Friday, 11 April 2014 11:48

FSF award given to Garrett for the wrong reasons


The Free Software Foundation has given an annual award this year for work that enslaves people to the demands of Microsoft – something that flies in the face of all that the organisation has stood for since its founding.

The award in question was given to developer Matthew Garrett, for work done while he was an employee of Red Hat, to enable Linux to boot on computer systems that have secure boot enabled. Garrett no longer works for Red Hat.

Secure boot is a feature in the Unified Extensible Firmware Interface, the replacement for the motherboard firmware or BIOS. It has been implemented by Microsoft for Windows 8 in a manner that effectively prevents easy booting of other operating systems on machines which have secure boot enabled.

An exchange of cryptographic keys takes place at boot-time so that a system can verify that the operating system attempting to boot is a genuine one, and not malware. There are further key exchanges along the way. Since Microsoft controls the key-signing authority, everyone who wishes to boot an operating system on hardware certified for Windows 8 has to buy a Microsoft key.

And it is that control of the key-signing authority which sticks in one's craw. One lives and dies by the goodwill of Microsoft – and that is a position that the FSF has strongly fought against and, indeed, continues to do so today. Thus, giving an award to someone for making it easier for Linux users to grovel at Microsoft's feet seems totally out of character.

Let's make this very plain: Linux has no need of secure boot. If one buys a new computer/laptop that has secure boot turned on, one can simply turn it off and install any distribution of Linux. If one is building one's own PC, one can do the same thing. I speak from the perspective of being a Linux user for the last 14 years on the x86 platform; I have also used Linux on the AMD64 and MIPS platforms for a shorter period.

The fact is, if there had been a need for secure boot to be implemented for Linux, then developers of the kernel would have done so much earlier than Microsoft. Ninety-nine per cent of new features required in the tech field have been implemented for Linux long before they were implemented for Microsoft.

The fact that Microsoft would implement secure boot was known at least as far back as September 2011 – long before Windows 8 was released, on October 26. 2012. In fact, I wrote to Microsoft in July 2012, asking them for the reasons behind this decision; they did not respond but iTWire ran an article about this lack of a response on August 6 (coincidentally, the anniversary of the dropping of the first atomic bomb by the US on Japan).

The ideal reaction would have been for all the Linux distributions, plus other companies that depend on Linux for their profits, to band together under the Linux Foundation and use their combined clout to influence things with hardware vendors. But then one might as well hope for racism to end in the US. Or Australia.

The only reason why Linux needed to support secure boot was for commercial organisations which sell Linux to be able to say that they did support this feature. These organisations — Red Hat, SUSE and Canonical are the three which come to mind — needed to be able to say to businesses that they supported this feature.

This is simply because businesses tend to use a multiplicity of operating systems. A company might lose some prospective business if it did not support a particular feature in other operating systems. For example, Linux systems are able to work well with Microsoft's Active Directory due to the software known as Samba.

Hence, for these companies, developing a way for Linux to boot on secure boot-enabled systems was necessary; Garrett did some work on this, as did James Bottomley of the Linux Foundation. Garrett was able to better overcome the political obstacles in the way and came up with a solution which he offered to others under a free software licence. SUSE and Canonical also devised their own methods, borrowing a bit here, and adding a bit there.

But for the FSF to give an award for this kind of work is an anomaly. This is not required by the average Linux user at all. And remember, Microsoft can revoke the keys it has sold whenever it pleases.

There are two features in Linux which cause issues with secure boot. The use of hibernation does not satisfy the secure boot security model because the image that returns from hibernation cannot be verified. And the system call kexec allows one to replace the running kernel with a different program.

Attempts by Red Hat developers to get code into the mainline kernel, that would enable a kernel running in secure boot-mode to dynamically load keys, resulted in a spray by Linux creator Linus Torvalds last year.

The attempts by Garrett and fellow Red Hat developer David Howells enraged Torvalds. At one point, he yelled: "How f**king hard is it for you to understand? Stop arguing about what MS wants. We do not care. We care bout the *user*. You are continually missing the whole point of security, and then you make some idiotic arguments about what MS wants you to do.

"It's irrelevant. The only thing that matters is what our *users* want us to do, and protecting *their* rights. As long as you seem to treat this as some kind of 'let's please MS, not our users' issue, all your arguments are going to be crap."

And yet the FSF thought making Linux work with secure boot was worth an award!

When iTWire asked the FSF executive director John Sullivan about the award, he responded: "Yes, we are against this kind of thing (following the dictates of Microsoft), and that's not how we or the award committee see Matthew's work in this area."

He said he was happy to spell out the reasons for granting the award and did so. I give below his full response.

"The reason for GNU/Linux systems to work with Secure Boot is for security. As developments since last June have illustrated, it is vital that free software users be able to protect their computers from prying eyes and know when the software on their computers has been altered.

"The boot chain is not only a vector of attack for Windows malware. It is also a vulnerability that can be exploited for surveillance or many other purposes.

"If implemented correctly, Secure Boot is consistent with the free software approach to security. Correctly means that users have the keys and the authority to install and revoke them. Being able to disable the system entirely is one thing, but that immediately puts free software at a security disadvantage. We support the idea that free software users should be able to exercise control over their systems in this way, the same way we support GNU/Linux distributions signing packages so that they can be verified to some extent before they are installed.

"What we need to avoid here is Restricted Boot, where users do not have the ability to disable the system or to generate and configure the accepted keys. Matthew has been an effective advocate in many forums for calling attention to this danger and showing how to prevent it.

"Matthew helped develop solutions that can work for *any* GNU/Linux distribution, not only Fedora or Red Hat. He chose to do that instead of pursuing more specific and possibly easier solutions for only those two distributions.

"That being said, you are right that having to give Microsoft any money at all in order to have a GNU/Linux system installable on off-the-shelf hardware is far from ideal. But this is hardly something to blame Matthew for. Neither he nor us view this situation as acceptable. It's unacceptable for the same reason every other aspect of Microsoft's proprietary monopoly is unacceptable. What he found was a hack that, in this context, *subverts* the control Microsoft imposes through its Windows Certification program.

"There is no tradeoff between his temporary Microsoft signing hack and the long term interests of the free software movement. Matthew has directly helped advance the better, Microsoft-free world, by contributing to the development of tools that empower users to generate and use their own signing keys on Secure Boot machines.

"We should not confuse Microsoft's unethical uses of technology for the technology itself. They did not invent Secure Boot and there is nothing inherently pro-Microsoft or proprietary about it. If users have full control over the Secure Boot system and keys, they can keep intruders like Microsoft out. What we need to criticise are the many mechanisms Microsoft has for keeping GNU/Linux off the shelves and for manipulating technology against users. People like Matthew who help us find both temporary workarounds and permanent solutions earn our praise."

There are many fallacies in Sullivan's arguments. Microsoft could never have devised a system for secure boot without allowing for a workaround given that the company has been convicted of monopolistic practices on the x86 platform. Hence, there was never a question of what Sullivan calls "Restricted Boot" being devised for the x86 platform.

Let me make it clear that Garrett is not being blamed for anything. One is merely pointing out that what he has done is not worthy of an award from the FSF, especially an award for the advancement of free software. One can never have full control over a key issued by Microsoft; the company can revoke it tomorrow. What it has devised is a means of locking out people who are not technically competent; for the small percentage of technically competent people, it has put hurdles in the way of using the latest hardware.

That the FSF has descended to the level of honouring people who make it easy for Microsoft to continue to dictate terms in the world of computing shows how much its ideals have sunk. To think that this is what people like Richard Stallman fought for is a disheartening thought.

Read 13274 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous