Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 28 February 2013 12:28

Secure boot: Linux is at Microsoft's mercy


Linux companies or organisations that have paid for, and obtained, keys from Microsoft to ensure that their distributions can be booted on secure boot-enabled devices, have to abide by the terms of a contract or else may have their keys revoked.

This much is clear from a message posted to the Linux kernel mailing list by Peter Jones, a kernel developer who works for Red Hat.

In response to a post from Linux filesystem guru Ted Ts'o about the possible revocation of keys, Jones responded: "We've got a pretty good idea - we've got a contract with them (Microsoft), and it says they provide the signing service, and under circumstances where the thing being signed is found to enable malware that circumvents Secure Boot, we'll fix it so it can't be, and we've got a certain amount of time to do so, and processes for working with them, and then at that time blacklists will be issued.

"This is not the precise language from that contract, and I'm not going to go into specifics here."

Jones' post is one of many in a long thread that began with his colleague, David Howells, asking for a particular patchset to be included in the mainline kernel to meet the requirements for secure boot set down by Microsoft. In order to fully meet these, Howells proposed changes that would make it possible for a kernel running in secure boot-mode to dynamically load keys.

"To permit a key to be loaded under such a condition, we require that the new key be signed by a key that we already have (and trust) - where keys that we 'already have' could include those embedded in the kernel, those in the UEFI database and those in cryptographic hardware," Howell wrote.

Secure boot is a feature of the Unified Extensible Firmware Interface, the replacement for the BIOS. Microsoft has implemented secure boot and requires that it be turned on on all hardware that is pre-installed with Windows 8. Hence anyone who wishes to boot an image on such hardware would need to obtain a key from Microsoft.

The Linux response has been driven by corporates who are eager to play ball with a company that has made no secret of its desire to push everyone off the stage and eat the cake all by itself, plate and all. There are developers within the ranks of these companies who have gone along, using as their cover the needs of the user.

Only, when these developers come up against Linux creator Linus Torvalds, their excuses seem to melt away.

One can call some of Torvalds' responses uncivil or crude, one can accuse him of not being an adult. But nobody can doubt the man's integrity. Or the fact that he wants to drive home a point with no margin for misunderstanding.

If anyone has doubts, let's remind ourselves that this is a man who turned down an offer of $US10 million from an entrepreneur in London to lend his name to a fledgling Linux company as a board member back in the days when Linux had yet to take off. Torvalds wasn't well-off at that point in life and had just arrived in the US. He had two small children and a stay-at-home wife.

He could have taken the money. After all, Linux is his baby. Nobody could have accused him of profiting from others' efforts.

Why did Torvalds turn down the money? Let me quote his own words: "I felt pressure to hold my ground within the open source community as someone who could be trusted from both a technology standpoint and an ethical standpoint."

I know, it sounds naive and silly, especially in the wake of the global financial crisis and the weasel words offered in defence of some of the greatest rogues in the history of the world. But that's why people trust him.

When it comes to secure boot, with Linux the matter does not end with booting a disc. There are more issues: hibernation can only be allowed if the image returning from that state is also verifiable. Else it breaks the trust model for secure boot as an unsigned image could well contain rogue code.

Linux has a system call kexec which also poses issues as it can replace the running kernel with a different program. This could also breach the secure boot trust model. These two issues have to be sorted out by Linux developers to meet Microsoft's requirements.

Else that deadline referred to at the beginning of this article could come into effect.

The motives of some of those pushing secure boot and the need to fall in line with the dictates of Microsoft are not clear. And while some of these worthies face little or no opposition when they publicise their work, which is often inaccurate, they tend to be speechless when Torvalds lets loose.

Some of Torvalds' plain speaking was quoted in iTWire a couple of days back. Here's some more, in response to former Red Hat employee Matthew Garrett, who has developed and put online for use by anyone a first-stage bootloader for secure boot-enabled machines.

For example, when the question of protecting the user came up, Garrett wrote: "The user Microsoft care about isn't running Linux. The user is running Windows, and someone's merely using Linux as a vector to launch their backdoored Windows kernel. How do Microsoft protect that user? They blacklist the signature used by that Linux bootloader. If we want to protect the user's ability to boot Linux, we need to protect the Windows users from having Linux used against them."

Torvalds fired back: "How f**king hard is it for you to understand? Stop arguing about what MS wants. We do not care. We care bout the *user*. You are continually missing the whole point of security, and then you make some idiotic arguments about what MS wants you to do.

"It's irrelevant. The only thing that matters is what our *users* want us to do, and protecting *their* rights. As long as you seem to treat this as some kind of "let's please MS, not our users" issue, all your arguments are going to be crap."

In another of his numerous posts to this thread, Garrett wrote: "If the user has explicitly enrolled a hash then they're stepping outside the trust model."

Torvalds responded with another blast. "This is the kind of totally bogus crap that no sane person should ever spout," he wrote. "Stop it.

"If the user has explicitly enrolled a hash, then that should be the *primary* trust model, dammit. That should be very much what you should care about first and foremost, and that should be your goal in life. That's when the user says 'I'm in control of my own machine, and I want to trust *this*'.

"It's not about "stepping outside of the trust model". Quite the reverse. It's about actually being *part* of the trust model, and taking control of your own machine. It's the *good* scenario. It's what you should encourage users to do.

"No, it likely can't be the default because we shouldn't expect users to care enough, but on the other hand the default should definitely *not* be 'enable random third party modules signed indirectly by MS', which is what your crazy world-view seems to be.

"So the first order should be: 'we provide modules to cover all normal users'. You use the RH key for that. The *second* order should be: 'we encourage and tell people how to add their own keys and sign modules they trust'.

"The third order should probably be 'we encourage people to use random one-time keys - probably with UEFI key checking turned off entirely, because let's face it, that doesn't really add any real security for most people'. It's what kernel developers and most servers would probably want to use. They likely don't do the whole UEFI crap anyway, and random one-time keys are actually better against things like rootkits etc than *any* centrally administered chain of trust.

"Only somewhere really really deep down should the 'ok, what about a MS signature' thing be. It could be part of the user-level application (part of your distribution) that displays the 'are you really sure you want to load this module with an unrecognized signature? I can tell that it has a MS signature on it'. But by the time you get this far, you've already failed the first few normal levels."

In the famous tale by Hans Christian Anderson, it was a little boy who had the guts to call out that the emperor had no clothes. This time, it's taken a more seasoned person to do it.

(The mailing list thread referred to in this article is found here and here. Search for "Load keys from PE signed binaries" and read.)

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous