EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

11.29.12

UEFI Apologists Versus Germany’s Government Judgment on UEFI Insecurity

Posted in Europe, GNU/Linux, Kernel, Security at 5:31 pm by Dr. Roy Schestowitz

Flag of Germany

Summary: Proponents of UEFI support, who are sometimes Mono proponents as well, may struggle to reason in favour of crippleware given the way UEFI rejects Linux and the reasons the German authorities reject UEFI

T

HE Windows franchise is collapsing (ignore the Microsoft PR machine, which we’ll address in a separate post), so Microsoft created a breed of machines that won’t boot Linux. One blogger writes:

So do not buy that new shiny computer without knowing what pitfalls you may have to overcome in order to run a free operating system. As a footnote, the Secure Boot link is from an article on the Linux Foundation’s efforts written on ZDNet’s website all about how Microsoft is delaying the keys for Linux. Hmm, just one more reason to buy new equipment from alternate retailers that put Linux first or buy used.

Bottomley and the Linux Foundation cannot say much after they sold out (Novell plays a role for both) and Michael Larabel writes:

James Bottomley wrote a new blog post this morning about why the Linux Foundation really isn’t concerned about UEFI SecureBoot on ARM hardware (smart-phones, tablets, etc) compared to the work they are doing on x86 PCs with UEFI SecureBoot support for Linux.

Last month the Linux Foundation announced their UEFI SecureBoot plans for dealing with Microsoft Windows 8 PCs. Their plans basically equated to legally obtaining a Microsoft key and signing a small pre-bootloader that in turn could chain load a predesignated boot loader that would in turn boot Linux or any other operating system without having to deal with the SecureBoot mess. The signed pre-bootloader will be available from the Linux Foundation web-site for anyone to use along with the source-code, albeit not their private key. The foundation is still working to obtain a SecureBoot key and their SecureBoot focus has just been for x86 hardware.

With Linux users wondering why the Linux Foundation isn’t diving into some SecureBoot solution for ARM, James Bottomley wrote a lengthy explanation.

We also saw some feedback from vocal UEFI apologists, who are sometimes the same people who promote Mono. Yes, promoters of Microsoft’s (and Novell’s) Mono also promote or downplay the issues with Microsoft’s UEFI demands, but we won’t be linking to them. They provoke against this site. Anyway, here is the original post that seeded this debate. It says:

The answer to this comes in several parts: firstly in the PC space, Microsoft has an effective headlock on the OEM and ODMs: no desktop PC ships without a Windows compatibility sticker (the situation is different in the server market, but this is specifically about desktop PCs). Therefore in order to continue simply booting Linux on laptops and desktops, it is a huge priority to find a solution to this problem. Secondly: in the overall mobile marketplace, which encompasses tablets and smartphones, Microsoft has a very tiny presence: somewhere between 2-5%. Linux (Android) has the majority presence: by some counts, Android is >50% in this market space with Apple a close second. Therefore, a Microsoft mandate in an industry where they have no dominance is simply not really threatening (unlike the PC space where they have complete dominance).

The German authorities have already banned UEFI for their own use/machines on the face of it. So-called ‘secure’ boot is bad for national security. The “German government issues white paper on secure boot,” writes LWN:

A press release from FSF Europe (issued November 20) welcomes a white paper from the German federal government on trusted computing and secure boot. “Another demand by the FSFE is addressed by the government’s white paper. That before purchasing a device, buyers must be informed concisely about the technical measures implemented in this device, as well as the specific usage restrictions and their consequences for the owner: ‘Trusted computing security systems must be deactivated (opt-in principle)’ when devices are delivered… And ‘Deactivation must also be possible later (opt- out function) and must not have any negative impact on the functioning of hard- and software that does not use trusted computing functions.’” The white paper is in essence a non-binding call to manufacturers, but is significant as a statement from a major national government against restrictions imposed via secure boot that may foreshadow more significant government action. The white paper is available in both English and German.

The war on UEFI should carry on until this malpractice is eradicated. It is a defect, not a feature. It gives remote control over hardware.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. Michael said,

    November 29, 2012 at 10:26 pm

    Gravatar

    MS does not make the machines in question.

    Cai6zohp Reply:

    “MS does not make the machines in question.”

    … and obviously MS does not impose these restrictions to OEM either !

    Michael Reply:

    Is there any evidence they do? If there is then fine… but even then it would only be on machines that ship with Windows. MS cannot make demands about machines that ship with other OSs.

What Else is New


  1. With UPC Dead for Battistelli's Entire Remaining Term, No Reason for the EPO or the Administrative Council to Keep Battistelli Around

    Thoughts about what happens to the EPO's leadership after 'Brexit' (British exit from the EU), which severely undermines Battistelli's biggest project that he habitually used to justify his incredible abuses



  2. Links 24/6/2016: Xen Project 4.7, Cinnamon 3.0.6

    Links for the day



  3. Benoît Battistelli Should Resign in Light of New Leak of Decision in His Vendetta Against Truth-Telling Judge (Updated)

    Benoît Battistelli continues to break the EPO's own rules, not just national laws, as a new decision helps reveal



  4. Fake Patents on Software From Fake Australian 'Inventor' of Bitcoin and the Globally-Contagious Nature of EPO Patent Scope

    News from Australia regarding software patents that should not be granted and how patent lawyers from Australia rely on European patent law (EPO and UK-IPO) for guidance on patent scope



  5. Patent Lawyers Love (and Amplify) Halo and Enfish, Omit or Dismiss Cuozzo and Alice

    By misinterpreting the current situation with respect to software patents and misusing terms like "innovation" patent lawyers and others in the patent microcosm hope to convince the public (or potential clients) that nothing in effect has changed and software patents are all fine and dandy



