Today in UEFI 'Secure' Boot Debates (the Frog is Already Boiling and Melting)
posted by Roy Schestowitz on May 28, 2024
Over at LQ today:
Quote:
Originally Posted by TheJooomes /div> That's the meaning I extracted from "no BIOS", "third party UEFI certificates have been disabled", and "The era of general purpose computing is drawing to a close". I haven't heard of cases that extreme before so I want more than a claim in a forum thread.
|
No problem. Here are two links, the first one via an archive in case m$ changes it:
"Secure the Windows boot process":
https://archive.is/q69Mx/again?url=h...0-boot-process
and "Using your own keys"
https://wiki.archlinux.org/title/Uni..._your_own_keys
Though the first one has a lot of weasel-wording it still makes the point. Notice that you have to actually parse the document:
Quote:
• Configure UEFI to trust your custom bootloader. All Certified For Windows PCs allow you to trust a non-certified bootloader by adding a signature to the UEFI database, allowing you to run any operating system, including homemade operating systems. |
The word "default" is not used specifically, yet the default is exactly what is being described.
Also, the gotcha there is certified. Those which are not certified and those which are certified but not in compliance are not going to permit that. Talk with people who deal with resale of used systems and you will get plenty of first hand anecdotes, there are certainly such shops or individuals in your geographical area.
If you have not gone out of your way to follow trends in ICT lately then it would not be strange that you have not heard of third party certificates being disabled by default. Again, there was a lot of discussion and detailed analysis before UEFI was even rolled out. All that is buried somewhere in the search engines, assuming the pages are even still up.
Edit: See also:
Starting in 2022 for Secured-core PCs it is a Microsoft requirement for the 3rd Party
Certificate to be disabled by default. This means that for any of these Lenovo
platforms shipped with Windows preinstalled an extra step is needed to allow Linux to
boot with secure boot enabled.
UEFI + Secureboot was always just a lot of "security theatre" marketing for the gullible. For proprietary OS vendors, security is a feature which can be sold for profit. The aim was always to lock out alternative OS such as Linux. UEFI itself was dreamed up by a consortium of the x86 hardware/bios vendors, MS and Apple.
Those who still believe that Secureboot is really about security and preventing "evil maid" attacks need to pull their heads out of the sand. Business often invents the problem, then sells the solution and this was very similar, but not quite the same. It also came packaged with MS' anti-competitive, hostile agenda to destroy Linux - all dreamed up during the Steve "Linux is a cancer" Ballmer era.
It astounds me that users of FOSS operating systems who post on sites like this one, happily walked down that path, eagerly supporting sell outs like Canonical and Red Hat and are still parroting the marketing speak about Secureboot, many years later. Many of these people were running Linux on hardware which was not configured for dual booting Windows 8.0/8.1, yet still they took great pride in running a UEFI only system, disabling legacy boot, jumping through hoops to configure their OS to boot by this horrible convoluted broken and ironically, insecure MS design, which even uses the antiquated MS FAT file system.
MS wants to ensure that only a Microsoft OS can boot from the bare metal, it has been paving the way for this for years. For Linux it has invested in WSL/WSL2 and it has lured people across with the convenience of that.
The TPM/TPM2 is a further assault on your freedom to install what you want to install on the hardware you paid for. It is one of the latest advances in "Trusted Computing", which is anything but trustworthy...
https://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Quote:
There are some gotchas too. For example, TC can support remote censorship. In its simplest form, applications may be designed to delete pirated music under remote control. For example, if a protected song is extracted from a hacked TC platform and made available on the web as an MP3 file, then TC-compliant media player software may detect it using a watermark, report it, and be instructed remotely to delete it (as well as all other material that came through that platform). This business model, called traitor tracing, has been researched extensively by Microsoft (and others). In general, digital objects created using TC systems remain under the control of their creators, rather than under the control of the person who owns the machine on which they happen to be stored (as at present). So someone who writes a paper that a court decides is defamatory can be compelled to censor it - and the software company that wrote the word processor could be ordered to do the deletion if she refuses. Given such possibilities, we can expect TC to be used to suppress everything from pornography to writings that criticise political leaders. |
Quote:
The gotcha for businesses is that your software suppliers can make it much harder for you to switch to their competitors' products. At a simple level, Word could encrypt all your documents using keys that only Microsoft products have access to; this would mean that you could only read them using Microsoft products, not with any competing word processor. Such blatant lock-in might be prohibited by the competition authorities, but there are subtler lock-in strategies that are much harder to regulate. |
Quote:
12. Scary stuff. But can't you just turn it off?
Sure - unless your system administrator configures your machine in such a way that TC is mandatory, you can always turn it off. You can then run your PC as before, and use insecure applications.
There is one small problem, though. If you turn TC off, Fritz won't hand out the keys you need to decrypt your files and run your bank account. Your TC-enabled apps won't work as well, or maybe at all. It will be like switching from Windows to Linux nowadays; you may have more freedom, but end up having less choice. If the TC apps are more attractive to most people, or are more profitable to the app vendors, you may end up simply having to use them - just as many people have to use Microsoft Word because all their friends and colleagues send them documents in Microsoft Word. By 2008, you may find that the costs of turning TC off are simply intolerable. |
In the world of "Big Tech", the words "trust", "security" and "privacy" don't mean what you think they mean.