EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

05.26.13

Techrights Advises UEFI Forum to Withdraw ‘Secure’ Boot Support

Posted in DRM, Tivoization at 1:22 pm by Dr. Roy Schestowitz

UEFI logo

Summary: Short synopsis of a long discussion with the UEFI Forum regarding ‘secure’ boot

We don’t always speak to figures of authority in pursuit of reform, but when we do, it is rather productive (pardon the meme). OIN is a good example of this. Last year, UEFI criticism began as a ‘feature’ of UEFI, namely ‘secure’ boot, was put to use by Microsoft, which basically misused it for anticompetitive reasons, making it hard to boot GNU/Linux.

“Security was not the main outcome of UEFI ‘secure’ boot being put in place.”The UEFI Forum got in touch with yours truly, setting up an interview for exchange of thoughts and ideas. It was productive because a consensus we reached was that ‘secure’ or Restricted Boot in UEFI has no purpose (or little purpose) other than to serve or facilitate business models of corporations, at the expense of customers. It is akin to DRM and TiVoization and it is hard to defend the inclusion of this antifeature, for reasons we covered here before . It was a one-hour conversation mostly with the president of the UEFI Forum, who is a technical and humble man. I politely made suggestions for UEFI, focusing on freedom aspects, and there was no lack of subjects to discuss (including patents). After an hour had lapsed we decided to call it a day (it was Friday night and I was already late to meet some friends at a local pub), but the mutual sentiment can be described as amicable. I accepted the invitation hoping it would lead to progress, not friction. The phone conference focused on questions pertaining to UEFI, with clear focus on the negative aspects, i.e. areas of improvement. In it were UEFI spokespersons Mark Doran, UEFI President, and Michael Krau, UEFI Forum’s Industry Communications Working Group (ICWG) Chair. A lady called Christine was there also, but she did not participate in the technical discussion; she had helped set it all up.

To summarise some of the key points, it was agreed that ‘secure’ boot only gives UEFI Forum a lot of negative publicity. Other issued were raised, but none else got the same amount of coverage, I had not prepared notes, mostly because the goal was to focus on freedom and not to deviate from that. UEFI Forum’s President was understanding. He said I was asking the right questions and did acknowledge that some of my concerns were legitimate (the conversation was recorded with consent from them, but it is not for publication).

Security was not the main outcome of UEFI ‘secure’ boot being put in place. They agreed to some degree. That’s why it was productive as a lengthy debate.

Towards the end, emanating from the conversation were the following tips and links, prepared and sent by Christine, who had also been on the conference call. She wrote:


> Thank you for taking the time to speak with us to address your questions
> regarding the UEFI Forum. If you have any additional questions or need
> information, please don’t hesitate to reach out to me.
>
>
>
> For your reference, I’m including a link to an abstract of the
> presentation
> http://www.linuxtag.org/2013/de/program/freitag-24-mai-2013.html?eventid=6
> referenced today by Mark Doran, President of the UEFI Forum, and
> delivered by Matthew Garrett at the Linux Tag conference in Berlin. The
> title of Garrett’s presentation is “Making UEFI Secure Boot Work for Linux.”
>
>
>
> During the call, Mark also suggested that you might want to view the
> repository of information pertaining to UEFI at Tianocore.org
> http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=Welcome,
> a community site surrounding the open source components of Intel’s
> implementation of UEFI.
>
>
>
> And following are links to the three Intel YouTube videos Mark
> referenced about UEFI Secure Boot configuration:
>
> · Part 1 http://www.youtube.com/watch?v=eAnlhkbMang – Enabling
> & Disabling UEFI Secure Boot. Instructions for setting up a system with
> UEFI Secure Boot to dual-boot between Microsoft* Windows* 8 & Ubuntu*
> 12.10.
>
> · Part 2 http://www.youtube.com/watch?v=dwlbf1VRJ60 -UEFI
> dual-boot setup with Microsoft* Windows* 8. Instructions for setting up
> a system with UEFI Secure Boot to dual-boot between Microsoft Windows 8
> & Ubuntu 12.10.
>
> · Part 3 http://www.youtube.com/watch?v=eAnlhkbMang – UEFI
> dual-boot setup with Linux* (Ubuntu* 12.10). Instructions for setting up
> a system with UEFI Secure Boot to dual-boot between Microsoft* Windows*
> 8 & Ubuntu* 12.10.
>
>
>
> Again, thank you for your time, and please let me know if I can provide
> you with additional information.

To go along with ‘secure’ boot is to help endorse what sure has become a threat to booting freedom, not just to choice. The conference did not alter my mind in any way on this topic. The key point, as was made abundantly clear to them, is that ‘secure’ boot does a major disservice to UEFI by giving it bad reputation — an inevitability when a convicted monopolist like Microsoft perturbs UEFI for non-technical reasons.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. Needs Sunlight said,

    May 26, 2013 at 2:17 pm

    Gravatar

    It sounds like it went well and established that you are all on about the same page. I hope they didn’t persist in the myth about it helping security though. Did that come up?

    Dr. Roy Schestowitz Reply:

    Mark Doran believes that DRM is about overcoming broken business models, not security; when challenged on security of ‘secure’ boot he mostly accepted my arguments and could not counter many.

  2. lozz said,

    May 28, 2013 at 9:18 am

    Gravatar

    Maybe, we should call EUFI “secure boot”, phantomware.

    We used to have vapourware, where M$ would claim to be developing startling new software that never eventuated.

    UEFI actually exists but does nothing to support its claimed purpose of improving security.

    Its only purpose seems to be an attempt towards making things more difficult in installing dual boot systems on M$ computers.

What Else is New


  1. Criminal Microsoft is Censoring the Web and Breaks Laws to Do So; the Web Should Censor (Remove) Microsoft

    Microsoft is still breaking the Internet using completely bogus takedown requests (an abuse of DMCA) and why Microsoft Windows, which contains weaponised back doors (shared with the NSA), should be banned from the Internet, not just from the Web



  2. Microsoft 'Loving' GNU/Linux and Other Corporate Media Fiction

    Microsoft has bullied or cleverly bribed enough technology-centric media sites to have them characterise Microsoft as a friend of Free/Open Source software (FOSS) that also "loves Linux"



  3. India May be Taking Bill Gates to Court for Misusing His So-called 'Charity' to Conduct Clinical Trials Without Consent on Behalf of Companies He Invests in

    Bill Gates may finally be pulled into the courtroom again, having been identified for large-scale abuses that he commits in the name of profit (not "charity")



  4. The Problems With Legal Workarounds, Patent Scope, and Expansion of Patent Trolls to the East

    Patent trolls are in the news again and it's rather important, albeit for various different reasons, more relevant than the ones covered here in the past



  5. Links 20/10/2014: Cloudera and Red Hat, Debian 7.7, and Vivid Vervet

    Links for the day



  6. Links 20/10/2014: 10 Years Since First Ubuntu Release

    Links for the day



  7. How Patent Lawyers Analyze Alice v. CLS Bank

    Breaking down a patent lawyer's analysis of a Supreme Court's decision that seemingly invalidated hundreds of thousands of software patents



  8. Is It Google's Turn to Head the USPTO Corporation?

    The industry-led USPTO continues to be coordinated by some of its biggest clients, despite issues associated with conflicting interests



  9. The EPO's Public Relations Disaster Amid Distrust From Within (and EPO Communications Chief Leaves): Part VII

    Amid unrest and suspicion of misconduct in the EPO's management (ongoing for months if not years), Transparency International steps in, but the EPO's management completely ignores Transparency International, refusing to collaborate; the PR chief of the EPO is apparently being pushed out in the mean time



