EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS


Microsoft Much Worse Than Proprietary With ‘Secure Boot’ Scam, Pretends to be ‘Open’

Posted in Free/Libre Software, Microsoft at 1:50 pm by Dr. Roy Schestowitz

Emergency phone

Summary: Some of Microsoft’s latest technical attacks on Linux and some responses to EEE (embrace, extend, extinguish) tactics and FUD

Torvalds clearly refuses to give up by putting blobs and keys (similar to but worse than firmware) by adding Microsoft interfaces for Microsoft-signed keys inside the kernel, especially if these are Microsoft’s. This is major news that got the attention of journalists and a known Microsoft booster incites against Torvalds over this (just see headline and image here). Red Hat has been getting close to Microsoft again, so as one blogger put it:

  • Linus Bites RedHat

    It’s great that Linus does not support the idea of making M$ the keeper of the keys. We’ve had enough of that in IT for decades. Free Software needs to remain free of M$ and anyone else who wishes to lock out competition. Linus is not a great lover of FLOSS. His views are based on practicality. It’s stupid to lock Linux into M$. Does RedHat really believe it’s a great thing if millions of GNU/Linux boxes quit booting if M$ revokes a key via firmware upgrade etc.? Do they really think “secure boot” is about security of the world’s IT rather than perpetuation of M$’s monopoly on legacy x86 stuff? Using the damned keys to induce the world to take another step on the Wintel treadmill is just too tempting a fruit to trust M$ to leave it alone.

  • Closed !== Open

    I don’t think so. In the immortal words of Paul Maritz, “* to combat Nscp. we have to have position the browser as “going away” and do deeper integration on Windows. The stronger way to communicate this is to have a “new release“ of windows and make a big deal out of it. We will thus position Memphis as “Windows 98′. * IE integration will be most compelling feature of Memphis.“ Nathan Myhrvold wrote, “I think that it is CRUCIAL to make the statement we ask people about in the survey, or the statement we ask them to sign etc. is worded properly. Saying “put the browser in the OS” is already a statement that is prejudical to us. The name “Browser” suggests a separate thing. I would NOT phrase the survey. or other things only in terms of “put the browser in the 0S’‘. Instead you need to ask a more neutral question about how Internet technology needs to merge with local computing. I have been pretty successful in trying this on various joumalists and industry people.“ To sum up, is the company that brought waves of malware to the world of IT by integrating a totally insecure web browser with their OS in order to mess with competitors to be trusted as “open”? No. M$ is a closed corporation with closed products intending to close out competition by fair means or foul. Pretending to be open is just a means to delay the shift to real openness, FLOSS, or to slow that shift.

Even more Microsoft-apologetic circles accepted Torvalds’ skepticism. To quote one:

As it turned out, almost all of the Windows 8 machines that first appeared had Secure Boot implemented in such a way that Linux was locked out. Workarounds have appeared, but they are based on Microsoft-signed keys. As the maker of the dominant Windows operating system, Microsoft has a responsibility to protect fair play in a way that it didn’t here. In this day of virtualization and usage of multiple operating systems, it’s unfair to build an operating system around a methodology that allows for complete and utter lockout of other platforms. Torvalds’ reactions are only protests at the end of the chain reaction that all of this represented. The fact is that if Microsoft wants to be accepted as playing more fairly with open source these days than it ever has, it has carry that concept through to how it deals with everything it builds and how it deals with hardware makers.

Microsoft pretends to be open, but it’s not working. Here is another new embrace-and-extend attempt:

The expanded partnership between Microsoft and Hadoop distribution specialist Hortonworks has borne fruit with the release of a beta of Hortonworks’ Hadoop Data Platform for Windows.

With its hidden patches and a deal with Sourcefire Microsoft must have hoped to diss Linux some more. Watch this nonsense:

But simple vulnerability counts can give a distorted view. The Linux kernel is considered to be one monolithic project across the entire period, for example, while every version of Windows is a separate project. The total count of vulnerabilities for all Windows versions exceeds Linux. But then Windows is more than just a kernel. Add in all the software included in Linux distributions, and Linux goes back into the doghouse. Younan counted just the high-severity vulnerabilities, those with a Common Vulnerability Scoring System (CVSS) score of 7 or higher. Windows XP tops that list. “Windows Vista is at the number five position, even though Microsoft put a lot of effort into securing Windows Vista,” he said. “The Linux kernel isn’t even in the top ten.” Vista was the first version of Windows to benefit from Microsoft’s Security Development Lifecycle (SDL), the software development process created after Bill Gates’ Trustworthy Computing memo of January 2002. Yet from the vulnerability perspective, Vista looks like little more than a rough draft of Windows 7. Counting high-severity vulnerabilities alone, Flash Player is back in the top 10, at number five. The count of high-severity vulnerabilities doesn’t exhibit that 2012 uptick, only the steady post-2006 decline. However when looking at just critical vulnerabilities, those with a CVSS of 10, there’s no sign of a decline at all.

What silly way to count vulnerabilities. As one of the many comments points out: “I largely agree with Alex in Comment 3 (I also agree with Myth in Comment 1 that 22 != 25, but I digress). Without knowing which kernels had which CVEs reported against it, and which distros shipped with those kernels and how many people used the vulnerable kernel and the averages of people updating on install… ‘simply’ citing the Linux CVEs are practically meaningless.” The FUD against Linux recently seems like part of a trend this month, with Microsoft partners behind it.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one


  1. mjg59 said,

    February 27, 2013 at 2:57 pm


    The patches in question do not include any blobs or keys. You should correct your first paragraph.

    Dr. Roy Schestowitz Reply:

    “The way we have come up with to get around this is to embed an X.509 certificate containing the key in a section called “.keylist” in an EFI PE binary and then get the binary signed by Microsoft. The key can then be passed to the kernel by passing the signed binary” -David Howells at LKML

    mjg59 Reply:

    Yes. It adds an additional keyloading interface to the kernel, alongside the keyloading interface that already exists. The only thing it changes is that it allows you to use a different key format. It adds no keys or blobs to the kernel.

    Dr. Roy Schestowitz Reply:

    I’ll amend the post.

What Else is New

  1. Team Battistelli and Team UPC Are Both Very Deep in Denial

    The perpetrators of a terrible patent system that permits patents on abstract ideas (which sometimes aren't novel, either) and litigation as a priority refuse to let go of their dream -- a distant, runaway fantasy which may soon cost over a thousand examiners their careers

  2. Guest Post: Battistelli's Former “Padrone” Facing Corruption Charges in France

    Battistelli's former "padrone" made the headlines this week when he was taken into police custody in France and charged with corruption and other breaches of law

  3. Links 23/3/2018: Fedora 28 Beta Delayed, Mintbox Mini 2 is Out

    Links for the day

  4. The Enemies of the Patent System Are Patent Maximalists, Not Those Pursuing Saner Patent Policy

    Taking stock of some recent news and remarking (yet again) on the danger the patent system faces if it allows patent lawyers rather than inventors to steer/influence policy (as seen in Europe with the failed UPC bid)

  5. The European Patent Office’s (EPO) Declining Patent Quality 'Tackled' by Making Appeals/Oppositions Harder and More Expensive

    The so-called 'System Battistelli' is proving to be a disaster which makes both examiners and patents obsolete; Making applications cheaper while making appeals/oppositions harder and more expensive is a recipe for disaster, assuring nothing but more litigation and more workloads for courts, where fees rise to extraordinary levels (in effect externalising the costs/toll of EPO to the public, primarily for gains of patent law firms)

  6. Ericsson, Acting Directly Rather Than Via the Patent Trolls It Habitually Uses, in a Patent War Against Linux/Android

    LG is the latest company to be sued by Ericsson, which doesn't just harass the competition (which actually sells something) through patent trolls but also directly, having won a case in the notorious Eastern District of Texas (EDTX/TXED)

  7. The Federation of International Civil Servants' Association: Frenchman “Campinos is Known for Having Close Ties to Mr. Battistelli Who Strongly Supported His Candidacy.”

    Readers find little or no room for optimism as Battistelli's final day at the Office approaches; FICSA is not optimistic either and the general consensus is that Battistelli's so-called 'reforms' will soon yield layoffs

  8. Links 22/3/2018: Mesa 17.3.7, Mesa 18.0.0 RC5, RawTherapee 5.4, Krita 4

    Links for the day

  9. Japan is Becoming Firmer on Patents, Whereas China Goes in the Opposite Direction

    Japan has become less tolerant of patent aggressors and more conscious/concerned about patent quality, which is why the patent microcosm would rather hail China as a role model (even when China's overall share of patents in Europe, for example, is about the same as tiny South Korea and a lot smaller than Japan's)

  10. Aggressive New Activities of Microsoft-Connected Patent Trolls: Finjan, Intellectual Ventures, and Dominion Harbor

    The extensive group of Microsoft-connected patent trolls is still very much active; Microsoft funds them, arms them, and gives them instructions while offering people 'protection' from them (if and only if they choose Azure)

  11. Battistelli's Ongoing Attacks on the Boards Are Helping Unitary Patent (UPC), Which in Turn Helps French Patent Trolls

    Battistelli will likely be remembered not only as the man who attacked justice (and judges) but also rendered staff redundant, issued a lot of highly controversial patents, and by doing so helped the insurgence of patent trolls in Europe

  12. Links 21/3/2018: Cutelyst 2, More on webOS

    Links for the day

  13. SUEPO: “Today May Be Your Last Chance to Demonstrate Against the Seriously Flawed Reforms That Mr Battistelli Has Imposed” on EPO Staff

    Benoît Battistelli will likely remain involved in EPO affairs for a long time to come (even through a fellow Frenchman, Campinos, whom he swaps two chairs with at the Office and CEIPI), but today is the last opportunity for EPO staff to march in protest against the Battistelli regime, which for the first time ever will result in major staff cuts and growing irrelevance for the Office

  14. Links 20/3/2018: GStreamer 1.14.0, Freespire 3.0, Endless OS 3.3.13

    Links for the day

  15. BIO, MDMA and PhRMA Are Pushing the PTAB-Hostile STRONGER Patents Act While IAM and Patently-O Continue to Bash PTAB

    The patent microcosm, which compares the Board to the above (crude analogy from Judge Rader and other patent extremists), is still trying to kill inter partes reviews (IPRs), in effect overlooking its own hypocrisy on the matter (they don’t want patent justice, they just want to metaphorically ‘shoot down’ the judges)

  16. 35 U.S.C. § 101 is Still Effectively Tackling Software Patents in the US, But Patent Law Firms Lie/Distort to 'Sell' These Anyway

    The assertion that software patents are still worth pursuing in 2018 is based on carefully-constructed spin which mis-frames several court decisions and underplays/downplays/ignores pretty much everything that does not suit the narrative

  17. Battistelli's EPO Became Extremely Reliant on China for Distraction and on Endless Supply of Applications (Supply Which Doesn't Exist)

    Discussion about the EPO granting machine (or patent-printing machine) and figures the way EPO management would rather the public won't ever see them; the concept that China means redemption for this patent system is as laughable as always

  18. The US International Trade Commission (USITC) Against Comcast, Courtesy of the Intellectual Ventures-Connected Rovi

    The USITC/ITC, which mostly serves to impose embargoes (sometimes in shocking defiance of PTAB decisions), is being invoked by a firm connected to the world’s largest patent troll, Intellectual Ventures

  19. Tinder/Match Group Uses Software Patents to Sue a Rival, Obviously Choosing to Sue in Texas

    Software patents are being used for leverage, but only those which were likely granted before Alice and only in courts at districts somewhere around Texas

  20. Links 19/3/2018: Linux 4.16 RC6, Atom 1.25, antiX 17.1, GNU Mcron 1.1

    Links for the day

  21. From PTAB Bashing to Federal Circuit (CAFC) Bashing: How the Patent 'Industry' Sells Software Patents

    The latest tactics of the patent microcosm are just about as distasteful as last month's (or last year's), with focus shifting to the courts and few broadly-misinterpreted patent cases (mainly Finjan, Berkheimer, and Aatrix)

  22. Patent Maximalists Keep Coming Up With New Terms and Buzzwords to Bypass the Practical Ban on Software Patents

    The fightback against Section 101 and the US Supreme Court (notably Alice) seems to concentrate on old and new buzzwords, such as "Software as a Medical Device" ("SaMD") or "Fourth Industrial Revolution" ("4IR"), which the EPO recently paid European media to spread and promote

  23. News About Patents is Often Just Advertisements Composed Directly or Indirectly by Companies That Sell Patents and Patent Services

    Infomercials are still dominant among news about patents, in effect drowning out the signal (real journalism) and instead pushing agenda that is detached from reality, pertinent facts, objective assessment, public interest and so on

  24. Blocks and Paywalls Won't Protect the Patent Trolls' Lobby From Scrutiny/Fact-Checking

    Joff Wild and Benoît Battistelli have much in common, including patent maximalism and chronic resistance to facts (or fact-checking)

  25. China Has Become Very Aggressive With Patents

    China now targets other Asian countries/firms -- more so than Western firms -- with patent lawsuits; we expect this to get worse in years to come

  26. UPC/Battistelli Booster IAM Blames Brexit Rather Than EPO Abuses

    While the EPO is collapsing due to mismanagement the boosters of Team Battistelli would rather deflect and speak about Brexit, which is itself partly motivated by such mismanagement

  27. European Commission Again Urged to Tackle Abuses at the European Patent Office (EPO)

    Rina Ronja Kari is the latest MEP attempting to compel the Commission to actually do something about the EPO other than turning a blind eye

  28. Links 18/3/2018: Wine 3.4, Wine-Staging 3.4, KDE Connect 1.8 for Android

    Links for the day

  29. TXED Courts Are Causing Businesses to Leave the District, Notably For Fear That Having Any Operations Based There is a Legal Liability

    A discussion about the infamous abundance of patent cases in the Eastern District of Texas (TXED/EDTX) and what this will mean for businesses that have branches or any form of operations there (making them subjected to lawsuits in that district even after TC Heartland)

  30. PTAB Hatred is So Intense Among the Patent 'Industry' That Even Scammers Are Hailed as Champions If They Target PTAB

    The patent microcosm is so eager to stop the Patent Trial and Appeal Board (PTAB) that it's supporting sham deals (or "scams") and exploits/distorts the voice of the new USPTO Director to come up with PTAB-hostile catchphrases


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time


Recent Posts