Open Source Market Segment LS
Open Source Market Segment RS
Thursday, 28 March 2013 10:25

Lawyer hopeful of success with secure boot complaint Featured

By

The lawyer who has filed a complaint with the European Commission against secure boot in Windows 8 on  behalf of some 8000 Linux users in Spain says the complaint takes "an user and developer perspective, it is an unprecedented approach to the problem of monopoly in operating systems in Europe".

"I think that Hispalinux is likely to show that Microsoft is engaged in additional anticompetitive acts that were not conclusively determined in the 1998 European Commission investigation," José Maria Lancho (pictured above) told iTWire.

Hispalinux is the organisation on whose behalf Lancho has filed the complaint; according to him, it is a non-profit Spanish association with more than 8000 software users and developers as members (some of them significant engineers) in Spain. The complaint was filed at the Commission Register and the Directorate-General of the Commission is likely to receive it next week.

"Hispalinux also collaborates in many technological fields with the Spanish authorities," he said.

"Our association was founded in 1997 to promote research in the field of free and open source software, interoperability, and (to) advance the knowledge of new technologies among civil law practitioners, and encourage the public administration to promote integrity, independence, and expertise in its digital services on (a) technologically neutral basis."

Contrary to some of the uninformed speculation about the complaint, Lancho seems to be fully aware of the complexity of the task he has undertaken.

"Of course we have technical advisers on board," he said in response to a question. "But we have also based the technical aspects of the complaint firstly (on) Microsoft's own technical specifications for the Windows 8  Certification and contrasted them with the European antitrust laws. We also cite the work of (former Red Hat employee) Matthew Garrett, (Linux Foundation technical guru) James Bottomley and others.

"We have studied enough previous cases related to the abuses of Microsoft's relevant position in European and American markets, and collected first-hand accounts and testimonies from developers, retailers, distro designers and bloggers from around the internet to conclude that the problem is real.

"We have studied Microsoft's exclusionary business strategies that in effect limit its customers' ability and/or incentive to use other operating systems and, in the case of Spain, this leads to a virtually universal breach of laws for public procurement, due to the fact that there is currently not one single public tender in which a technology different from Microsoft's Windows can be offered."

Lancho said the bottom line was that UEFI Secure Boot with Microsoft keys was "designed to block non-certified, non-Microsoft software. This is not a side-effect. It is its main purpose and is spelled out as such in Microsoft's own documentation".

While he does have an English translation of the 14-page complaint, made on Tuesday, Lancho offered a summary of the same as the document cannot be released until it reaches the Commission, probably next week.

"Microsoft has recently introduced a new operating system called 'Windows 8'. The main 'innovation' of Windows 8 is that it incorporates a new obstruction mechanism (called 'UEFI Secure Boot') that controls the start-up of the computer, impeding the free execution of any software program competitive with Windows," he said.

One of the options allowed by UEFI was the digital signature of drivers and applications, permitting complete control over the start-up system.

"I will not explain (to) you the signature process but this makes it near impossible to boot any operating system on a computer that does not have Microsoft's permission," Lancho said. "Microsoft, as the sole owner of the private key, which matches up with the public key held in the memory of computers running Windows 8, is the only party that can authorise (sign) the software components in UEFI, the only party that can sign the boot of the operating system, and the only party that can sign the communications between the operating system and UEFI.

"To be able to attain this goal, Microsoft has to use all its influence and power in the market to to force computer and component manufacturers to accept its monopoly in the key generation system."

He said another interesting aspect was that the whole process could not be reproduced using the private user's certificate without Microsoft's approval, as the standard did not force the manufacturer to include an application to change or reset the PK or KEK repositories. Also, for ARM models, this security model could not be disabled by the user.

"With this set-up, the only option left to the consumer who decides to boot another operating system is to contact Microsoft and hope that the company decides to sign his/her system's components that are in charge of the boot and communication with the UEFI services," Lancho said. "This forces the user (to) enter into negotiations with a company that is famous for its monopolistic policies, with all the problems this would entail.

"The resulting situation is a de facto technological jail for computer booting systems thanks to Windows 8, making Microsoft's Windows platform less neutral than ever, rendering consumers' hardware unreachable for products from competitors."

Lancho said the public market would also be affected, since there was an evident legal incompatibility between the UEFI Secure Boot controlled by Microsoft through Windows 8, and the principles of public procurement and the impossibility to apply the principles of interoperability, established in Spain by Royal Decree 4/2010.

"It would also impede the re-use of thousands of licences of earlier versions of Windows and the development of internal technological solutions which would use a dual booting system, limiting the choice to Microsoft products, if they exist, that comply with the law 11/2007, which introduces the principle of technological neutrality when dealing with the public."

Lancho said the complaint claimed that Microsoft had implemented this secret plan for the purpose of acquiring and maintaining an illegal monopoly over the interaction of the operating systems and the x86 line of microprocessors, which it did by delaying the ability of its competitors to access the market or to otherwise develop and manufacture competitive products.

"In this case, we are not up against a kidnapped standard, but up against the kidnapping of the access to the inner workings of the hardware. The consumer has her/his hardware taken from her/him, losing control over her/his own machine. The fact is that no software or operating system that needs the boot system to install or work will be able to access the computer without Microsoft's prior permission," Lancho said.

"This requirement is completely unjustified and... implies a complete subordination to the company for anybody who wishes to distribute or sell software or content that works and could be competitive."

He said Microsoft's strategy, clearly designed to control the market and exclude competition, affected all software areas. "No measure that forces Microsoft to reach agreements with third parties can compensate (for) the degree of subordination of its competition with the activation of UEFI and Window 8 secure boot system."

Lancho said that in this way, Microsoft had avoided competition on the merits and deprived Linux of the opportunity to stake quality and economic advantages against Windows for every public contract, for every potential computer sale.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments