Home opinion-and-analysis Open Sauce FSF dragging its feet on secure boot

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

The Free Software Foundation is an organisation for which I have the utmost respect. Without it, the whole phenomenon of free and open source sofware would never have come to be.

The FSF has also been at the forefront of efforts to preserve freedom in computing and has stuck to its guns in the face of much criticism.

But on secure boot, it is lagging behind. I am surprised that it has not updated its campaign against secure boot, launched in October 2011, to include relevant facts. A great deal of material in the petition is now outdated and factually incorrect.

For the uninitiated, secure boot is a feature of UEFI, the Unified Extensible Firmware Interface, the new replacement for the BIOS. Microsoft has implemented secure boot, and required hardware vendors to turn it on on any machines that are loaded with Windows 8.

Microsoft's implementation requires the exchange of cryptographic keys to verify that the operating system which is trying to boot on a given machine is authorised to do so.

The keys are issued by a Microsoft-authorised entity, Verisign. Anybody who wishes to obtain a key to boot an operating system on Windows 8 hardware needs to buy one from this same entity.

More background information is available here.

Windows 8 was released on October 26. That means two whole months have passed since machines loaded with this operating system have been available to the public.

Why has the FSF not obtained a few machines and studied how secure boot has been implemented? While the technical specs for secure boot are the same no matter the manufacturer, the UEFI layout appears to differ from one vendor to the other. And there many little quirks associated with secure boot.

If the FSF could not do this, surely it could have commissioned someone to provide a technical description of things as they are?

So why is the FSF dragging its feet? Its campaign lacks credibility at the moment and technical credibility at that. Collecting 40,000 signatures in 14 months is not a sign of strength; this is a small number given the time period.

On the x86 platform, secure boot can be turned off from within the UEFI - but this would be difficult for those who are not somewhat familiar with computers. On the ARM platform, secure boot cannot be turned off.

Microsoft enjoys platform dominance on x86; the possibility of another anti-trust suit could well present itself if there was not some means of turning off secure boot. This is why the facility has been offered.

The ARM platform is not dominated by any operating system, not yet anyway. Given this, there is no need for Microsoft to fear court action if secure boot cannot be turned off.

These are facts that people need to know. The FSF needs to update its petition and get its act together fast.

FREE CLOUD BACKUPS MANAGEMENT WEBINAR

Are your technicians spending too much time just managing your clients cloud backups?

Backups are an important part of any IT business but they should not consume more than their fair share of time and money.

Discover how to reduce the amount of time & money spent managing your Cloud Backups during this Free Webinar.

REGISTER FOR FREE WEBINAR!

FREE NETWORKING SERVICES CASE STUDY

As one of the world’s largest social networking services, Facebook handles a lot of user information, and requires input from an astounding range of stakeholders 24 hours a day, 7 days a week — from both inside and outside the business.

Discover how Facebook was helped to connect remote employees, vendors, consultants, and partners to applications and web services quickly and reliably - without risking sensitive data.

GET CASE STUDY!

GET THE IT BUDGET YOU WANT

Explore your Network Treasure Trove to get the IT Budget you want

With Australian businesses projected to spend over $78.7 Billion why does it feel like you can never get the budget you need?.

In most cases your budget will get approved because the proposals are not only technically correct, but also provide good, credible evidence on how the spend aligns with key business objectives.

Did you know that your Network Monitoring tool can help you build a comprehensive business case without an MBA?

HERE ARE 8 TIPS TO GET THE IT BUDGET YOU WANT.

CLICK HERE!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

Connect

 

 

 

 

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities