EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

06.06.13

UEFI ‘Secure’ Boot is Not About Security, Insyde Software’s Business Model is Misguided and Dangerous

Posted in GNU/Linux, Kernel, Security at 9:10 am by Dr. Roy Schestowitz

Corporate insecurity for Insyde Software, corporate security for Microsoft

UEFI

Summary: Promotion of bad ideas by Insyde Software merits another discussion about what UEFI actually means to ordinary GNU/Linux users

The main problem with UEFI is its effect on freedom. It’s not just about restricted boot but also patents and other issues covered in the criticism section in Wikipedia.

A new press release from Taiwan describes UEFI as a security mechanism, but this is utter fiction. Last month I spoke for over an hour with the president of the UEFI Forum, covering in length the aspect of security. He too was led to agreeing with me that security is hardly improved by UEFI, which can have its barriers bypassed and ignored. The press release says something like this:

Insyde Software, a leading provider of Unified Extensible Firmware Interface (UEFI) BIOS, today announced the availability of new UEFI security features including Secure Boot and secure firmware update for leading Linux distributions.

No, thanks. Linux does not need UEFI for security. Even Torvalds rejects the 'security' claim (he dislikes ‘secure’ boot in general [1, 2]). So the above is a marketing gimmick, that’s all. Insyde Software will boost flawed claims of ‘security’, so we should all be prepared to rebut.

Dr. Garrett, an expert in this field and occasional apologist, demonstrated that UEFI with Linux can brick hardware [1, 2, 3]. So much for security, eh? He is supporting it, sadly enough, based on very weak grounds. He should have antagonised it instead. Earlier this week he posted an update on the bricking issue:

Meanwhile, Samsung got back to us and let us know that their systems didn’t require more than 5KB of nvram space to be available, which meant we could get rid of the 50% value and replace it with 5KB. The hope was that any system that booted with only 5KB of space available in nvram would trigger a garbage collection run. Unfortunately, it turned out that that wasn’t true – some systems will only trigger garbage collection if the OS actually makes an attempt to write a variable that won’t otherwise fit.

So the search for a solution goes on under the false pretences that buggy, experimental UEFI sometimes adds something for GNU/Linux users to enjoy. The practical benefits of UEFI are very minor to ordinary desktop users. UEFI is good for two monopolies: the Intel/x86 monopoly and the Windows monopoly.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. Weekend News: Surveillance, Drones, Torture, and More

    News about power and abuse thereof, including -- for the most part -- surveillance

  2. Links 8/3/2014: Distros

    Links for the day

  3. Links 8/3/2014: Games

    Links for the day

  4. Links 8/3/2014: Instructionals

    Links for the day

  5. Political News That Matters

    Links for the day

  6. MDV News: OpenMandriva Lx 2014 on Its Way, Mageia Has Issue, PCLinuxOS Has New Magazine

    Links for the day

  7. Secret Deals -- Not GnuTLS -- a Threat to GNU/Linux Security

    Shifted focus (diversion towards non-issues like the GnuTLS flaw) and what we really need to watch out for when it comes to surveillance on GNU/Linux users

  8. Leaving Windows to Rot

    Windows XP is almost officially dead now, so rather than cling onto it (as parts of China reportedly do) one needs to move to GNU/Linux

  9. Red Hat Joins the Joke Which is Amazon's 'Secure' Federal 'Cloud'

    Another Red Hat move which puts citizens' data in the hands of unaccountable spies and their corporate partners/accomplices

  10. Fedora 21 Release Just 7 Months Away

    Red Hat's Fedora 21 will come out in the middle of October, according to a newly-published schedule

  11. Debian's Importance is Growing

    Updates and news from the Debian camp, focusing on the silent or lesser-acknowledged role of this international project in computing

  12. Arch Linux is Becoming More Mainstream

    Arch (GNU/)Linux is used by a lot of people and inspiring big derivatives such as Manjaro, Chakra GNU/Linux, and more

  13. IBM Not the Only 'Sugar Daddy' of GNU/Linux

    As IBM declines it is worth remembering that GNU/Linux no longer rests on the shoulders of few giants

  14. Privacy, Spying on Congress, Drones, Ukraine Intervention, and More

    Links for the day

  15. A Parade of (GNU/)Linux-powered Mobile Operating Systems

    Links for the day

  16. Links 6/3/2014: Games

    Links for the day

  17. Links 6/3/2014: Applications

    Links for the day

  18. Links 6/3/2014: Instructionals

    Links for the day

  19. GoDaddy, Go Away: How This SOPA Backer is Censoring the Internet Despite SOPA's Death

    Political censorship now in the West, but overlooked by statistics that omit domain-level cutoffs

  20. Bitcoin Increasingly Adopted, Increasingly Smeared

    A look at one of the latest smears against Bitcoin, courtesy of Britain's Internet Watch Foundation (IWF)

  21. You Know That Microsoft is Finished When Even Rupert Murdoch Dumps Microsoft

    Rupert Murdoch's special relationship with Microsoft and Bill Gates seems to be coming to an end

  22. Patent Stacking by Microsoft, Apple, Nokia et al. Makes Android/Linux More Expensive, Less Competitive

    The return of discussions about patent stacking and the role played by the anti-Android camp

  23. Panic Over Transport Layer Security (TLS) Flaw Which is Already Patched

    What the media is not really telling us about the GnuTLS vulnerability

  24. An Android World: Limitless Expansion in Tablets, Smaller Devices, and New Hardware

    Links for the day

  25. This Week's News: Civil Rights, Politics and War

    Links for the day

  26. Ubuntu Rising: Desktops, Servers, Phones, and Beyond

    Links for the day

  27. News About Lesser Known Desktop Environments

    Links for the day

  28. GNU/Linux Everywhere: New Stories, More Evidence

    Links for the day

  29. Linux News: 3.14 RC5, LTSI v3.10, kGraft...

    Links for the day

  30. GNOME News: GNOME 3.12, Wayland, Numix, GTK+...

    Links for the day

CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts