Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 28 February 2013 12:28

Secure boot: Linux is at Microsoft's mercy

By

Linux companies or organisations that have paid for, and obtained, keys from Microsoft to ensure that their distributions can be booted on secure boot-enabled devices, have to abide by the terms of a contract or else may have their keys revoked.

This much is clear from a message posted to the Linux kernel mailing list by Peter Jones, a kernel developer who works for Red Hat.

In response to a post from Linux filesystem guru Ted Ts'o about the possible revocation of keys, Jones responded: "We've got a pretty good idea - we've got a contract with them (Microsoft), and it says they provide the signing service, and under circumstances where the thing being signed is found to enable malware that circumvents Secure Boot, we'll fix it so it can't be, and we've got a certain amount of time to do so, and processes for working with them, and then at that time blacklists will be issued.

"This is not the precise language from that contract, and I'm not going to go into specifics here."

Jones' post is one of many in a long thread that began with his colleague, David Howells, asking for a particular patchset to be included in the mainline kernel to meet the requirements for secure boot set down by Microsoft. In order to fully meet these, Howells proposed changes that would make it possible for a kernel running in secure boot-mode to dynamically load keys.

"To permit a key to be loaded under such a condition, we require that the new key be signed by a key that we already have (and trust) - where keys that we 'already have' could include those embedded in the kernel, those in the UEFI database and those in cryptographic hardware," Howell wrote.

Secure boot is a feature of the Unified Extensible Firmware Interface, the replacement for the BIOS. Microsoft has implemented secure boot and requires that it be turned on on all hardware that is pre-installed with Windows 8. Hence anyone who wishes to boot an image on such hardware would need to obtain a key from Microsoft.

The Linux response has been driven by corporates who are eager to play ball with a company that has made no secret of its desire to push everyone off the stage and eat the cake all by itself, plate and all. There are developers within the ranks of these companies who have gone along, using as their cover the needs of the user.

Only, when these developers come up against Linux creator Linus Torvalds, their excuses seem to melt away.

One can call some of Torvalds' responses uncivil or crude, one can accuse him of not being an adult. But nobody can doubt the man's integrity. Or the fact that he wants to drive home a point with no margin for misunderstanding.

If anyone has doubts, let's remind ourselves that this is a man who turned down an offer of $US10 million from an entrepreneur in London to lend his name to a fledgling Linux company as a board member back in the days when Linux had yet to take off. Torvalds wasn't well-off at that point in life and had just arrived in the US. He had two small children and a stay-at-home wife.

He could have taken the money. After all, Linux is his baby. Nobody could have accused him of profiting from others' efforts.

Why did Torvalds turn down the money? Let me quote his own words: "I felt pressure to hold my ground within the open source community as someone who could be trusted from both a technology standpoint and an ethical standpoint."

I know, it sounds naive and silly, especially in the wake of the global financial crisis and the weasel words offered in defence of some of the greatest rogues in the history of the world. But that's why people trust him.

When it comes to secure boot, with Linux the matter does not end with booting a disc. There are more issues: hibernation can only be allowed if the image returning from that state is also verifiable. Else it breaks the trust model for secure boot as an unsigned image could well contain rogue code.

Linux has a system call kexec which also poses issues as it can replace the running kernel with a different program. This could also breach the secure boot trust model. These two issues have to be sorted out by Linux developers to meet Microsoft's requirements.

Else that deadline referred to at the beginning of this article could come into effect.

The motives of some of those pushing secure boot and the need to fall in line with the dictates of Microsoft are not clear. And while some of these worthies face little or no opposition when they publicise their work, which is often inaccurate, they tend to be speechless when Torvalds lets loose.

Some of Torvalds' plain speaking was quoted in iTWire a couple of days back. Here's some more, in response to former Red Hat employee Matthew Garrett, who has developed and put online for use by anyone a first-stage bootloader for secure boot-enabled machines.

For example, when the question of protecting the user came up, Garrett wrote: "The user Microsoft care about isn't running Linux. The user is running Windows, and someone's merely using Linux as a vector to launch their backdoored Windows kernel. How do Microsoft protect that user? They blacklist the signature used by that Linux bootloader. If we want to protect the user's ability to boot Linux, we need to protect the Windows users from having Linux used against them."

Torvalds fired back: "How f**king hard is it for you to understand? Stop arguing about what MS wants. We do not care. We care bout the *user*. You are continually missing the whole point of security, and then you make some idiotic arguments about what MS wants you to do.

"It's irrelevant. The only thing that matters is what our *users* want us to do, and protecting *their* rights. As long as you seem to treat this as some kind of "let's please MS, not our users" issue, all your arguments are going to be crap."

In another of his numerous posts to this thread, Garrett wrote: "If the user has explicitly enrolled a hash then they're stepping outside the trust model."

Torvalds responded with another blast. "This is the kind of totally bogus crap that no sane person should ever spout," he wrote. "Stop it.

"If the user has explicitly enrolled a hash, then that should be the *primary* trust model, dammit. That should be very much what you should care about first and foremost, and that should be your goal in life. That's when the user says 'I'm in control of my own machine, and I want to trust *this*'.

"It's not about "stepping outside of the trust model". Quite the reverse. It's about actually being *part* of the trust model, and taking control of your own machine. It's the *good* scenario. It's what you should encourage users to do.

"No, it likely can't be the default because we shouldn't expect users to care enough, but on the other hand the default should definitely *not* be 'enable random third party modules signed indirectly by MS', which is what your crazy world-view seems to be.

"So the first order should be: 'we provide modules to cover all normal users'. You use the RH key for that. The *second* order should be: 'we encourage and tell people how to add their own keys and sign modules they trust'.

"The third order should probably be 'we encourage people to use random one-time keys - probably with UEFI key checking turned off entirely, because let's face it, that doesn't really add any real security for most people'. It's what kernel developers and most servers would probably want to use. They likely don't do the whole UEFI crap anyway, and random one-time keys are actually better against things like rootkits etc than *any* centrally administered chain of trust.

"Only somewhere really really deep down should the 'ok, what about a MS signature' thing be. It could be part of the user-level application (part of your distribution) that displays the 'are you really sure you want to load this module with an unrecognized signature? I can tell that it has a MS signature on it'. But by the time you get this far, you've already failed the first few normal levels."

In the famous tale by Hans Christian Anderson, it was a little boy who had the guts to call out that the emperor had no clothes. This time, it's taken a more seasoned person to do it.

(The mailing list thread referred to in this article is found here and here. Search for "Load keys from PE signed binaries" and read.)


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments