Home Business IT Open Source OpenBSD's de Raadt slams Red Hat, Canonical over 'secure' boot
Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


OpenBSD founder Theo de Raadt has slammed Red Hat and Canonical for the way they have reacted to Microsoft's introduction of "secure" boot along with Windows 8, describing both companies as wanting to be the new Microsoft.

Responding to a query from iTWire about what OpenBSD, widely recognised as the most security-conscious UNIX, would be doing to cope with "secure" boot, De Raadt said: "We have no plans. I don't know what we'll do. We'll watch the disaster and hope that someone with enough power sees sense."

Microsoft will launch Windows 8 exactly three months from today. The company has said that a "secure" boot process will be needed to boot the operating system on any platform, which means that keys will be used at two stages to recognise what is being loaded. The process is done through the Unified Extensible Firmware Interface, or UEFI.

There will be a mechanism to turn off this method of booting on x86 hardware; however, Microsoft has said that this will not be provided on the ARM platform.

De Raadt foresees issues for "secure" boot in Europe. "I expect that the Intel/Microsoft plans will face big problems in Europe," he said.

"It would be interesting to see a bunch of consumer-unfriendly laptop vendors locked out of European markets, wouldn't it?"

He did not see any positives in the move. "I sense that disaster is coming, and hope that someone has the moral strength to do the right thing," he said.

"I fully understand that Red Hat and Canonical won't be doing the right thing, they are traitors to the cause, mostly in it for the money and power. They want to be the new Microsoft."

Red Hat's method of ensuring that PCs certified for Windows 8 can boot GNU/Linux, announced by its community distribution Fedora, is to sign up to the Microsoft developer program and obtain a key which will be used to sign a "shim" bootloader.

This shim would then load the GRUB2 bootloader which will boot the operating system kernel, which will also be signed. All kernel modules will be signed too. As the first key comes from Microsoft, it will be recognised by most PCs and laptops.

Canonical's plan for its well-known Ubuntu GNU/Linux distribution involves having a key which is distribution-specific in the firmware, and also a key vouched for by Microsoft.

CDs which are sold or distributed separately from hardware will need Microsoft's key to be present in the firmware to boot while bootloader images from the Canonical website will have Ubuntu's own key.

ITWIRE SERIES - REVENUE-CRITICAL APPS UNDERPERFORMING?

Avoid War Room Scenarios and improve handling of critical application problems:

• Track all transactions, end-to-end, all the time and know what your users experience 24/7

• View code level details with context and repair problems quickly

• Fix problems in minutes before they wreak havoc

• Optimize your most important applications, Java, .NET, PHP, C/C++ and many more

Start your free trial today!

CLICK FOR FREE TRIAL!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

Connect