majority of Entries in Google Are Fake Articles About 'Linux'
Google is fast becoming an ocean of plagiarism; the same goes for Google News, which was supposed to have extra quality control
Russia's Yandex Has Caught Up With Bing in Terms of "Market Share"
Microsoft has been firing loads of Bing workers for over 2 years already
Canada: GNU/Linux Up to Records Highs, Windows Down to Record Lows
Microsoft already announcing some plans to shut down Vista 11
Gemini Links 02/08/2025: Transducers in Typed Racket and American ISPs
Links for the day
Links 02/08/2025: Microsoft Already Kills Vista 11 SE, Smartphone Sales Down, Truth Gets "You're Fired!" in the US
Links for the day
Video: The Rise of GNU/Linux and Free Software as Seen by RMS in 2004
DTP's founder argued that when Windows goes below 85% "market share", it'll lose its grip in the monopoly sense
Russia: GNU/Linux Rises to Highest Adoption Level Since Invasion of Ukraine
Moving up in the north
Microsoft's Latest Financial Report: We "Gained" 300 Million Dollars in "Goodwill" and Liabilities Grew by 32 Billion Dollars
Microsoft's debt has reached an all-time high
The Register US = The Register MS
Formerly The Register UK
Weeks After Microsoft Shut Down Its Operations in Pakistan Windows Falls to All-Time Lows
Only less than a month ago it was quietly revealed, based on laid-off staff, that Microsoft shut down in Pakistan
Criminal Behaviour is the Standard Operating Procedure at Microsoft
In the future I'll be able to tell how, when dealing with SLAPPs from Microsofters, their Microsoft services failed me and sometimes even blocked my contacts
GNU/Linux Rises to All-Time Highs in Europe
many people will get fired for buying Microsoft
All-Time Highs for GNU/Linux on the Client Desktop/Laptop, Based on Steam Survey
GNU/Linux rose to 2.89% in Steam
Links 02/08/2025: Blaugust 2025 and "Russia Declares Navalny Memoir ‘Extremist’"
Links for the day
Free Software is Not a Business Model
Go ahead, ask your friend, "how do you plan to monetise your children?"
When (Almost) One-Man Operations Are Disguised as Medium-Sized Companies
the CEO hides in the US (hiding from his ex-wives, 4 daughters from those wives, and Sirius staff that he defrauded)
LLM Slop Harms Real Literature, Real Web Sites, Real Journalism
LLM slop is a parasite and it'll run out of legitimate outputs
Upcoming OSI Scandal Series
The OSI is a rogue actor because it serves Microsoft in exchange for money
Slopwatch: The Issue Persists, But the Consensus in the Media Changes as Google Enrages It With LLM Plagiarism
We've meanwhile assessed the latest output from Linuxiac
Microsoft Actually in Trouble, Microsofters Unable to Obey Judges' Orders
For the second time in a week, Microsofters are unable to obey orders
IRC Proceedings: Friday, August 01, 2025
IRC logs for Friday, August 01, 2025
Over at Tux Machines...
GNU/Linux news for the past day
Links 02/08/2025: İstanbul Retail Inflation Reaches 42.48%, US FBI Opens Office in New Zealand
Links for the day
Gemini Links 02/08/2025: ZFS, LLM Hype, and Fake Modules
Links for the day
Links 01/08/2025: Health, Conflict, and Attacks on Freedom of the Press
Links for the day
Microsoft's Debt Exploded by 15.4 Billion Dollars in the Past 9 Months Alone (Despite All the Layoffs)
As of minutes ago, at 6PM on a Friday, the numbers are made public
Meeting (Webchat) With Maria Arranz Gomez, Florian Grundies, Jürgen Janda and Konstantinos Kortsaris Confronts EPO Management About Breaking Promises and Crushing Workers
The lack of consistent messages suggests plans other than what's advertised and the lack of consultation (secrecy) likewise
Links 01/08/2025: "The Great British Firewall" and U.S. Army Sponsors Palantir
Links for the day
For Second Day in a Row, Top Story in The Register MS is "Microsoft Says"
The editor in chief exercises control over everybody else
LLMs as Attack Method Against Free Software and Programming
DDoS in "hey hi" (slop) clothing
Stability and Reliability, Backward Compatibility
I don't fancy relying on social control media as "sources"
What "the News" Looks Like in 2025
The "says" (or "sez") phenomenon
History Will Be Distorted, Sometimes Intentionally, Under the Guise of Intelligence (Manipulated/Curated Slop)
Militarised misinformation or military-grade chaff is a national security threat, even domestically
Financial Engineering Companies: A Company Worth 4 Trillion Dollars Would Not Borrow 100+ Billion Dollars at Interest Rates Like Today's
Many headlines perpetuate the lie Microsoft had just 2 waves of layoffs
Microsoft is Googlebombing "Linux" While Paying Former News Sites to Publish SPAM
How much lower will IDG sink?
Google as a 'Bullshit Generator' Disguised as Intelligence
It'll probably cause Google to get sued a lot, both by individuals and companies
As Expected, Google in the UK Now Experiments With Slop Instead of Web Search
At this point more people ought to stop and think: Does Google's search engine deserve trust?
The Data You Don't Give Away is Your Advantage
stop sharing data that does not need to be shared
Being Obedient or Doing the Right Thing
The world always changes for the better because of people who think "Outside the Box", not the cogs
Gemini Links 01/08/2025: Happy Hacking Keyboards and New Gemini Arrivals
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 31, 2025
IRC logs for Thursday, July 31, 2025