Bonum Certa Men Certa

UEFI Apologists Versus Germany's Government Judgment on UEFI Insecurity

Flag of Germany



Summary: Proponents of UEFI support, who are sometimes Mono proponents as well, may struggle to reason in favour of crippleware given the way UEFI rejects Linux and the reasons the German authorities reject UEFI

T

HE Windows franchise is collapsing (ignore the Microsoft PR machine, which we'll address in a separate post), so Microsoft created a breed of machines that won't boot Linux. One blogger writes:

So do not buy that new shiny computer without knowing what pitfalls you may have to overcome in order to run a free operating system. As a footnote, the Secure Boot link is from an article on the Linux Foundation’s efforts written on ZDNet’s website all about how Microsoft is delaying the keys for Linux. Hmm, just one more reason to buy new equipment from alternate retailers that put Linux first or buy used.


Bottomley and the Linux Foundation cannot say much after they sold out (Novell plays a role for both) and Michael Larabel writes:

James Bottomley wrote a new blog post this morning about why the Linux Foundation really isn't concerned about UEFI SecureBoot on ARM hardware (smart-phones, tablets, etc) compared to the work they are doing on x86 PCs with UEFI SecureBoot support for Linux.

Last month the Linux Foundation announced their UEFI SecureBoot plans for dealing with Microsoft Windows 8 PCs. Their plans basically equated to legally obtaining a Microsoft key and signing a small pre-bootloader that in turn could chain load a predesignated boot loader that would in turn boot Linux or any other operating system without having to deal with the SecureBoot mess. The signed pre-bootloader will be available from the Linux Foundation web-site for anyone to use along with the source-code, albeit not their private key. The foundation is still working to obtain a SecureBoot key and their SecureBoot focus has just been for x86 hardware.

With Linux users wondering why the Linux Foundation isn't diving into some SecureBoot solution for ARM, James Bottomley wrote a lengthy explanation.


We also saw some feedback from vocal UEFI apologists, who are sometimes the same people who promote Mono. Yes, promoters of Microsoft's (and Novell's) Mono also promote or downplay the issues with Microsoft's UEFI demands, but we won't be linking to them. They provoke against this site. Anyway, here is the original post that seeded this debate. It says:

The answer to this comes in several parts: firstly in the PC space, Microsoft has an effective headlock on the OEM and ODMs: no desktop PC ships without a Windows compatibility sticker (the situation is different in the server market, but this is specifically about desktop PCs). Therefore in order to continue simply booting Linux on laptops and desktops, it is a huge priority to find a solution to this problem. Secondly: in the overall mobile marketplace, which encompasses tablets and smartphones, Microsoft has a very tiny presence: somewhere between 2-5%. Linux (Android) has the majority presence: by some counts, Android is >50% in this market space with Apple a close second. Therefore, a Microsoft mandate in an industry where they have no dominance is simply not really threatening (unlike the PC space where they have complete dominance).



The German authorities have already banned UEFI for their own use/machines on the face of it. So-called 'secure' boot is bad for national security. The "German government issues white paper on secure boot," writes LWN:

A press release from FSF Europe (issued November 20) welcomes a white paper from the German federal government on trusted computing and secure boot. "Another demand by the FSFE is addressed by the government's white paper. That before purchasing a device, buyers must be informed concisely about the technical measures implemented in this device, as well as the specific usage restrictions and their consequences for the owner: 'Trusted computing security systems must be deactivated (opt-in principle)' when devices are delivered… And 'Deactivation must also be possible later (opt- out function) and must not have any negative impact on the functioning of hard- and software that does not use trusted computing functions.'" The white paper is in essence a non-binding call to manufacturers, but is significant as a statement from a major national government against restrictions imposed via secure boot that may foreshadow more significant government action. The white paper is available in both English and German.


The war on UEFI should carry on until this malpractice is eradicated. It is a defect, not a feature. It gives remote control over hardware.

Comments

Recent Techrights' Posts

Video: University in Peru Honours Richard Stallman
Tomorrow, January 20, Richard Stallman speaks in France
FOSDEM is Called "FOSDEM" Because of Richard Stallman (RMS)
The overlap there seems timely; yesterday RMS spoke in French-speaking (in part) Switzerland where questions in French were accepted
January 20: Richard Stallman Talk in Europe
evening time in Europe, around midday in the United States and Canada
 
Links 19/01/2025: TikTok (Fentanylware) Now Banned in the US, Convicted Felon Talks to Fentanylware CEO and Pooh-Tin About Undoing the Ban Despite the Supreme Court Unanimously Upholding It
Links for the day
FTC Realises Microsoft Buying Fake 'Clients' to Fake "Revenue" (Microsoft 'Buying' Services and Products From Itself!)
Ponzi scheme
Total Lock-down Ambitions - Part III - The Web Browser as DRM Pusher
A lot of "streaming" stuff is DRM
IBM Termination Story and Information From Microsoft About Mass Layoffs
In 2 weeks of 2025 Microsoft already had 2 waves of layoffs
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, January 18, 2025
IRC logs for Saturday, January 18, 2025
Links 18/01/2025: Restoring the Great Wall of China and Economic Expansion in China
Links for the day
Guardian Digital (linuxsecurity.com) is Spamming the Web With Microsoft's Promotional LLM Slop About UEFI 'Secure' Boot (Which is Against Real Security)
This is an attack on honest journalism
Links 18/01/2025: TikTok's Endgame, "Car Freedom", and Spying in Cars 'Fines' GM (Settlement)
Links for the day
Links 18/01/2025: Apple Getting Out of Hey Hi (AI) Slop (Too Much Misinformation), Chaffbots/Chatbots Try to Settle Copyright Infringement Lawsuits
Links for the day
What Fake News Sites Are Doing to GNU/Linux
The LLM slop about Linux serves two purposes
Links 18/01/2025: Microsofters Upset at Microsoft's Ridiculous Rebrands (Excuse for Massive Price Hikes), Chaffbot Company ('Open'AI) Faces More Lawsuits
Links for the day
Gemini Links 18/01/2025: Surge in Illnesses, ctags, and Gemsync
Links for the day
Slopwatch: Too Lazy to Write Real Articles, Offloading to Chatbots Instead (LLM Slop About "Linux")
The Web was already full of garbage before the LLM frenzy. Now it's even worse.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, January 17, 2025
IRC logs for Friday, January 17, 2025
RMS 'Inauguration' in Montpellier (Government Administration) on January 20th
Happy hacking
Even Technical Articles and HowTos From UNIXMen Nowadays Seem to be LLM Slop
We've just permanently removed the RSS feed of UNIXMen
The FSF's 2024 End-of-Year Fundraiser Succeeds: Over $400k to Support Software Freedom
That's worth bringing up again because the SFC is trying to 'crash' this achievement of the FSF
[Meme] Fentanylware (TikTok) Banned in the United States, Next Up European Union (EU)
And the United Kingdom (UK)
President Biden is Right, "Free Press is Crumbling" and the United States Exports Its Media-Hostile Culture to Other Continents
perhaps Biden should pay closer attention to how Donald Trump-inspired Americans take their battles to other continents
Links 17/01/2025: TikTok Banned by the United Stated (SCOTUS Rejects Appeal)
Links for the day
Software Freedom Conservancy Inc (SFC) Makes It Obvious It's Just a Copycat Trying to Exploit or Leech Off the FSF's (and GNU's) Work
They swim next to the rich people (who "match")
Links 17/01/2025: Fentanylware (TikTok) Herds Its (Drug) Users Into Even More Harmful "Apps"
Links for the day
Guardian Digital, Inc (linuxsecurity.com) Uses Microsoft-Controlled Front Groups and LLM Slop in Order to Spread Microsoft-Directed Anti-Linux FUD
Microsoft garbage likely produced by Microsoft LLMs, spewing out Microsoft FUD
Likely Fake 'Article' About Linux Mint 22.1
BetaNews fired up its plagiarism machine (LLM)
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, January 16, 2025
IRC logs for Thursday, January 16, 2025