Bonum Certa Men Certa

Microsoft Fanatics Were Wrong, Linux Indeed Attacked by UEFI (Updatedx2)

Ed Bott



Summary: More information about UEFI leaves no doubt about Microsoft's intentions to sabotage and cheat

IN OUR previous posts about UEFI (aka "secure" boot) [1, 2, 3] we showed that Microsoft was still a corrupt company looking to break the rules to make money. Aaron Williamson from the SFLC writes the article "Microsoft confirms UEFI fears, locks down ARM devices":



At the beginning of December, we warned the Copyright Office that operating system vendors would use UEFI secure boot anticompetitively, by colluding with hardware partners to exclude alternative operating systems. As Glyn Moody points out, Microsoft has wasted no time in revising its Windows Hardware Certification Requirements to effectively ban most alternative operating systems on ARM-based devices that ship with Windows 8.

The Certification Requirements define (on page 116) a "custom" secure boot mode, in which a physically present user can add signatures for alternative operating systems to the system's signature database, allowing the system to boot those operating systems. But for ARM devices, Custom Mode is prohibited: "On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enable." [sic] Nor will users have the choice to simply disable secure boot, as they will on non-ARM systems: "Disabling Secure [Boot] MUST NOT be possible on ARM systems." [sic] Between these two requirements, any ARM device that ships with Windows 8 will never run another operating system, unless it is signed with a preloaded key or a security exploit is found that enables users to circumvent secure boot.


Glyn Moody adds:

In December 2011, Microsoft published a document entitled "Windows Hardware Certification Requirements" for client and server systems. As the introduction explains:
This release to web (RTW) document contains the Windows Hardware Certification requirements for Windows 8 Certified Systems. These requirements are Microsoft’s guidelines for designing systems which successfully meet Windows performance, quality, and feature criteria, to assure the optimum Windows 8 computing experience. Successfully following this guidance will allow a partner to receive certification for their system.
On page 116 of this document, there are some details about the circumstances under which Secure Boot can be disabled:
MANDATORY: Enable/Disable Secure Boot. On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup. A physically present user must be allowed to disable Secure Boot via firmware setup without possession of Pkpriv. Programmatic disabling of Secure Boot either during Boot Services or after exiting EFI Boot Services MUST NOT be possible. Disabling Secure MUST NOT be possible on ARM systems.
This confirms that it is indeed possible to disable Secure Boot - but only on non-ARM systems (i.e. traditional PCs.) In other words, it would appear that Microsoft is still locking out GNU/Linux from installation on ARM-based Windows 8 machines.

So this leaves me confused. The document was published some time after Microsoft's post where it states "Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows", and yet it seems to contradict it. So what's going here? Was Microsoft's blog statement only about non-ARM systems, as the new documentation suggests? And if so, why the discrimination? And finally, is ARM really happy to see Microsoft apparently locking out GNU/Linux from its systems in this way? Let's hope Microsoft can clarify this situation as it did on the previous occasion.


This leaves no room for excuses. Microsoft's bribed systematic liars/spinners, such as Ed Bott, were just trying to keep regulators away. It's time to nail down Microsoft for interfering with fair competition in more than a single way. Just because Microsoft is imploding or collapsing does not entitle it/give it a right to sabotage competitors. This harms everyone.

Update: SJVN weighs in shortly afterwards:

Microsoft and its vendor friends said that there’s no Windows 8 plot to lock other operating systems from Windows 8 devices, but now we know Microsoft was not telling the whole truth.

Journalist Glyn Moody dug around Microsoft’s Windows Hardware Certification Requirements for Windows 8 client and server systems and found on page 116 that will Windows 8 Secure Boot can be disabled: on Intel systems, “Disabling Secure [Boot] must not be possible on ARM systems.”


Update #2: Microsoft now receives the Slashdot treatment. As one person put it: "Oh boy, the lawyers must be rubbing their hands over this. The flaw in Microsoft's aim of course is that next to no one wants a Microsoft mobile gadget."

Comments

Recent Techrights' Posts

The Persistent Nature of Freedom Isn't About Easy Routes
Resistance to oppression takes effort and sometimes money
Linux Months-Old News (LWN Uncorrected)
They could at least update the original
 
Links 21/06/2024: Overpopulation, Censorship, and Conflicts
Links for the day
IBM and Subsidiaries Sued for Ageism (Not Just for Racism)
This is already being discussed
UEFI is Against Computer Security, Its True Goal is to Curtail Adoption of GNU/Linux and BSDs on Existing or New PCs
the world is moving away from Windows
[Meme] Chat Control (EU) is All About Social Control
It won't even protect children
EFF Not Only Lobbies for TikTok (CPC) But for All Social Control Media, Irrespective of Known Harms as Explained by the US Government
The EFF's own "free speech" people reject free speech
Microsoft's Search (Bing) Fell From 3.3% to 1% in Turkey Just Since the LLM Hype Began
Bing fell sharply in many other countries
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 20, 2024
IRC logs for Thursday, June 20, 2024
The Real FSF Lost Well Over a Million Dollars Since the Defamation Attacks on Its Founder
2020-2023 income: -$659,756, -$349,927, -$227,857, and -$686,366, respectively
The Fake FSF ('FSF Europe') Connected to Novell Via SUSE, Not Just Via Microsoft (Repeated 'Donations')
'FSF Europe' is an imposter organisation
Just Less Than 3 Hours After Article on Debian Suicide Cluster Debian's Donald Norwood Recycles a Fortnight-Old 'Hit Piece'
The fall of Debian is its attack on its very own volunteers
IPFS censorship, Edward Brocklesby & Debian hacker expulsion
Reprinted with permission from disguised.work
Links 20/06/2024: Dumbphone Experience and Bad Encryption
Links for the day
Official Project Gemini news feed — Five years of Gemini!
the official statement
Ultimate Judgment: the Debian Suicide Cluster
Reprinted with permission from Daniel Pocock
Links 20/06/2024: Bruce Schneier Adds Moderation Policy, FUCKSHITUP Can't Be Trademarked in the US
Links for the day
Mass Layoffs Happening in IBM Subsidiaries, Almost No Media Exists Anymore (to Cover That)
They can drive people out with R.T.O. of lay off in small batches to prevent any media scrutiny
Links 20/06/2024: Trying to Maintain Health and the Implosion of LLM Bubble/Hype
Links for the day
Microsoft's Bing Share in Canada Has Only Decreased Since the LLM Hype ("Bing Chat")
According to statCounter
Gemini Links 20/06/2024: Golden Ticket and Looking for Web 1.0 Communities
Links for the day
Not Even TRYING to Compete With Microsoft
CMA (UK) ought to step in and investigate why Canonical (UK) refuses to even compete
Poul-Henning Kamp: Why Freedom in 'FOSS' Matters
Openwashing is more widely recognised as a growing problem
[Meme] EU Chat Control: The Problem is Too Much Privacy???
So what's with GDPR then? The EU is contradicting itself!
Lithuania: GNU/Linux Usage Climbs to Highest Level in Years
consistent abandonment of Microsoft
"Remarkably Little Had Changed."
Black or African American not even mentioned
This Week Fedora Celebrates Diversity, But It is Pushing Proprietary Software and Censorship
IBM openwashing, perception management, and reputation laundering gone awry?
Rumours That Nat Friedman (CEO) Was 'Fired' by GitHub/Microsoft
"Microsoft Refused to Fix Flaw Years Before SolarWinds Hack"
linuxsecurity.com: A Step in a Positive Direction
We hope that Guardian Digital and linuxsecurity.com will rectify the matter and persist with real articles
Links 20/06/2024: Somali Piracy Surges, Juneteenth Discussed
Links for the day
Gemini Links 20/06/2024: Gemini is 5 Today (Still No Gemlog Entry From its Founder)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 19, 2024
IRC logs for Wednesday, June 19, 2024
Morocco: GNU/Linux Surges From 0.1% to 4.21%
Microsoft has mass layoffs in Africa these days
EU 'Chat Control' Law is Already Discrediting the Stated Goals of GDPR
Equip kids with always-on always-connected microphones and double-sided cameras, just to be safe...
[Meme] EU Chat Control II
Stuff like "Chat Control" means that GDPR will lose credibility and the true motives be rightly scrutinised/questioned
You're Only Proving Our Point, Sir
clearly obsessed with what we write
Just Because It Happened Over 20 Years Ago Doesn't Mean It's "Old News" or Stopped Happening
This strategy merely evolved
Thanking Solderpunk for 5 Years of Gemini Protocol
Long live Gemini Protocol and long live Solderpunk!
[Meme] He Who Controls the Boot
And licks the Microsoft boot
[Meme] systemd-recovery
Imagine "Linux" (Poetterix) becoming so unreliable that it needs factory resets
Almost Every Day This Month the GNU/Linux "Market Share" Grows in statCounter
Advocates like to see progress
Dawg, I Herd You Like Freedom
In the context of Software Freedom, little is ever said about free speech
Links 19/06/2024: Microsoft Faces Big Backlash, Bytedance Referred to US Department of Justice
Links for the day
Gemini Protocol Turns 5 in 15 Hours
Geminispace is still very much alive
OSI's Blog is Still 100% "AI" Nonsense Sponsored by Microsoft (the Authors Are Also Salaried by Microsoft)
The founder of the OSI no longer supports the OSI
Poland is Another Country Where Bing Lost a Lot of Market Share Since the LLM Gimmicks
down from 3.24% to 2.4%
Jean-Pierre Giraud, Possible Forgeries & Debian: elections, judgments, trademark already canceled, archaeologist
Reprinted with permission from Daniel Pocock
It Took Microsoft More Than 3 Years to Get a Quarter of Windows Users to 'Upgrade' to Vista 11 (3 Out of 4 Windows Users Still Reject It)
That is exactly what's happening right now
[Meme] The Empire
Don't be like Putin
They Want 'Transparency' Only for the General Public (Every Bit of Communication Available to the Government, Usually Via Corporations)
The EU might decide to effectively ban SSH
Justices Jeremy Johnson and Victoria Sharp to Decide the Fate of Julian Assange in About Three Weeks
Will he be back home in Australia by year's end?
Free Software Won't Fix Equality, But It Helps
Let's examine Free software in the context of: 1) money. 2) justice.
Treating Them as Teammates, Not as Political Props, Trophies, or Objects
Most of the world's people are women
Links 19/06/2024: SFTP and Gopher Milestone
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 18, 2024
IRC logs for Tuesday, June 18, 2024
US Surgeon General's Advice on Social Control Media (and "Smart" Phones) Seems Reasonable
People forget what the real world is about
Quiet at Planet Debian
planet.debian.org has not had any updates since 5 days ago
Belarus: Bing Fell From 1.1% to 0.6% Since Microsoft Started the LLM Hype (Yandex is 50 Times Bigger Than Bing)
Now enter Belarus
Morale at Microsoft Sinks to New Lows
The annual 'Employee Signals' survey showed a drop from 69% to 62% in positive responses