  6. Looks Increasingly Plausible That Battistelli is Covering up Bogus and/or Illegally-Obtained 'Evidence' From the EPO's Investigative Unit

    Why we believe that Benoît Battistelli is growingly desperate to hide evidence of rogue evidence-collecting operations which eventually landed himself -- not the accused -- in a catastrophic situation that can force his resignation



  7. As Decision on the UK's EU Status Looms, EPO Deep in a Crisis of Patent Quality

    Chaotic situation at the EPO and potential changes in the UK cause a great deal of debate about the UPC, which threatens to put the whole or Europe at the mercy of patent trolls from abroad



  8. Another Demonstration by European Patent Office (EPO) Staff on Same Day as Administrative Council's Meeting

    SUEPO (staff union of the EPO) continues to organise staff actions against extraordinary injustice by Benoît Battistelli and his flunkies whom he gave top positions at the EPO



  9. Links 23/6/2016: Red Hat Results, Randa Stories

    Links for the day



  10. Interview With FOSSForce/All Things Free Tech

    New interview with Robin "Roblimo" Miller on behalf of FOSSForce



  11. Links 22/6/2016: PulseAudio 9.0, GNOME 3.21.3 Released

    Links for the day



  12. IP Europe's UPC Lobbying and the EPO Connection

    The loose but seemingly ever-growing connections between AstroTurfing groups like IP Europe (pretending to represent SMEs) and EPO staff which is lobbying-centric



  13. EPO “Recruitment of Brits is Down by 80%”

    Letter says that “recruitment of Brits is down by 80%” and "the EPO lost 7% of UK staff in one year"



  14. The Conspiracy of Patent Lawyers for UPC and Battistelli's Role in Preparing by Firing People

    The parasitic firms that lobby for the UPC and actually create it -- firms like those that pass money to Battistelli's EPO -- are doing exactly the opposite of what Europe needs



  15. Patent Lawyers, Having Lost Much of the Battle for Software Patents in the US, Resort to Harmful Measures and Spin

    A quick glance at how patent lawyers and their lobbyists/advocates have reacted to the latest decision from the US Supreme Court (Justice Breyer)



  16. Links 21/6/2016: Fedora 24 and Point Linux MATE 3.2 Officially Released

    Links for the day



  17. Supreme Court on Cuozzo v Lee Another Major Loss for Software Patents in the United States

    Much-anticipated decision on the Cuozzo v Lee case (at the highest possible level) serves to defend the appeal boards which are eliminating software patents by the thousands



  18. As Alice Turns Two, Bilski Blog Says 36,000 (Software) Patent Applications Have Been Rejected Thanks to It

    A look back at the legacy of Alice v CLS Bank and how it contributed to the demise of software patents in the United States, the birthplace of software patents



  19. EPO Self-Censorship by IP Kat or Just Censorship of Opinions That IP Kat Does Not Share/Accept (Updated)

    ree speech when it's needed the most (EPO scandals) needs to be respected; or why IP Kat shoots itself in the foot and helps the EPO's management by 'sanitising' comments



  20. Caricature: Bygmalion Patent Office

    The latest cartoon regarding Battistelli's European Patent Office



  21. Links 21/6/2016: GNU/Linux in China's HPC, Linux 4.7 RC4

    Links for the day



  22. Under Battistelli's Regime the EPO is a Lawless, Dark Place

    How the EPO's Investigative Unit (IU) and Control Risks Group (CRG), which is connected to the Stasi through Desa, made the EPO virtually indistinguishable from East Germany (coat of arms/emblem above)



  23. New Paper Demonstrates That Unitary Patent (UPC) is Little More Than a Conspiracy of Patent 'Professionals' and Their Self Interest

    Dr. Ingve Björn Stjerna's latest paper explains that the UPC “expert teams” are in fact not experts but people who are using the UPC as a Trojan horse by which to promote their business interests and corporate objectives



  24. Money Flying to Private Companies Without Tenders at Battistelli's EPO (by the Tens of Millions!)

    Extravagant and cushy contracts to the tune of tens of millions of Euros are being issued without public scrutiny and without opportunities to competition (few corporations easily score cushy EPO contracts while illusion of tendering persists -- for small jobs only)



  25. Patent Examiners and Insiders Acknowledge Profound Demise in Patent Quality Under Battistelli

    By lowering the quality of patents granted by the European Patent Office Battistelli hopes to create an illusion of success, where success is not measured properly and is assessed by biased firms which he finances



  26. Jericho Systems Threatens Alice, Court of Appeals for the Federal Circuit Threatens the Patent Trial and Appeal (PTAB)

    A look at the two latest threats to those who helped put an end to a lot of (if not most) software patents in the US



  27. How the Halo Electronics Case Helps Patent Trolls and How Publications Funded by Patent Trolls (IAM for Instance) Covered This

    A Supreme Court ruling on patents, its implications for software patent trolls, and how media that is promoting software patents and patent trolls covered it



  28. Patent Lawyers' Fantasy Land Where Software Patents Are Suddenly Resurrected Even When They're Not

    A quick glance at where the debate over software patents in the United States stands and how profiteers (such as patent lawyers) not only mislead the public but also bully the messengers



  29. Links 19/6/2016: Randa Over, Fedora 24 Release Soon

    Links for the day



  30. [ES] La Oficina Europea de Patentes de Battistelli Amplia su Contrato con el Nefasto FTI Consulting Para Neutralizar a los Medios, Desperdicia Millones de Euros

    Sacando a luz a lo que pasa con el presupuésto de la EPO y como es puesto “a trabajar” bajo la tiranía sin precedente de Battistelli (Eponia) justo en el corazón de Europa


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts