Home opinion-and-analysis Open Sauce FSF award given to Garrett for the wrong reasons

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

The Free Software Foundation has given an annual award this year for work that enslaves people to the demands of Microsoft - something that flies in the face of all that the organisation has stood for since its founding.

The award in question was given to developer Matthew Garrett, for work done while he was an employee of Red Hat, to enable Linux to boot on computer systems that have secure boot enabled. Garrett no longer works for Red Hat.

Secure boot is a feature in the Unified Extensible Firmware Interface, the replacement for the motherboard firmware or BIOS. It has been implemented by Microsoft for Windows 8 in a manner that effectively prevents easy booting of other operating systems on machines which have secure boot enabled.

An exchange of cryptographic keys takes place at boot-time so that a system can verify that the operating system attempting to boot is a genuine one, and not malware. There are further key exchanges along the way. Since Microsoft controls the key-signing authority, everyone who wishes to boot an operating system on hardware certified for Windows 8 has to buy a Microsoft key.

And it is that control of the key-signing authority which sticks in one's craw. One lives and dies by the goodwill of Microsoft - and that is a position that the FSF has strongly fought against and, indeed, continues to do so today. Thus, giving an award to someone for making it easier for Linux users to grovel at Microsoft's feet seems totally out of character.

Let's make this very plain: Linux has no need of secure boot. If one buys a new computer/laptop that has secure boot turned on, one can simply turn it off and install any distribution of Linux. If one is building one's own PC, one can do the same thing. I speak from the perspective of being a Linux user for the last 14 years on the x86 platform; I have also used Linux on the AMD64 and MIPS platforms for a shorter period.

The fact is, if there had been a need for secure boot to be implemented for Linux, then developers of the kernel would have done so much earlier than Microsoft. Ninety-nine per cent of new features required in the tech field have been implemented for Linux long before they were implemented for Microsoft.

The fact that Microsoft would implement secure boot was known at least as far back as September 2011 - long before Windows 8 was released, on October 26. 2012. In fact, I wrote to Microsoft in July 2012, asking them for the reasons behind this decision; they did not respond but iTWire ran an article about this lack of a response on August 6 (coincidentally, the anniversary of the dropping of the first atomic bomb by the US on Japan).

The ideal reaction would have been for all the Linux distributions, plus other companies that depend on Linux for their profits, to band together under the Linux Foundation and use their combined clout to influence things with hardware vendors. But then one might as well hope for racism to end in the US. Or Australia.

The only reason why Linux needed to support secure boot was for commercial organisations which sell Linux to be able to say that they did support this feature. These organisations - Red Hat, SUSE and Canonical are the three which come to mind - needed to be able to say to businesses that they supported this feature.

This is simply because businesses tend to use a multiplicity of operating systems. A company might lose some prospective business if it did not support a particular feature in other operating systems. For example, Linux systems are able to work well with Microsoft's Active Directory due to the software known as Samba.

Hence, for these companies, developing a way for Linux to boot on secure boot-enabled systems was necessary; Garrett did some work on this, as did James Bottomley of the Linux Foundation. Garrett was able to better overcome the political obstacles in the way and came up with a solution which he offered to others under a free software licence. SUSE and Canonical also devised their own methods, borrowing a bit here, and adding a bit there.

But for the FSF to give an award for this kind of work is an anomaly. This is not required by the average Linux user at all. And remember, Microsoft can revoke the keys it has sold whenever it pleases.

There are two features in Linux which cause issues with secure boot. The use of hibernation does not satisfy the secure boot security model because the image that returns from hibernation cannot be verified. And the system call kexec allows one to replace the running kernel with a different program.

Attempts by Red Hat developers to get code into the mainline kernel, that would enable a kernel running in secure boot-mode to dynamically load keys, resulted in a spray by Linux creator Linus Torvalds last year.

The attempts by Garrett and fellow Red Hat developer David Howells enraged Torvalds. At one point, he yelled: "How f**king hard is it for you to understand? Stop arguing about what MS wants. We do not care. We care bout the *user*. You are continually missing the whole point of security, and then you make some idiotic arguments about what MS wants you to do.

"It's irrelevant. The only thing that matters is what our *users* want us to do, and protecting *their* rights. As long as you seem to treat this as some kind of 'let's please MS, not our users' issue, all your arguments are going to be crap."

And yet the FSF thought making Linux work with secure boot was worth an award!

When iTWire asked the FSF executive director John Sullivan about the award, he responded: "Yes, we are against this kind of thing (following the dictates of Microsoft), and that's not how we or the award committee see Matthew's work in this area."

He said he was happy to spell out the reasons for granting the award and did so. I give below his full response.

"The reason for GNU/Linux systems to work with Secure Boot is for security. As developments since last June have illustrated, it is vital that free software users be able to protect their computers from prying eyes and know when the software on their computers has been altered.

"The boot chain is not only a vector of attack for Windows malware. It is also a vulnerability that can be exploited for surveillance or many other purposes.

"If implemented correctly, Secure Boot is consistent with the free software approach to security. Correctly means that users have the keys and the authority to install and revoke them. Being able to disable the system entirely is one thing, but that immediately puts free software at a security disadvantage. We support the idea that free software users should be able to exercise control over their systems in this way, the same way we support GNU/Linux distributions signing packages so that they can be verified to some extent before they are installed.

"What we need to avoid here is Restricted Boot, where users do not have the ability to disable the system or to generate and configure the accepted keys. Matthew has been an effective advocate in many forums for calling attention to this danger and showing how to prevent it.

"Matthew helped develop solutions that can work for *any* GNU/Linux distribution, not only Fedora or Red Hat. He chose to do that instead of pursuing more specific and possibly easier solutions for only those two distributions.

"That being said, you are right that having to give Microsoft any money at all in order to have a GNU/Linux system installable on off-the-shelf hardware is far from ideal. But this is hardly something to blame Matthew for. Neither he nor us view this situation as acceptable. It's unacceptable for the same reason every other aspect of Microsoft's proprietary monopoly is unacceptable. What he found was a hack that, in this context, *subverts* the control Microsoft imposes through its Windows Certification program.

"There is no tradeoff between his temporary Microsoft signing hack and the long term interests of the free software movement. Matthew has directly helped advance the better, Microsoft-free world, by contributing to the development of tools that empower users to generate and use their own signing keys on Secure Boot machines.

"We should not confuse Microsoft's unethical uses of technology for the technology itself. They did not invent Secure Boot and there is nothing inherently pro-Microsoft or proprietary about it. If users have full control over the Secure Boot system and keys, they can keep intruders like Microsoft out. What we need to criticise are the many mechanisms Microsoft has for keeping GNU/Linux off the shelves and for manipulating technology against users. People like Matthew who help us find both temporary workarounds and permanent solutions earn our praise."

There are many fallacies in Sullivan's arguments. Microsoft could never have devised a system for secure boot without allowing for a workaround given that the company has been convicted of monopolistic practices on the x86 platform. Hence, there was never a question of what Sullivan calls "Restricted Boot" being devised for the x86 platform.

Let me make it clear that Garrett is not being blamed for anything. One is merely pointing out that what he has done is not worthy of an award from the FSF, especially an award for the advancement of free software. One can never have full control over a key issued by Microsoft; the company can revoke it tomorrow. What it has devised is a means of locking out people who are not technically competent; for the small percentage of technically competent people, it has put hurdles in the way of using the latest hardware.

That the FSF has descended to the level of honouring people who make it easy for Microsoft to continue to dictate terms in the world of computing shows how much its ideals have sunk. To think that this is what people like Richard Stallman fought for is a disheartening thought.

FREE WHITEPAPER - REMOTE SUPPORT TRENDS FOR 2015

Does your remote support strategy keep you and your CEO awake at night?

Today’s remote support solutions offer much more than just remote control for PCs. Their functional footprint is expanding to include support for more devices and richer analytics for trend analysis and supervisor dashboards.

It is imperative that service executives acquaint themselves with the new features and capabilities being introduced by leading remote support platforms and find ways to leverage the capabilities beyond technical support.

Field services, education services, professional services, and managed services are all increasing adoption of these tools to boost productivity and avoid on-site visits.

Which product is easiest to deploy, has the best maintenance mode capabilities, the best mobile access and custom reporting, dynamic thresholds setting, and enhanced discovery capabilities?

To find out all you need to know about using remote support to improve your bottom line, download this FREE Whitepaper.

DOWNLOAD!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

Connect