04.29.21

Stallman Was Right About ‘Secure’ Boot (Matthew Garrett’s Work Now Used to Prevent Users Adopting New Ubuntu Releases/Derivatives)

Posted in Free/Libre Software, GNU/Linux, Ubuntu at 7:58 pm by Dr. Roy Schestowitz

Summary: Matthew Garrett pushed a malicious ‘feature’ (antifeature) of Microsoft and now we all pay for it; instead of working to remove the restrictions, Garrett is nowadays working hard to remove RMS (the messenger)

MS in 2021:

You cannot upgrade Ubuntu
Sources: It’s FOSS, OMG!Ubuntu and plenty more (if they make it enough of a pain or a risk, they hope people will stay with Windows and maybe use WSL, not real GNU/Linux)

RMS in 2012: Direct download as Ogg (0:13:28, 5.5 MB)

Dr. Roy Schestowitz: I want to know how big a threat you think the so-called “secure” boot is considered to be to the Free software movement.

Richard StallmanDr. Richard Stallman: It’s a disaster. Well, except that it’s not secure boot that’s a disaster, it’s restricted boot. Those are not the same. When it’s front of the control of the user, secure boot is a security feature. It allows the user to control what programs can run on a machine and thus prevent — you might say — unexpected malware from running. We have to distinguish the unexpected malware such as viruses from the expected malware such as Windows or Mac OS or Flash Player and so on, which are also malware; they have features that hurt the user but users know what they are installing. In any case, what secure boot does is that it causes the machine to only work with (?) programs that are signed with a certain key, your keys. And as long as the user controls which keys they are, then it’s a security feature. However, it can be chained into a set of digital handcuffs when the user doesn’t control the keys. And this [is] happening.

“We have to distinguish the unexpected malware such as viruses from the expected malware such as Windows or Mac OS…”Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot. Now, this is not a security feature. This is abuse of the users. I think it ought to be illegal.

It’s a matter of control by the vendor of course, not control by the user himself

Exactly, and that’s why it’s wrong. That’s why non-free software is wrong. The users deserve to have control of their computers/

I think that not only Windows is going to be an issue in fact, if you consider the fact that even a modified kernel is going to be in a position where it’s perhaps not seen as verified for execution. Right, I’m saying, it might not only be a malicious feature in case of something like Windows running on it, it’s also for — let’s say — a user of the offered operating system but it’s free if the user wants to modify the operating system, for example…

The thing is, if the user doesn’t control the keys, then it’s a kind of shackle, and that would be true no matter what system it is. After all, why is GNU/Linux better than Windows? Not just ’cause it has a different name. The reason it’s better is because it’s freedom-respecting Free software that the users control. But if the machine has restricted boot and the users can’t control the system, then it would be just as bad as Windows. So, if the machine will only run a particular version of GNU/Linux, that is a restriction feature. And I haven’t heard anyone doing that yet with GNU/Linux, but that’s what Red Hat and Ubuntu are proposing to do things — somewhat like that — for future PCs that are shipped for Windows. But it’s not exactly that. And my reason is, the users will be able to change the keys. They will be able to boot their own modified version of the system of Fedora or Ubuntu if they want. So, what Fedora and Ubuntu were proposing doesn’t go all the way there. They’re proposing to do things to make it more convenient for users to install the standard version of those systems. But if things go as it has been announced, users will still be able to change the keys and boot their own versions. So, if all the restricted boot — but it will be something that goes sort of half-way there — it’s somewhat distasteful.

“The thing is, if the user doesn’t control the keys, then it’s a kind of shackle, and that would be true no matter what system it is.”On the other hand, with Android, which is another mostly Free operating system which contains Linux but doesn’t contain GNU, it’s quite common for the product to have something equivalent to restricted boot, and people have to struggle to figure out how they can install a modified and more free version of Android. So, the presence of the kernel Linux in a system doesn’t guarantee it’s going to be better. And I’ve heard someone say — oh, it hasn’t been checked — that a particular or kind of Android device is actually using an Intel chip with restricted boot.

One of the concerns that I think is worth raising is the fact that, as far as I know, with many of the embedded devices, especially those based on ARM, I believe it’s not even possible to get into boot menu to disable so-called “secure”…

That’s where Microsoft is really going all out, because Microsoft has ordered essentially — demanded — that those shipping ARM devices for Windows 8 make it restricted boot with no way to get around it.

Yeah, which also means of course waste of… all sorts of impacts on the environment. Any time that hardware become obsolete with the operating system itself is not being used of course…

“So it’s a very damaging thing that Microsoft is doing and so we need to look for every possible way to stop them or tweak what they’re doing.”Well, it’s worse than that. It means basically that those devices, you have to throw them out if you want to escape to the free world. And this — in the past — we were able to install, to liberate a computer by installing Free software on it instead of its user-restricting operation system, and this of course was tremendously helpful to the spread of GNU/Linux because it meant that users could move to freedom. It would be much harder if they had to buy another computer to do so. So it’s a very damaging thing that Microsoft is doing and so we need to look for every possible way to stop them or tweak what they’re doing.

As embedded (HTML5):

Keywords: UEFI Coreboot GRUB GNU FSF

Download:

Ogg Theora

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2021/04/29/cannot-upgrade-ubuntu/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Jacques Michel and Willy (Guillaume) Minnoye: Stakeholders in EPO Lawlessness

    Former EPO Vice-Presidents who wish not to be held accountable for what they did in the Office (or be chased after leaving their duties, finishing/ending terms there) are adding fuel to the illegal agenda of an EPOnian regime



  2. Links 15/5/2021: Godot 3.3.1 RC 2 and Pine64 Hardware in Focus

    Links for the day



  3. The EPO's War on Justice and Assault on the Law -- Part 7: Calle's Strange Metamorphosis

    Sources believe the “legal anarchy” that EPOnia became notorious for, especially when it comes to handling referrals at the EPO‘s BoA, will become a dark legacy — a legacy that would, if he was alive, disappoint even Josefsson’s source of inspiration



  4. Making up Law at the EPO

    Another video about the ongoing EPO series and some news/commentary from around the Web



  5. Over a Thousand Videos (or Audio Files) and More Protocols Supported

    From just a Web site (ordinary HTTP/S protocol) we've expanded to alternative channels of communication; this is a quick roundup, with focus on last night's development work (already pushed into our self-hosted Git repository)



  6. IRC Proceedings: Friday, May 14, 2021

    IRC logs for Friday, May 14, 2021



  7. Nathan Proctor: Right to Repair and the DMCA

    LibrePlanet 2019 video



  8. [Meme] Calle Calling...

    The values of the Habermasian EPO judge depend on who’s paying the salary



  9. The EPO's War on Justice and Assault on the Law -- Part 6: The Habermasian Who Warned About “Legal Anarchy”

    The political orientation of a Benoît Battistelli-appointed EPO judge who has the audacity to talk about legal anarchy and bemoan abuse of the law; the António Campinos administration extended his term until (at least) 2027



  10. Paid-for Plugs and Coordinated Marketing Fluff (PR Campaigns) Are Ruining 'Linux' Sites

    Junk 'articles' (just marketing disguised as 'news') spoil the World Wide Web; companies repeat the same sales pitch over and over again, sometimes leveraging what they perceive to be avenues read by geeks



  11. Links 15/5/2021: GCC 8.5, Fedora Community Revamp

    Links for the day



  12. Links 14/5/2021: FreeBSD on the Pine H6, Red Hat Hiring

    Links for the day



  13. Protecting Freenode is Protecting the Free Software Movement

    Freenode may seem like a negligible corner of the Internet, which media never bothers mentioning at all; but Freenode, which many have come to take for granted, is core infrastructure for many Free software projects and protecting the network is essential for the Free Software Movement



  14. EPO Justice

    Justice in Europe's second-largest institution, where the law itself is a second-class citizen



  15. IRC Proceedings: Thursday, May 13, 2021

    IRC logs for Thursday, May 13, 2021



  16. Understanding How Freenode (IRC) Works -- or Doesn't Work -- in 2021

    There is a conflict going on behind the scenes at Freenode, but there are also sincere and well-meaning attempts to undo the damage and get back to normal



  17. [Meme] Judges the Office Cannot Control Are Just Nazis With Weapons in Their Office...

    The EPO hasn’t been run by grown-ups for over ten years; Benoît Battistelli, António Campinos and their confidants cannot grasp the concept of law, just blind loyalty



  18. The EPO's War on Justice and Assault on the Law -- Part 5: Battistelli's “Swedish Chef”

    The EPO's 'courts' are controlled by the people whom they're supposed to judge on; this has been the case for at least half a decade



  19. Links 14/5/2021: KDE Plasma 5.22 Beta and GNOME 40 in Gentoo

    Links for the day



  20. Audio: “Unjust Computing Clamps Down” by Richard Stallman

    The FSF has finally uploaded the LibrePlanet talk of Richard Stallman



  21. Links 13/5/2021: KDE Gear 21.04.1 and LibreOffice 7.0.6

    Links for the day



  22. The EPO's War on Justice and Assault on the Law -- Part 4: The President of the Boards of Appeal

    A deeper look into the ‘sausage factory’ that is EPO tribunals certainly helps us understand the inherent bias of many decisions, including a recent decision on European software patents like a controversial simulation patent



  23. Judging the Judges

    Today we shall take a closer look at Carl Josefsson, a person who shall become a figure of interest if he sends EPO courts to the United States in clear violation of the EPC (looking to rubber-stamp an unlawful decision already made before this case even started)



  24. When EU Authorities Tell You to Complain to the EPO Itself About EPO Privacy Violations...

    “Kafkaesque” at the EPO; Kafka could do a whole novel about the flirtations with or affairs of ‘justice’ at the EPO



  25. The Need for Reliable Governance at Freenode

    Why the current and high-profile (albeit somewhat covert) owner of the network, who seems to care about Free software (it has made him very wealthy), should put the whole thing in reliable hands and not attempt to 'monetise' it in any way



  26. IRC Proceedings: Wednesday, May 12, 2021

    IRC logs for Wednesday, May 12, 2021



  27. Andrew Lee of Private Internet Access/London Trust Media Increasingly Owns and Controls Freenode (Updatedx2)

    The details about Freenode ownership and control are explained in a resignation letter urging users to move to another network



  28. [Meme] eBPF is Not Microsoft's, But It's Certainly Googlebombed by Microsoft

    eBPF isn't Microsoft's. But sites that work closely with Microsoft keep mentioning that term as if Microsoft created it and champions it (typical tactics).



  29. Links 13/5/2021: OpenSUSE Leap 15.3 on Finer Hardware, AMI Dabbling in Free Firmware

    Links for the day



  30. The EPO's War on Justice and Assault on the Law -- Part 3: The Current Line-up

    The composition of the Enlarged Board for case no. G 1/21


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts