The UEFI 9/11 - Part IX - Shunning Old Computers (in 2023 the Certificate Was Updated/Overridden, Underlying Aim May Be Herding/Forcing People to Get TPM and Other 'Novel' Restrictions)
Yesterday: Turn Off Microsoft's Restricted Boot ("Secure Boot") | If Your Machine Still Has "Secure Boot" Enabled, Then Microsoft Has a de Facto Kill Switch (Even If Your Machine Doesn't Have Windows and Never Had Windows) | Updating Firmware is Not the Solution But Only Additional Risk, Disable "Secure Boot" Today
Past Sunday: Throwing Away "Old" Computers (Mozilla and Other Climate Deniers)
Microsoft became notorious for a phenomenon some aptly dubbed and have since then referred to as the "upgrade treadmill". There are forced or compelled "upgrades", both to hardware and software. Those are almost involuntary; users are pressured if not tortured into getting rid of their supposedly "old" (by whose standards and whose fault?) "stuff" - digital stuff like programs, operating systems, motherboards, peripherals, gadgets etc.
Not to say that only Microsoft does this! SAP, Apple and others often do the same, but the nature of the pressure is a little different.
Today we focus on Microsoft, which worked with Intel et al to make BIOS "old" and thus, according to them, "obsolete" (then they try to call what replaces BIOS "BIOS"... as if to confuse people by redefining BIOS, calling what replaces it "BIOS").
This is not an unprecedented or unheard-of modus operandi.
Today it is our last part before September 11. Some people won't immediately notice the effect because many GNU/Linux users don't boot every day or several times per day. I myself have not rebooted my laptop for over 700 days already, so I've not seen the bootloader since 2023.
We keep saying that newer is not always better. That's not the same as saying that new or newer is always bad or worse. That's not a fair generalisation.
Consider modern (or "modern", maybe capitalised "Modern") hardware. What does it really have to offer that "old" PCs don't have? TPMs? Newer bug/back doors? Less reliable, cheaply-made components? Designed to fail sooner because they're cheaper to manufacture?
Then there's the reliability - or lack thereof - of the boot menu/s. Don't take our word for it. Ask people who know it well (inherent details). Not only do they change over time, which risks their integrity; they also added enough complexity to assure disaster some time down the road, e.g. some remote certificate authority (CA) 'heralding' that the certificate is 'expired' and therefore booting should be verboten.
But first, a little background: In Part I we introduced the issues in simple terms, in Part II we focused on the attacks on people who merely talked about these issues, Part III primarily tied things together, Part IV named some of the culprits, and Part V advised people to turn off "SecureBoot" (also in the sister site now that we're in September; live and learn). Part VI spoke of the "Serious Harm" that will be caused to many ordinary computer users and Part VII said that the event is only days away. In Part VIII we said that WSL and dual-booting aren't solutions but recipes for disaster. The real solution is disinfecting one's machine (no more checking anything with Microsoft).
Again, newer isn't better. It's typically better for some companies (known as "vendors" in this context; they call the customers "users" - the same term drug cartels use).
"50 Years Ago, a Bloody Coup Ended Democracy in Chile" (headline from the journal of record). Is Chile better off now? Ask the average peasant. Chile did not progress much; it's still largely a farmland, wages are low, and there's risk of conflict. Quoting the article: "Gen. Augusto Pinochet led the violent overthrow of the socialist government of Salvador Allende, seizing power for nearly 17 years. Here is a selection of photographs from the coup and its aftermath."
One might say that Microsoft staged a coup against BIOS, as it already did for over 20 years (we covered other attempts in prior decades). The parallel external meddling (several nations in Chile's case; the UK played a role, not just the US) can be compared to WIntel or Windows+Intel. Inciting/interfering with the ability of people to run non-Microsoft systems is the overall goal.
Any political comments would only serve to distract from the technical issues, so we'll stop there. An associate reminded me that Jacobin has a whole long series with old articles and more recent articles about the topic (political links).
The parallels are incredible, but making analogies would put us at risk of alienating/dividing the audience based on "wings". Everyone can agree that Microsoft controlling the bootloader (or something that precedes a visible boot menu) is wrong, both for moral and for technical reasons. So much can go wrong. Stay tuned as we plan a new series about the aftermath. █