EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

05.26.13

Techrights Advises UEFI Forum to Withdraw ‘Secure’ Boot Support

Posted in DRM, Tivoization at 1:22 pm by Dr. Roy Schestowitz

UEFI logo

Summary: Short synopsis of a long discussion with the UEFI Forum regarding ‘secure’ boot

We don’t always speak to figures of authority in pursuit of reform, but when we do, it is rather productive (pardon the meme). OIN is a good example of this. Last year, UEFI criticism began as a ‘feature’ of UEFI, namely ‘secure’ boot, was put to use by Microsoft, which basically misused it for anticompetitive reasons, making it hard to boot GNU/Linux.

“Security was not the main outcome of UEFI ‘secure’ boot being put in place.”The UEFI Forum got in touch with yours truly, setting up an interview for exchange of thoughts and ideas. It was productive because a consensus we reached was that ‘secure’ or Restricted Boot in UEFI has no purpose (or little purpose) other than to serve or facilitate business models of corporations, at the expense of customers. It is akin to DRM and TiVoization and it is hard to defend the inclusion of this antifeature, for reasons we covered here before . It was a one-hour conversation mostly with the president of the UEFI Forum, who is a technical and humble man. I politely made suggestions for UEFI, focusing on freedom aspects, and there was no lack of subjects to discuss (including patents). After an hour had lapsed we decided to call it a day (it was Friday night and I was already late to meet some friends at a local pub), but the mutual sentiment can be described as amicable. I accepted the invitation hoping it would lead to progress, not friction. The phone conference focused on questions pertaining to UEFI, with clear focus on the negative aspects, i.e. areas of improvement. In it were UEFI spokespersons Mark Doran, UEFI President, and Michael Krau, UEFI Forum’s Industry Communications Working Group (ICWG) Chair. A lady called Christine was there also, but she did not participate in the technical discussion; she had helped set it all up.

To summarise some of the key points, it was agreed that ‘secure’ boot only gives UEFI Forum a lot of negative publicity. Other issued were raised, but none else got the same amount of coverage, I had not prepared notes, mostly because the goal was to focus on freedom and not to deviate from that. UEFI Forum’s President was understanding. He said I was asking the right questions and did acknowledge that some of my concerns were legitimate (the conversation was recorded with consent from them, but it is not for publication).

Security was not the main outcome of UEFI ‘secure’ boot being put in place. They agreed to some degree. That’s why it was productive as a lengthy debate.

Towards the end, emanating from the conversation were the following tips and links, prepared and sent by Christine, who had also been on the conference call. She wrote:


> Thank you for taking the time to speak with us to address your questions
> regarding the UEFI Forum. If you have any additional questions or need
> information, please don’t hesitate to reach out to me.
>
>
>
> For your reference, I’m including a link to an abstract of the
> presentation
> http://www.linuxtag.org/2013/de/program/freitag-24-mai-2013.html?eventid=6
> referenced today by Mark Doran, President of the UEFI Forum, and
> delivered by Matthew Garrett at the Linux Tag conference in Berlin. The
> title of Garrett’s presentation is “Making UEFI Secure Boot Work for Linux.”
>
>
>
> During the call, Mark also suggested that you might want to view the
> repository of information pertaining to UEFI at Tianocore.org
> http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=Welcome,
> a community site surrounding the open source components of Intel’s
> implementation of UEFI.
>
>
>
> And following are links to the three Intel YouTube videos Mark
> referenced about UEFI Secure Boot configuration:
>
> · Part 1 http://www.youtube.com/watch?v=eAnlhkbMang – Enabling
> & Disabling UEFI Secure Boot. Instructions for setting up a system with
> UEFI Secure Boot to dual-boot between Microsoft* Windows* 8 & Ubuntu*
> 12.10.
>
> · Part 2 http://www.youtube.com/watch?v=dwlbf1VRJ60 -UEFI
> dual-boot setup with Microsoft* Windows* 8. Instructions for setting up
> a system with UEFI Secure Boot to dual-boot between Microsoft Windows 8
> & Ubuntu 12.10.
>
> · Part 3 http://www.youtube.com/watch?v=eAnlhkbMang – UEFI
> dual-boot setup with Linux* (Ubuntu* 12.10). Instructions for setting up
> a system with UEFI Secure Boot to dual-boot between Microsoft* Windows*
> 8 & Ubuntu* 12.10.
>
>
>
> Again, thank you for your time, and please let me know if I can provide
> you with additional information.

To go along with ‘secure’ boot is to help endorse what sure has become a threat to booting freedom, not just to choice. The conference did not alter my mind in any way on this topic. The key point, as was made abundantly clear to them, is that ‘secure’ boot does a major disservice to UEFI by giving it bad reputation — an inevitability when a convicted monopolist like Microsoft perturbs UEFI for non-technical reasons.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. Needs Sunlight said,

    May 26, 2013 at 2:17 pm

    Gravatar

    It sounds like it went well and established that you are all on about the same page. I hope they didn’t persist in the myth about it helping security though. Did that come up?

    Dr. Roy Schestowitz Reply:

    Mark Doran believes that DRM is about overcoming broken business models, not security; when challenged on security of ‘secure’ boot he mostly accepted my arguments and could not counter many.

  2. lozz said,

    May 28, 2013 at 9:18 am

    Gravatar

    Maybe, we should call EUFI “secure boot”, phantomware.

    We used to have vapourware, where M$ would claim to be developing startling new software that never eventuated.

    UEFI actually exists but does nothing to support its claimed purpose of improving security.

    Its only purpose seems to be an attempt towards making things more difficult in installing dual boot systems on M$ computers.

What Else is New


  1. OSI Did Not Guard the Open Source Brand; Now Its Own Name, Open Source Initiative, is Being 'Diluted' and “Open Source” is Almost Meaningless

    The term or the brand “Open Source” is becoming worthless because those who use it typically engage in production of proprietary software falsely marketed as “Open Source” (that's what openwashing is inherently about)



  2. Microsoft is Not an Open Source Authority But an Opponent of Open Source

    Various outlets that are closely connected to Microsoft are trying to convince us that Microsoft is now 'king' of Open Source; nothing could be further from the truth however



  3. Links 22/9/2019: KMyMoney 5.0.7, Lennart's Latest Plan

    Links for the day



  4. Summits of Open Bear Traps: The Open Core Summit and Other 'Open' Events That Actually Attack Software Freedom

    Conferences that call themselves "open" something are sometimes nothing but an attack on openness (not to mention freedom) and promotion of FUD about Free/Open Source software (FOSS); there's an ample set of examples to that effect



  5. Openwashing Report: 'Open Source' Without Any or Most of the Benefits

    The cheapening of the term "Open Source" continues; sooner or later everything out there will be called "open" irrespective of what it really is



  6. Patent Extremism is Not Normal and Not an Innocent Mindset

    Reflection upon the sad state of the European patent system and how media turns a blind eye to it; worldwide, in general, the discussion about patents is being warped by the litigation giants, whose sole goal is to maximise the number of lawsuits/shakedowns (personal gain)



  7. Links 22/9/2019: LLVM 9.0.0 and FreeBSD 12.1 Beta

    Links for the day



  8. Links 21/9/2019: Plasma 5.17 Beta in Kubuntu, Cockpit 203

    Links for the day



  9. IBM Cannot Become a True Friend of Free Software Because of Its Current Patent Policy

    IBM needs to quit bullying people/companies with software patents; that would help towards appeasement of IBM critics and sceptics



  10. When Patent 'Professionals' Sound Like Children Who Learned to Parrot Some Intentionally-Misleading Buzzwords, Myths and Lies

    With buzzwords like "AI" and misleading terms like "IP" the litigation zealots are trying to convince themselves (and the public) that software is a physical thing and a "property" which needs "protecting" from "theft"; it doesn't seem to bother these people that copyright law already covers software



  11. The European Parliament Needs to Become More Outspoken About EPO Abuses

    There are few encouraging signs in Europe right now because the EPO's disregard for patent law (striving to just grant as many patents as possible) earned it much-needed backlash from the European Parliament



  12. Links 19/9/2019: German Federal Ministry of the Interior Wants FOSS, Top Snaps Named

    Links for the day



  13. Buying the Voices of 'Linux' People to Repeat Microsoft's Talking Points While Removing Our Icons and Leaders (Calling Them Sexist)

    The dirty games leveraged by several companies including Microsoft target charismatic people who are essential for morale and leadership; these tactics aren't particularly novel



  14. When the EPO Sees Itself as Above European Law, Grants Patents in Defiance of the EPC (Its Founding Document) and Violates Staff's Labour Rights/Protections (International Law)

    The absurd state of affairs at the EPO has reached the point where laws at every level are being violated and even judges are being threatened or vainly ignored; the EU is belatedly trying to tackle these issues, which have actually cost its credibility a great deal and threaten the perception of Rule of Law at multiple levels



  15. Links 19/9/2019: Samba 4.11.0 and Kubernetes 1.16

    Links for the day



  16. Update on Koch v EPO: Internal Appeals Committee (IAC) Composition Still Likely Illegal

    An important EPO case, concerning a dismissed staff representative, shows what ILO-AT and the EPO's Internal Appeals Committee boil down to



  17. Links 18/9/2019: Fedora Linux 31 Beta, PCLinuxOS 2019.09 Update

    Links for the day



  18. Links 17/9/2019: CentOS 7.7 and Funtoo Linux 1.4 Released

    Links for the day



  19. EPO is Not European

    Internationalists and patent trolls are those who stand to benefit from the 'globalisation' of low-quality and law-breaking patents such as patents on algorithms, nature and life itself; the EPO isn't equipped to serve its original goals anymore



  20. The EPO's Central Staff Committee and SUEPO (Staff Union) Respond to “Fascist Bills” Supported by EPO President António Campinos

    Raw material pertaining to the latest Campinos "scandal"; what Campinos said, what the Central Staff Committee (CSC) said, and what SUEPO said



  21. Storm Brewing in the European Patent Office After a Hot Summer

    Things aren't rosy in EPOnia (to say the least); in fact, things have been getting a lot worse lately, but the public wouldn't know judging by what media tells the public (almost nothing)



  22. Why I Once Called for Richard Stallman to Step Down

    Guest post from the developer who recently authored "Getting Stallman Wrong Means Getting The 21st Century Wrong"



  23. As Richard Stallman Resigns Let's Consider Why GNU/Linux Without Stallman and Torvalds Would be a Victory to Microsoft

    Stallman has been ejected after a lot of intentionally misleading press coverage; this is a dark day for Software Freedom



  24. Links 16/9/2019: GNU Linux-libre 5.3, GNU World Order 13×38, Vista 10 Breaks Itself Again

    Links for the day



  25. Links 16/9/2019: Qt Quick on Vulkan, Metal, and Direct3D; BlackWeb 1.2 Reviewed

    Links for the day



  26. Richard Stallman's Controversial Views Are Nothing New and They Distract From Bill Gates' Vastly Worse Role

    It's easier to attack Richard Stallman (RMS) using politics (than using his views on software) and media focus on Stallman's personal views on sexuality bears some resemblance to the push against Linus Torvalds, which leans largely on the false perception that he is sexist, rude and intolerant



  27. Links 16/9/2019: Linux 5.3, EasyOS Releases, Media Backlash Against RMS

    Links for the day



  28. Openwashing Report on Open Networking Foundation (ONF): When Open Source Means Collaboration Among Giant Spying Companies

    Massive telecommunications oligopolies (telecoms) are being described as ethical and responsible by means of openwashing; they even have their own front groups for that obscene mischaracterisation and ONF is one of those



  29. 'Open Source' You Cannot Run Without Renting or 'Licensing' Windows From Microsoft

    When so-called ‘open source’ programs strictly require Vista 10 (or similar) to run, how open are they really and does that not redefine the nature of Open Source while betraying everything Free/libre software stands for?



  30. All About Control: Microsoft is Not Open Source But an Open Source Censor/Spy and GitHub/LinkedIn/Skype Are Its Proprietary Censorship/Surveillance Tools

    All the big companies which Microsoft bought in recent years are proprietary software and all of the company’s big products remain proprietary software; all that “Open Source” is to Microsoft is “something to control and censor“


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts