Home opinion-and-analysis Open Sauce FSF dragging its feet on secure boot

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

The Free Software Foundation is an organisation for which I have the utmost respect. Without it, the whole phenomenon of free and open source sofware would never have come to be.

The FSF has also been at the forefront of efforts to preserve freedom in computing and has stuck to its guns in the face of much criticism.

But on secure boot, it is lagging behind. I am surprised that it has not updated its campaign against secure boot, launched in October 2011, to include relevant facts. A great deal of material in the petition is now outdated and factually incorrect.

For the uninitiated, secure boot is a feature of UEFI, the Unified Extensible Firmware Interface, the new replacement for the BIOS. Microsoft has implemented secure boot, and required hardware vendors to turn it on on any machines that are loaded with Windows 8.

Microsoft's implementation requires the exchange of cryptographic keys to verify that the operating system which is trying to boot on a given machine is authorised to do so.

The keys are issued by a Microsoft-authorised entity, Verisign. Anybody who wishes to obtain a key to boot an operating system on Windows 8 hardware needs to buy one from this same entity.

More background information is available here.

Windows 8 was released on October 26. That means two whole months have passed since machines loaded with this operating system have been available to the public.

Why has the FSF not obtained a few machines and studied how secure boot has been implemented? While the technical specs for secure boot are the same no matter the manufacturer, the UEFI layout appears to differ from one vendor to the other. And there many little quirks associated with secure boot.

If the FSF could not do this, surely it could have commissioned someone to provide a technical description of things as they are?

So why is the FSF dragging its feet? Its campaign lacks credibility at the moment and technical credibility at that. Collecting 40,000 signatures in 14 months is not a sign of strength; this is a small number given the time period.

On the x86 platform, secure boot can be turned off from within the UEFI - but this would be difficult for those who are not somewhat familiar with computers. On the ARM platform, secure boot cannot be turned off.

Microsoft enjoys platform dominance on x86; the possibility of another anti-trust suit could well present itself if there was not some means of turning off secure boot. This is why the facility has been offered.

The ARM platform is not dominated by any operating system, not yet anyway. Given this, there is no need for Microsoft to fear court action if secure boot cannot be turned off.

These are facts that people need to know. The FSF needs to update its petition and get its act together fast.

WEBINAR 26/27th May

Thinking of deploying Business Intelligence (BI)? So are your competitors.

And the most important, fundamental, tool for delivering your BI information to your users? Dashboards.




VMware changed the rules about the server resources required to keep a database responding

It's now more difficult for DBAs to see interaction between the database and server resources

This whitepaper highlights the key differences between performance management between physical and virtual servers, and maps out the five most common trouble spots when moving production databases to VMware

1. Innacurate metrics
2. Dynamic resource allocation
3. No control over Host Resources
4. Limited DBA visibility
5. Mutual ignorance

Don't move your database to VMware before learning about these potential risks, download this FREE Whitepaper now!


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.






Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities