Bonum Certa Men Certa

Red Hat Criticised for Advancing Microsoft's UEFI Agenda

Customers? What about users?

Red Hat-Microsoft page



Summary: Bloggers sound off and rant about what Red Hat has done

IT HAS not been a good week for software freedom. Canonical gave Microsoft more control over GNU/Linux and rather than file a formal complaint (e.g. antitrust) about Microsoft's trap Red Hat decided to dive right into it.



One Free software-aware journalist calls this a "bad idea":

In November 2006, when Novell signed a patent licensing deal with Microsoft, the free and open source software community, for the most part, was predictably appalled.

But recently when Red Hat announced that it had signed a deal with Microsoft to ensure that Linux could be installed on PCs that were Windows 8-capable - in other words, those that supported secure boot - there was very little outcry. Red Hat is now trying to justify this act.

In Novell's case, it was a last-ditch - albeit foolish - attempt to try and revive its business. After a series of unwise decisions that saw it lose its number-one position in the networking business (and yes, Microsoft, took it for a ride during those days), Novell had come to the point where it was willing to try anything. SUSE Linux was looked upon as some kind of saviour after Novell bought the company in 2003 but battles between suits and geeks ensured that neither party's tactics were implemented.

Hence Novell got into bed with Microsoft. One of Novell's best and brightest, Jeremy Allison, found the atmosphere suffocating and left the company in disgust, ending up later at Google.

But after Red Hat announced its Judas Iscariot act recently, the scenario is very different. Hell, we even have the announcement of the deal being made by the wispy-thin Matthew Garrett, once a renowned flame-master on mailing lists, but now one of the best and brightest at Red Hat, one who pledges allegiance to peace, civility, diversity, and probably the Dalai Lama too.


Carla from LXer (and former editor of Linux Today, book author, contributor to Linux.com etc.) is also upset about what Red Hat has done. To quote:

Tim Burke of Red Hat wrote a masterful apologetic for Microsoft's strong-arming and takeover of the most basic operation of a computer-- starting it up. Executive summary: We are in this 100% with our good friends in Redmond.

Allow me to hit the high points:

"One security threat that has been getting a lot of interest lately is the ability to ensure the integrity of the early boot sequence"

Only because the richest software company on the planet is utterly incompetent, and incapable of building a secure operating system. So instead they bully the rest of the world into trying to mitigate the security disaster that is Microsoft Windows.

"The mechanism used to confirm the integrity of operating system software...uses traditional key signing and variations of checksumming... Performing the checks early is crucial as it provides a safe, verified starting point."

ORLY? Key signing is the answer, eh? Oopsie, no it isn't, as the Flame malware proves. Flame spoofs Microsoft's own Certificate Authority, takes over Windows Update, and fools Windows computers into thinking they're installing genuine proven-trusted signed Microsoft code. See:

Microsoft Security Advisory (2718704) Unauthorized Digital Certificates Could Allow Spoofing

Flame malware mimics a Windows update

Flame Malware Hijacks Windows Update Mechanism

Those wacky malwares, don't they read Microsoft press releases on how Microsoft realio trulio this time for real has made Windows like all secure?



This is not the first time that we write about this annoying move from Red Hat, but it's good to see that other than apologies from Fedora members and Red Hat employees we mostly found opposition to Red Hat's move. We praised Red Hat many times before (I recently interviewed their CEO), but not everything this company does is praiseworthy. Microsoft got its way and Red Hat staff seeks to justify what Red Hat has done. To quote:

The other complaint about UEFI Secure Boot is that it doesn't add any security. There's two aspects to this - people either think it'll be quickly broken, or people think that the public availability of signing services will render it useless.


There are many other reasons -- better reasons -- to altogether reject UEFI, such as hardware obsolescence, control by Microsoft, and so on. It's probably too late for Red Hat to retract and change course. Redmond residents who work for Microsoft are probably opening a bottle of champagne this week.

Comments

Recent Techrights' Posts

Certificate Authority Let's Encrypt Has Almost Gone Down to Zero, Nearly Totally Extinct in Geminispace, the Few Capsules Still Using It Are Spam/Dead/Stagnant
This represents another decrease for Let's Encrypt; the last decrease was last week
Trying to Silence Techrights Was a Huge Mistake
Peter Thiel attacked a publisher for asserting, correctly, that he was gay. Now everyone knows it.
 
Gemini Links 07/09/2025: Advertising, Decentralized Archival, and Outsourcing to Bezos
Links for the day
Not Much Left in News Cycles
To be very clear, this does not describe "Linux" anything; it's true in just about every facet of news, except the paid-for fake "journalism" about "hey hi" (sites getting paid explicitly to maintain or rekindle hype)
Throwing Away "Old" Computers (Mozilla and Other Climate Deniers)
Mozilla is not leftist
The UEFI 9/11 - Part VIII - Denial of Service and Selling Us WSL (Windows) Instead of "Risky" (Prone by Breakage by Microsoft) GNU/Linux
Restricted Boot (so-called 'SecureBoot') does not improve security. It is nothing but trouble. It's meant to trouble non-Windows users. In dual-boot setups, SecureBoot is a recipe for disaster because Microsoft keeps erasing or tampering with the boot sector, to paraphrase an associate
Slop is Extremely Rare in Geminispace, Slop Images Are Unheard Of (Despite Images Being Supported)
As long as Geminispace grows in terms of domains it's safe to predict the protocol will still be used in 2029 and hence Geminispace will turn 10
Links 07/09/2025: Robodebt Class Action, Fines, and Copyright Settlement
Links for the day
Links 07/09/2025: Yle Impersonated in Social Control Media, Boat-Attacking Orcas, Midjourney Sued Again
Links for the day
Slopwatch: LinuxSecurity, Linux Journal, and the Serial Slopper
Google won't tackle the issue because Google participates not only in relaying slop but also in generating lots of it
Links 07/09/2025: Google Fines in EU and "Your Internet Access Is at Risk"
Links for the day
Gemini Links 07/09/2025: Little Brother and Corporate Theatre
Links for the day
Links 07/09/2025: More Harms of Slop and Anthropic's Nightmare Scenario (Huge Legal Liabilities for Slop)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 06, 2025
IRC logs for Saturday, September 06, 2025
Microsoft Sites Now Talking About September's Mass Layoffs at Microsoft
It's noteworthy that even Microsoft's MSN now covers the latest revelations about mass layoffs
Gemini Links 06/09/2025: SpellBinding Moving and "The Cloud" Ridiculed
Links for the day
Slopwatch: On "the Apology Industry", Chatbots (Punchbag for Customers), and Fake Articles About "Linux"
"news reporting priorities changed"
Links 06/09/2025: "Covid Incidence on the Rise" and Many Attacks on the Press Worldwide
Links for the day
The Register Bill
The Register MS - putting the "MS" in your centre of the universe
Analogies for "Memory Safety" in Rust
Don't worry, it's Rust! It can do anything!
Nobody Denies That SecureBoot Will Cause Problems After September 11
Not even Microsoft
Gemini Links 06/09/2025: Infinite Scrolling and Posting from Emacs
Links for the day
Links 06/09/2025: GitHub Meltdown Over Slop, "U.S. Jury Says Google Should Pay $425 Million in Privacy Lawsuit"
Links for the day
Despite Its Severe Financial Problems Gnome Foundation Inc Paid Rosanna Yuen Over 100,000 Dollars Last Year
maybe relocation should be considered
The "Left" and the Right"
It poisons everything
Mozilla and Rust Are Not Leftists
they're part of the mass consumerism machine
Disposable to Microsoft
There is an extensive set of people who got used by Microsoft, only to be thrown away a month later or a year later or a decade later
The UEFI 9/11 - Part VII - This Coming Week Many PCs Will Refuse to Boot "Linux" (Because of Microsoft's Expired Certificate)
The real solution is, disable "secure boot" or "SecureBoot" while it's still possible. [...] Just like submarine patents, a lot of this problem was "hibernating" for a while
The Thing Nobody in Red Hat Wants to Talk About Openly
There is a real sentiment or worry among Red Hatters, Europeans and Americans in particulars (because of higher salary expectations)
Slopwatch: Small Parade of Fake News About "Linux" and Scams Borrowing the Name (or Word) "Linux"
In practice, LLMs are a risk
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 05, 2025
IRC logs for Friday, September 05, 2025
Genini Links 05/09/2025: Community, ROOPHLOCH, and PITkit
Links for the day
Links 05/09/2025: Vaccine Sceptics Poison the Well, Two Exploited Vulnerabilities Patched in Android
Links for the day
Gemini Links 05/09/2025: Logitech Lift and DIY Gemini Servers
Links for the day
Links 05/09/2025: Sainsbury's Caught Spying on In-Store Shoppers and Microsoft "OpenAI is Using Legal Threats to Harass its Critics"
Links for the day
BASIC Predates Microsoft by Over a Decade, Microsoft-Controlled Sites Like The Register MS Don't Want You to Know This
The state of the media is really bad when it relies a lot on oligarchs' money and is appointing editors who are working for oligarchs
Brian Kernighan, "Only Third to Dennis Richie and Ken Thompson" (UNIX), Agreed With Someone Who Said Rust Was Just Hype, Should Not Replace C
17 hours ago
Reminder: Microsoft's "Secure Boot" Certificate for "Linux" Will be Expired in One Week
Many PCs won't manage to 'rotate' to another certificate
"Many of the Red Hat Employees Are Still Looking for Work"
Shame on IBM's CEO
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 04, 2025
IRC logs for Thursday, September 04, 2025
Microsoft Started With Code Literally From The Trash, Nothing Has Improved Since
The reality is, there are systems and code that are reliable. But they're not Microsoft's.
Hypothesis That New McKinsey/Microsoft Executive Inside Red Hat Will Outsource Research and Development Operations to India (Like They Do in IBM)
IBM is floundering
Slopwatch: Scams, Fake Articles About "Linux", Plagiarism, and Worse
Perhaps some time soon the LLMs or the "Big LLMs" will run out of money (to borrow) and go offline, leaving those slopfarms in a tough place