Home opinion-and-analysis Open Sauce 'Secure' boot: much to be scared about

In three short months, Windows 8 will be upon us. And with it will come the phenomenon known as "secure boot", one that is going to have an extraordinary effect on the lives of most computer users.

Few of these effects have been talked of, apart from the relative obscurity of technical mailing lists. There has been a lot of uninformed speculation, and a great deal of FUD. Strangely, some of this FUD has come from people in GNU/Linux circles. There are exceptions, though.

It is obvious that Microsoft laid down the law to its OEMs about secure boot a long time before it was talked about in public. One needs time to digest and then begin to plan implementation of such a change. The first mention by the company was in the documentation made available when a developer's release of Windows 8 was made last year.

One of the first public discourses on the process was by Red Hat developer Matthew Garrett in September last year. But Garrett did everyone a singular disservice by saying, at the end of a detailed blog post, that there was no need to worry at the moment. Sure.

Where did the push for secure boot come from? Renowned security expert Richard Forno says that to his knowledge, of recent times there has not been any major malware that gained entry through the boot process.

"To my knowledge, no. However I am not as in-tune with every latest security development these days so I can't say for certain," Forno told iTWire. "That said, I find secure boot problematic from a potential 'abuse' scenario where a given PC can only run 'approved' operating systems .... that has the potential to cause all sorts of competitive concerns, especially for those who want to run alternative OSs on mainstream hardware."

Fast forward to 2012 and we find two Linux companies, Red Hat and Canonical, putting forward their methods of dealing with secure boot. From what has been detailed, it is clear that each company has been thinking more about its own survival in the Windows 8 world, rather than whether all Linux companies will be put out of business.

As I've pointed out before, it is simply amazing to think that all the big names in the technology field - IBM, Intel, HP, Google, Facebook, and Oracle to name a few - could not band together on this issue and fight it out. No, they were too busy with their own infighting. A common problem, a common foe did not result in unity over at least this issue. Are they serious about surviving in the industry?

Hardware manufacturers were unlikely to raise any objection, even though their margins have been eroded greatly by Microsoft.

"But they still depend on M$ for their livelihood and to sell products, plus MS needs to ensure its OSs support the drivers needed by the hardware manufacturers used by the OEMs," says Forno.

"Thus, the OEMs have a symbiotic relationship with what could be interpreted more cynically as their kowtowing to Microsoft. In this scenario, and keeping in mind the potential marketplace concerns about locking out competitors or locking up the hardware market (think of how Apple locks up the Mac hardware and OS market) you might be able to make the analogy about the terrorist and their hostage; only problem is, in this case, it's unclear who is the hostage and who is the terrorist."

The Linux Foundation had prepared a sensible document on how secure boot could be managed without the danger of pushing some company or the other to the wall or infringing on anyone's rights. But did either of these companies' decision-makers even bother to read it? Could they have understood it if they had?

Now we have exactly the situation that Microsoft wants - every man for himself. There are numerous questions which remain unanswered but few of them are being asked in public.

Let's remember that on the x86 platform it will be possible to turn off secure boot. The reasons are simple - Microsoft, a convicted monopolist, does not want to attract the US government's attention again, even though it no longer has to operate under the consent decree of the US department of justice. And then, it has to leave a way open for those who want to install other versions of Windows, like 7 or XP, which do not support secure boot.

Anyone who thinks that outside pressure has made Microsoft rethink its original design for secure boot is deluding themselves. CEO Steve Ballmer, who has been dubbed the worst leader of a company in the US, has bet the company's future on a single technology, Windows 8, and he is a tough cookie.

Says Forno: "I would expect DOJ to get involved (or the EU) if such anti-competitive issues are raised - but as far as government 'clout' (goes)?? I think MS lost whatever major clout it had after the antitrust decision came down. The only influence MS has with the government these days, I think, is the sheer number of products installed throughout its bureaucracy.....and seeing how slow the USG is to change anything, I'd say MS has the upper hand in that situation."

On the ARM platform, where Microsoft is not the dominant player, the company has mandated to OEMs that any device that comes loaded with Windows 8 should not be able to deactivate secure boot.

One of the features of Windows 8 will be improved boot times. If one has an SSD, then boot times could be less than 10 seconds. Within this time, it will not be possible to hit a key - say F10 or Del - as one does now to enter the BIOS. Of course, the BIOS will no longer be there, one would enter the UEFI interface if that was possible.

Given this, Windows 8 will provide an interface after booting for those who want to tinker with the UEFI features. Let's assume that one uses this interface to turn off secure boot in order to install an operating system other than Windows 8. After that how does one turn it back on? Nobody knows.

There are numerous people who run multiple operating systems on the one machine because they have to test their code on different platforms. Or maybe they do it to play games. What happens when these people install virtualisation software? The machine won't boot.

What happens if a malware attack on Windows 8 makes changes to system files? The machine won't boot. This is not some outlandish scenario, Windows is still as vulnerable to malware that arrives via the web or by email.

The PC market is slowing down. More people are spending the limited money they have on smartphones and tablets. Those who need some measure of grunt to do more resource-intensive tasks are buying laptops. Hence the percentage of those buying readymade systems is increasing and all those machines will come with Windows 8 and secure boot.

Those who buy parts and build their own systems will have a few years free from worry. After that they will see a decreasing number of components as manufacturers cut back. These intrepid souls will finally have to buy readymade devices too. They will also have to savour the delights of secure boot and locked-down computing.

By going along with Microsoft, and not even bothering to join together and raise a stink, the rest of the computer industry has created a situation where Microsoft can surface again a couple of years down the track and lobby for making secure boot mandatory for all devices. After all, the company can argue that secure boot has been widely accepted - this will be true - and nobody has objected. Everyone has adapted and started to use it.

The myth that it contributes to security will be spread again and there will be no defence against secure boot being mandated by governments. Is there any guarantee that the cost of a key to implement secure boot will cost $US99 at that stage? It will turn out to be a nice little earner.

Forno points out that both in technology and the physical world, "security" is a convenient justification to develop and deploy techniques/methods/laws that are used primarily for things like copyright control, censorship, or marketplace dominance than for actual security benefits.

"Some call that an 'abuse' of such items by extending their application far beyond their declared usages - unless, of course, one views 'security' as 'guarding against threats to our profits' as a component of modern "security" practice - which a cynic most certainly might!!!"

A look at what Red Hat and Canonical have done does not give one much optimism either. In Red Hat's case, the entire chain of events in getting a machine to a usable state is governed by signed code. This means that any change in kernel modules, or fixing a kernel bug, will mean that one cannot boot. How about the enthusiasts who compile their own kernels? They will have to conform as well.

Canonical has created its own lock-in; using the method that it has outlined, one can only boot an Ubuntu disc. Of course, the company has reasons for doing this - don't they all?

Debian developers held a 45-minute discussion about secure boot at a camp in Managua recently. Their leader, Stefano Zacchiroli, has not responded to an email I sent him, asking what the project plans to do. We have not heard a peep out of the smaller GNU/Linux projects or companies; Mandriva is still getting back on its feet, SUSE has been quiet. The last two named have one advantage in that they are based in Europe where Microsoft is regarded with much disdain.

A massive potential mess has been created by the approach taken by the non-Microsoft companies. The only firm that has nothing to bother about is Apple which gated its own customers a long time ago. It has its sheep within the pen and had been dictating to them for a long, long time what they can and cannot do.

GNU/Linux users had an illusion of freedom for a while but it looks like they have been sold out by the very companies that have benefitted most from all the code written by those who thought they were following a dream. It looks like it will turn out to be a bad dream.



Download an in-depth guide to managing a healthy, motivated and energetic workforce without breaking the bank.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.






Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities