EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS


Microsoft Much Worse Than Proprietary With ‘Secure Boot’ Scam, Pretends to be ‘Open’

Posted in Free/Libre Software, Microsoft at 1:50 pm by Dr. Roy Schestowitz

Emergency phone

Summary: Some of Microsoft’s latest technical attacks on Linux and some responses to EEE (embrace, extend, extinguish) tactics and FUD

Torvalds clearly refuses to give up by putting blobs and keys (similar to but worse than firmware) by adding Microsoft interfaces for Microsoft-signed keys inside the kernel, especially if these are Microsoft’s. This is major news that got the attention of journalists and a known Microsoft booster incites against Torvalds over this (just see headline and image here). Red Hat has been getting close to Microsoft again, so as one blogger put it:

  • Linus Bites RedHat

    It’s great that Linus does not support the idea of making M$ the keeper of the keys. We’ve had enough of that in IT for decades. Free Software needs to remain free of M$ and anyone else who wishes to lock out competition. Linus is not a great lover of FLOSS. His views are based on practicality. It’s stupid to lock Linux into M$. Does RedHat really believe it’s a great thing if millions of GNU/Linux boxes quit booting if M$ revokes a key via firmware upgrade etc.? Do they really think “secure boot” is about security of the world’s IT rather than perpetuation of M$’s monopoly on legacy x86 stuff? Using the damned keys to induce the world to take another step on the Wintel treadmill is just too tempting a fruit to trust M$ to leave it alone.

  • Closed !== Open

    I don’t think so. In the immortal words of Paul Maritz, “* to combat Nscp. we have to have position the browser as “going away” and do deeper integration on Windows. The stronger way to communicate this is to have a “new release“ of windows and make a big deal out of it. We will thus position Memphis as “Windows 98′. * IE integration will be most compelling feature of Memphis.“ Nathan Myhrvold wrote, “I think that it is CRUCIAL to make the statement we ask people about in the survey, or the statement we ask them to sign etc. is worded properly. Saying “put the browser in the OS” is already a statement that is prejudical to us. The name “Browser” suggests a separate thing. I would NOT phrase the survey. or other things only in terms of “put the browser in the 0S’‘. Instead you need to ask a more neutral question about how Internet technology needs to merge with local computing. I have been pretty successful in trying this on various joumalists and industry people.“ To sum up, is the company that brought waves of malware to the world of IT by integrating a totally insecure web browser with their OS in order to mess with competitors to be trusted as “open”? No. M$ is a closed corporation with closed products intending to close out competition by fair means or foul. Pretending to be open is just a means to delay the shift to real openness, FLOSS, or to slow that shift.

Even more Microsoft-apologetic circles accepted Torvalds’ skepticism. To quote one:

As it turned out, almost all of the Windows 8 machines that first appeared had Secure Boot implemented in such a way that Linux was locked out. Workarounds have appeared, but they are based on Microsoft-signed keys. As the maker of the dominant Windows operating system, Microsoft has a responsibility to protect fair play in a way that it didn’t here. In this day of virtualization and usage of multiple operating systems, it’s unfair to build an operating system around a methodology that allows for complete and utter lockout of other platforms. Torvalds’ reactions are only protests at the end of the chain reaction that all of this represented. The fact is that if Microsoft wants to be accepted as playing more fairly with open source these days than it ever has, it has carry that concept through to how it deals with everything it builds and how it deals with hardware makers.

Microsoft pretends to be open, but it’s not working. Here is another new embrace-and-extend attempt:

The expanded partnership between Microsoft and Hadoop distribution specialist Hortonworks has borne fruit with the release of a beta of Hortonworks’ Hadoop Data Platform for Windows.

With its hidden patches and a deal with Sourcefire Microsoft must have hoped to diss Linux some more. Watch this nonsense:

But simple vulnerability counts can give a distorted view. The Linux kernel is considered to be one monolithic project across the entire period, for example, while every version of Windows is a separate project. The total count of vulnerabilities for all Windows versions exceeds Linux. But then Windows is more than just a kernel. Add in all the software included in Linux distributions, and Linux goes back into the doghouse. Younan counted just the high-severity vulnerabilities, those with a Common Vulnerability Scoring System (CVSS) score of 7 or higher. Windows XP tops that list. “Windows Vista is at the number five position, even though Microsoft put a lot of effort into securing Windows Vista,” he said. “The Linux kernel isn’t even in the top ten.” Vista was the first version of Windows to benefit from Microsoft’s Security Development Lifecycle (SDL), the software development process created after Bill Gates’ Trustworthy Computing memo of January 2002. Yet from the vulnerability perspective, Vista looks like little more than a rough draft of Windows 7. Counting high-severity vulnerabilities alone, Flash Player is back in the top 10, at number five. The count of high-severity vulnerabilities doesn’t exhibit that 2012 uptick, only the steady post-2006 decline. However when looking at just critical vulnerabilities, those with a CVSS of 10, there’s no sign of a decline at all.

What silly way to count vulnerabilities. As one of the many comments points out: “I largely agree with Alex in Comment 3 (I also agree with Myth in Comment 1 that 22 != 25, but I digress). Without knowing which kernels had which CVEs reported against it, and which distros shipped with those kernels and how many people used the vulnerable kernel and the averages of people updating on install… ‘simply’ citing the Linux CVEs are practically meaningless.” The FUD against Linux recently seems like part of a trend this month, with Microsoft partners behind it.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one


  1. mjg59 said,

    February 27, 2013 at 2:57 pm


    The patches in question do not include any blobs or keys. You should correct your first paragraph.

    Dr. Roy Schestowitz Reply:

    “The way we have come up with to get around this is to embed an X.509 certificate containing the key in a section called “.keylist” in an EFI PE binary and then get the binary signed by Microsoft. The key can then be passed to the kernel by passing the signed binary” -David Howells at LKML

    mjg59 Reply:

    Yes. It adds an additional keyloading interface to the kernel, alongside the keyloading interface that already exists. The only thing it changes is that it allows you to use a different key format. It adds no keys or blobs to the kernel.

    Dr. Roy Schestowitz Reply:

    I’ll amend the post.

What Else is New

  1. Dr. Ingve Björn Stjerna Explains Why the UPC (“Unitary Patent“ System) is an Undemocratic Sham Whilst UPC Silently Advanced by Patent Lawyers and Politicians

    European patent laws are being covertly overridden so as to allow broader scope of litigation, higher financial damages, speedy injunctions, and even software patents; the European public is intentionally kept in the dark about it, hence kept unable to express scepticism or issue truly effective objections

  2. IRC Proceedings: September 13th, 2015 – October 3rd, 2015

    Many IRC logs

  3. Article Explains Why SUEPO Went Silent Well Over a Week Ago: Nobody is Allowed to Talk to Journalists Without Permission From Battistelli

    More threats from Benoît Battistelli (threats of termination and legal actions on top of it) help hide the abuses of Battistelli and his fellow thugs at the EPO

  4. A Linux World: After Billions of Dollars in Losses Microsoft Changes How It Reports Financial Results

    The abusive monopolist is trying very hard to hide its growing difficulties, especially in an effort to bamboozle non-technical shareholders who cannot understand how Linux has essentially taken over

  5. Microsoft Continues to Extort Linux and Android OEMs Using Software Patents, This Time ASUS (Forced to Pre-Install Microsoft Spyware With OOXML)

    A roundup of news illustrating that Microsoft is still very much in a total war against Android, (mis)using federal regulators and even software patents to get its way

  6. Links 4/10/2015: Linux 4.2.3 , 4.1.10; MPlayer 1.2 released

    Links for the day

  7. Links 2/10/2015: Qubes 3.0, Linux.Wifatch

    Links for the day

  8. Microsoft-Connected Firm Net Applications Used to Mislead About Vista 10 Share and Mock GNU/Linux

    People who are connected to Microsoft (some being former staff) link to a firm that is connected to Microsoft in order to create the illusion that Vista 10 market share grew to 6.63%

  9. Chairman of the Enlarged Board of Appeal (EBoA) and EPO Vice-President of DG3 Suspiciously on Unlimited Sick Leave After Benoît Battistelli's Unprecedented Attacks on Other EBoA Staff

    Rumours suggest that Benoît Battistelli's affairs at the EPO may have something to do with Wim Van der Eijk's longterm absence

  10. Microsoft's Secret Special Relationship With EPO Illustrates Serious Corruption at Microsoft and the EPO

    A big story about the EPO and Microsoft working in a sort of collusion-type setup so as to serve Microsoft's patent agenda, which involves aggression, even against European software that is Free (as in freedom)

  11. Links 1/10/2015: LFS 7.8, Calculate Linux 15 Released

    Links for the day

  12. The 'Microsoft Loves Linux' Baloney is Still Being Floated in the Media While Microsoft Attacks Linux With Patents, New Lawsuits Reported

    Despite Microsoft's continued assault on Linux and on Android (using software patents, which it still discreetly lobbies for), some figures in the media are perpetually peddling the Microsoft-serving lie that 'Microsoft loves Linux'

  13. The Microsoft Botnet Goes Bonkers and ATMs Running Windows Spew Out Cash

    The terrible security (by design) of Microsoft Windows is causing all sorts of very serious and collectively expensive issues

  14. Black Duck Continues to Pile FUD on Free/Libre Software

    Having spent nearly a decade promoting the fear of Free software licensing, Black Duck now does the same regarding Free software security

  15. Links 30/9/2015: New Kernels, Nexus Devices

    Links for the day

  16. Links 28/9/2015: Last News Catchup Before Resumption

    Links for the day

  17. Links 25/9/2015: GNU/Linux in Indian Government, NeoKylin in China

    Links for the day

  18. Süddeutsche Zeitung Explains Imminent Federal Scrutiny Against Battistelli's EPO in Germany

    The German newspaper Süddeutsche Zeitung reveals that actions by the German government may be imminent against the EPO's cliquish management, including its ringleader Benoît Battistelli

  19. EPO Managers, Patent Lawyers, Commissioners and Other Non-Technical Personnel Tackle Democracy, Alter Laws in Bulk and in Secret

    The reckless assault on European democracies and long-established laws across Europe are now lucidly demonstrated when it comes to patents

  20. Europe's Acceptance of and Resistance to Software Patents, Courtesy of Corporate Front Groups and Courtrooms Respectively

    A snapshot of recent developments and upcoming developments in Europe, regarding software patents in particular

  21. German Press Explains EPO Investigation Unit (I.U.), Struggles to Openly Speak to the Secretive EPO

    The secretive Investigation/Investigative Unit (I.U.) of the European Patent Office (EPO) is further studied/explored by a recent article from junge Welt, an old and well-established German newspaper (since 1947)

  22. Links 24/9/2015: GNOME 3.18, Fedora 23 Beta, New Firefox

    Links for the day

  23. Translation Needed of Article About EPO Threats Against SUEPO's Elizabeth Hardon

    A call for translation of an important article that may help shed light on the modus operandi of the Investigation/Investigative Unit of the EPO, which works with Control Risks Group (CRG), the 'British Blackwater'

  24. Media Filled With Spin and Lies Amid Microsoft's Admission of Internal Usage (and Modification) of GNU/Linux

    Further analysis of Microsoft's admission that it uses Linux internally and the media's poorly-researched response to that

  25. EPO Management Justifies Censorship (Even of Journalists) Using Its Vice-President Željko Topić

    The Topić connection to EPO-imposed and universally-induced censorship not just of news sites but also sites which speak about the censorship itself, or dare question the integrity of the EPO's management

  26. Changes at Techrights

    A few short notes on how we are going to re-align the site with disruptive trends, notably patents-related

  27. EPO President Benoît Battistelli Compared to Famous Criminals on European Television

    The Belgian TV network featured a show which was making fun of Battistelli earlier this month

  28. Dutch Politician John Kerstens Says EPO Investigative Unit is Called ‘the Gestapo’

    The infamous Investigation Unit (I.U.), which secretly bullies staff of the EPO with notorious interrogation techniques under virtually no oversight, is described on Dutch radio

  29. The European Patent Office's Autocracy Has Proven the Streisand Effect, Amplifying Its Opposition's Messages

    The management of the European Patent Office (EPO) is still trying to suppress negative messages about managerial failures, violations and abuses, thereby serving to only increase media coverage (newspapers, radio, television) of increasingly well-known and widely-covered scandals

  30. IBM is Again Attacking Free/Libre Open Source Software by Pushing for Patents on Software

    A timely reminder that Big Blue is no true friend of GNU/Linux and other Free software projects, just an opportunist that uses the Linux brand and wants to make the platform a commodity (for servers that run IBM's proprietary software and use IBM-branded hardware)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time


Recent Posts