  10. Links 18/10/2014: Debian Plans for Init Systems, Tails 1.2

    Links for the day



  11. Links 18/10/2014: New ELive, Android Expansion

    Links for the day



  12. Another Fresh Blow to Software Patents (and With Them Patent Trolls)

    Another new development shows that more burden of proof is to be put on the litigant, thus discouraging the most infamous serial patent aggressors and reducing the incentive to settle with a payment out of court



  13. Links 16/10/2014: New Android, SSL 3.0 Flaw

    Links for the day



  14. How the Corporate Press Deceives and Sells Microsoft Agenda

    Various new examples of media propaganda that distorts or makes up the facts (bias/lies by omission/selection) and where this is all coming from



  15. Vista 10 is Still Vapourware, But We Already Know It Will Increase Surveillance on Its Users and Contain Malicious Back Doors

    The villainous company which makes insecure-by-design operating systems will continue to do so, but in the mean time the corporate press covers only bugs in FOSS, not back doors in proprietary software



  16. Links 15/10/2014: KDE Plasma 5.1 is Out, GOG Reaches 100-Title Mark

    Links for the day



  17. With .NET Foundation Affiliation Xamarin is Another Step Closer to Being Absorbed by Microsoft

    Xamarin is not even trying to pretend that separation exists between Microsoft and its work; yet another collaboration is announced



  18. The EPO's Protection Triangle of Battistelli, Kongstad, and Topić: Part VI

    Jesper Kongstad, Benoît Battistelli, and Zeljko Topić are uncomfortably close personally and professionally, so suspicions arise that nepotism and protectionism play a negative role that negatively affects the European public



  19. Corporate Media Confirms the Demise of Software Patents in the United States; Will India and Europe Follow?

    It has become increasingly official that software patents are being weakened in the United States' USPTO as well as the courts; will software leaders such as India and Europe stop trying to imitate the old USPTO?



  20. Links 14/10/2014: CAINE 6, New RHEL, Dronecode

    Links for the day



  21. Microsoft's Disdain for Women Steals the Show at a Women's Event

    Steve Ballmer's successor, Satya Nadella, is still too tactless to lie to the audience, having been given --through subversive means -- a platform at a conference that should have shunned Microsoft, a famously misogynistic company



  22. SCOTUS May Soon Put an End to the 'Copyrights on APIs' Question While Proprietary Giants Continue to Harass Android/Linux in Every Way Conceivable

    Google takes its fight over API freedom to the Supreme Court in the Unites States and it also takes that longstanding patent harassment from the Microsoft- and Apple-backed troll (Rockstar) out of East Texas



  23. Patent Lawsuits Almost Halved After SCOTUS Ruling on 'Abstract' Software Patents

    The barrier for acceptance of software patent applications is raised in the United States and patent lawsuits, many of which involve software these days, are down very sharply, based on new figures from Lex Machina



  24. Links 13/10/2014: ChromeOS and EXT, Debian Resists Systemd Domination

    Links for the day



  25. Links 12/10/2014: Blackphone Tablet, Sony's Firefox OS Port

    Links for the day



  26. Links 9/10/2014: Free Software in Germany, Lenovo Tablets With Android

    Links for the day



  27. Links 8/10/2014: A Lot of Linux+AMD News, New ROSA Desktop Is Out

    Links for the day



  28. Lawyers' Propaganda About Software Patents and a New AstroTurf Entity Called Innovation Alliance

    Patent propaganda and deception from patent lawyers (among other parasites such as patent trolls) continues to flood the Web, intersecting with reports that prove them totally wrong



  29. How Microsoft Handles Disasters: Grace Hopper Conference Has Been Infiltrated by "Microsoft Disaster Response"

    Free/Open Source software (FOSS) must be a disaster to Microsoft's bottom line because Microsoft is sending "Microsoft Disaster Response" to infiltrate and disrupt a conference about women in FOSS



  30. Links 8/10/2014: Gummersbach Moves to GNU/Linux, Docker Acquires Koality, KDE Frameworks 5.3

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts