Announcement

Collapse
No announcement yet.

Ubuntu's Plans To Implement UEFI SecureBoot: No GRUB2

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by disi View Post
    Nobody can be forced to buy UEFI hardware with pre-installed MS or Ubuntu etc. I hope.
    The real problem is there, the manufacturer do whatever he wants. You want an example ? I bought an Asus 1215N with Optimus, and in the first 14 days acording to my country's legislation, if I have a real good reason (i've juste resumed this part), I can send back what i bought and have a new one or just a refund.

    The problem is that when I've tried to get a new one, the reason I told them was that I was using Linux and Optimus isn't compactible, so they contact Asus and the answers was a simple and pure now because the material was only made for Windows.

    The UEFI thing will be the same, they will request a signed OS with signed Kernel etc... and if you don't have that they will just refuse you the refund because (as they say) your are using a non autorized system on the machine.

    This is why I have the all UEFI thing, and this is the principal reason I don't want to buy a Macbook anymore and I have fear on buying future laptops.

    Comment


    • #17
      Originally posted by disi View Post
      Nobody can be forced to buy UEFI hardware with pre-installed MS or Ubuntu etc. I hope.
      But then maybe they cant get a computer at all if it goes wrong, because they are no others, so yes you have than the choice between buying and to not have a pc at all.. so thats somewhat of a free choice ^^


      Its hard to say but I mean america isnt the place of freedom and a good rights system and so on, nor is germany but at least when we fail to make fair processes because the juristic system have to less money and resources... we dont kill that people that we often judged wrong. Or we dont torture them like usa does... so the point was, if we can buy hardware from amerika its also ok to buy it from china... so it seems they care even as goverment about free software, and even if its only selvish its the right thing to do... so maybe this western world is failing totaly... I have no problem with that... but... that away between falling and protests and revolutions that are coming because the rich and mighty blockades all evolutions/bigger reforms, we will maybe have better china stuff because our companys just suck...

      so chinas modell even its also bad, is better than we do... so I go for it, hopefully they crush us... and all our corrupt concerns/enterprises... I go with their shit, they understand that patents and all that crap dont work in our modern internet world.

      Comment


      • #18
        Originally posted by bug! View Post
        What? Why not implement a very simple bootloader that chainloads Grub2 from the partition? This loader can be very simple, all menus and FS support etc will still be done by Grub2. And the big advantage: Everybody can use it to launch their favorite *actual* bootmanagers or kernels. And its so damn simple it will never have to be modified.
        according to http://mjg59.dreamwidth.org/12368.html you need everything that touches actual hardware to be signed. So for example your signed bootloader must refuse to boot an unsigned kernel. If you break the chain, then you could allow malicious code to attack other operating systems on the machine, and hence the other operating system will want your key blacklisted.

        if you make your own key, and put that in your firmware, then you can sign and run what ever you want.

        Comment


        • #19
          I looked around and did not really find good instructions how to use efilinux. All i found was this:

          http://thr3ads.net/syslinux/2011/07/...ux-release-0.8

          It looks that is was written to load a linux kernel via commandline? in the source i found a reference to eficonfig.cfg but thats all. no idea which syntax is used there. i dont get why somebody would like to modify efilinux to show a menu... maybe they could sign it and just start grub2 with it.

          Comment


          • #20
            Originally posted by lithorus View Post
            Wasn't this whole signing thing supposed to make security better?
            If you're drinking the Microsoft Kool-Aid, then yes, SecureBoot is about security, but those of us with half a brain realize it's about 1% security-inspired and 99% about selling keys and making other OS's a pain to use.

            Comment


            • #21
              Originally posted by timofonic View Post
              They too!

              But Canonical and Red Hat are now the Microsoft whores, paying the cost for staying alive even in a very bad environment.

              They are showing their real nature these days...
              As far as I know, the money goes to Verisign, not Microsoft.
              Still, why should those assholes Verisign get the money?
              Shouldn't it be handled by a non-profit?

              Comment


              • #22
                Future OEM PCs to have Ubuntu pre-installed and certified will require that the Ubuntu key be part of the device's UEFI signature database.
                This seems nice.

                Comment


                • #23
                  UEFI is probably a good thing for inspiring different boot methods as they wont be locked down to boot vectors on x86 based systems, but they will be partially restricted to UEFI and the real bios options.

                  Comment


                  • #24
                    Originally posted by werfu View Post
                    I dont get why this Secured Boot and requiring Microsoft key doesn't bring an Anti-trust suit againt MS. I mean, they're basically locking out people from using other OS unless these OS have paid MS for the signing. That's a hell of case!
                    You'd have difficulty convincing anyone of that in a court of law.

                    Microsoft isn't preventing anyone else from acting as a signing authority. They aren't preventing OEMs from shipping systems with multiple signing keys; the certification requirements explicitly _don't_ say that the Microsoft key should be the _only_ key present, only that the Microsoft key should be _one_ of the keys present.

                    So how, precisely, are Microsoft locking anyone out of anything? The fact that no-one else seems to be willing to act as a signing authority is difficult to hold against Microsoft. They aren't preventing it from happening.

                    Comment


                    • #25
                      Originally posted by uid313 View Post
                      As far as I know, the money goes to Verisign, not Microsoft.
                      Still, why should those assholes Verisign get the money?
                      Shouldn't it be handled by a non-profit?
                      What non-profit? There isn't one. Are you offering to found one?

                      Comment


                      • #26
                        Is there anywhere I can get a good overview how this whole signing business works in this case? Is it possible to make your own keys and sign your own stuff? How do you go about that? Who has given Verisign the role they have now? Is there any legal requirement stopping people setting up an alternative? How would someone who wanted to do that go about doing it?

                        Comment


                        • #27
                          Originally posted by DanL View Post
                          If you're drinking the Microsoft Kool-Aid, then yes, SecureBoot is about security, but those of us with half a brain realize it's about 1% security-inspired and 99% about selling keys and making other OS's a pain to use.
                          The conspiracy theories around this whole thing are, honestly, pretty amusing.

                          Making other OSes a pain to use? Why? If anyone is going to ship OEM systems with Linux pre-installed - the only case in which Microsoft loses sales - then the Microsoft certification requirements have no force; the OEM doesn't have to comply with them. As indeed this story illustrates - if there _are_ any OEMs who are going to ship Secure Boot-enabled systems with Ubuntu pre-installed, then to comply with Ubuntu requirements they will have to ship with Ubuntu's key pre-installed. So Microsoft's Evil Secure Boot Conspiracy hasn't actually helped them at all. If Secure Boot truly were intended to lock out other OSes, then it would be designed in such a way that it wasn't _possible_ for Canonical to provide their own signing key for Ubuntu pre-installed systems. It isn't. The other case - where you buy a system with Windows pre-installed, then add Linux to it - is the case where Secure Boot actually causes inconvenience, but why would Microsoft have written it for that purpose? They got their money anyway, with the pre-load. They don't care. Hell, by converting it to Linux, the only effect you have on Microsoft is to reduce their support costs.

                          'selling keys' is even more ludicrous. Let's be very generous and say there are, oh, a couple of thousand bodies in the world making operating systems that the public are realistically likely to want to install onto their systems. I suspect that's a huge over-estimate, but I'm being generous to Microsoft here. At $100 a pop, their potential revenue is an absolutely *massive*...$200,000. Microsoft's revenues are seventeen billion dollars a quarter. A one-time revenue hit of $200,000 is less than a rounding error to Microsoft. Besides, as already noted, Microsoft isn't getting the money; and even if they were, running a certification authority for Secure Boot is almost certainly a money losing proposition - it'll cost them far more than whatever revenue they receive (which in practice will be way south of $200,000) to go through all the trouble of implementing a public signing authority. It would be much much cheaper for Microsoft *not* to offer signing services to other organizations. The offering of such services is a _concession_, not an evil scheme to make money.

                          I know it's lots of fun and exciting to see conspiracy theories everywhere, but if you stop and think about it for a minute, this one is prima facie ludicrous. The truth is far more boring and humdrum: Microsoft isn't involved in an evil conspiracy to destroy alternative OSes. Microsoft just doesn't _care_ an awful lot. To Microsoft, at this point, Linux on general-purpose consumer PCs is not a mortal enemy; it's an irrelevance. Microsoft supports Secure Boot for precisely the purpose it claims to support Secure Boot - to reduce the threat of boot sequence malware. Does Secure Boot as designed have some problematic consequences for alternative OSes? Yeah, it does. Is that the result of evil intent on Microsoft's part? No. If anything, it's simply the result of negligence. Microsoft has zero reason to give a crap about alternative OSes, in the sense of supporting or opposing them. It just doesn't really care. So far as Microsoft influenced the design of Secure Boot, it did so in a way which would support its own goals - the security of its OS. The alternative OS community, in giving input to the Secure Boot design, secured several concessions, of which Microsoft's providing signing services is one (others are things like the mandated ability for the user to disable Secure Boot). Would more concessions have been better? Sure. But that's what we got. The design as it stands isn't the result of exciting conspiratorial meetings in smoky rooms, nothing as exciting as that. Sorry.

                          Comment


                          • #28
                            Originally posted by Kristian Joensen View Post
                            Is there anywhere I can get a good overview how this whole signing business works in this case? Is it possible to make your own keys and sign your own stuff?
                            Yes. Anyone can sign anything with any key they like. The trick, if you care about it, is having anyone else trust your key. If it's just for your personal purposes, though, then you're fine.

                            Originally posted by Kristian Joensen View Post
                            How do you go about that?
                            Matthew Garrett is working on tools to allow end users to do their own signing.

                            Originally posted by Kristian Joensen View Post
                            Who has given Verisign the role they have now?
                            Actively, Microsoft. Passively, everyone else. It seems a given that there is going to be no neutral third party with the trust of all vendors who will act as an independent signing authority. No body that might be so trusted wants to take the time, trouble and expense to do this. So Microsoft, obviously, needs to effectively do its own signing. Instead of really doing it in-house it is outsourcing this to Verisign, since they're an expert in the domain and ought to be more efficient at it. As a concession to other OS vendors, Microsoft/Verisign are offering to sign other OSes with the 'Microsoft' key for a nominal fee (a fee at which they will almost certainly be making a loss). No-one really _made_ them do so, but of course it looks much better if they do so. The 'passively, everyone else' bit is about the lack of a third-party independent signing authority as an alternative. No-one in the industry much liked the look of the effort involved in setting up an enterprise; so by default, Microsoft/Verisign winds up as the only public signing service (as things stand at present).

                            Originally posted by Kristian Joensen View Post
                            Is there any legal requirement stopping people setting up an alternative? How would someone who wanted to do that go about doing it?
                            To my knowledge, none whatsoever. How would you go about doing it? Well, you'd have to set up an organization, a non-profit or whatever. You'd then have to negotiate with system vendors to include your signing key on the systems they ship. Matt says quite a lot of vendors were open in principle to doing this. Then you'd have to offer signing services to OS developers in such a way as to ensure trust on the part of everyone involved - OEMs, end users, OS developers. You'd have to do some sort of verification of the bona fides of those applying for keys, and review the code they wanted to have signed. You'd need a mechanism for signing things and of course keeping the keys secure. In many ways it's much like acting as a CA for anything else - SSL certificates or whatever. It's just a different payload, but most of the same considerations apply.

                            Given the amount of organizations that make OSes, and their likely ability to pay for such signing services, it seems almost inconceivable that such a service could be run as a straightforward for-profit business. It would have to be some kind of industry-funded non-profit.

                            Comment


                            • #29
                              Thank you very much for your answer. Very infornative. So let me get this straight, with the tools you were talking about for people signing their stuff they could boot any OS using any bootloader even with secureboot enabled? Including booting any Linux distro(provided it otherwise supports UEFI/secureboot) using Grub2?

                              Comment


                              • #30
                                Originally posted by Kristian Joensen View Post
                                Thank you very much for your answer. Very infornative. So let me get this straight, with the tools you were talking about for people signing their stuff they could boot any OS using any bootloader even with secureboot enabled? Including booting any Linux distro(provided it otherwise supports UEFI/secureboot) using Grub2?
                                As long as the system firmware allows the user to add arbitrary keys as trusted, yes. The Microsoft certification requirements specify that the user must be able to add keys, so that ought to be possible on the vast majority of shipped systems with Secure Boot support.

                                Of course, the easier way to boot any arbitrary OS is just to disable Secure Boot (the Microsoft certification requirements specify that the user must be able to do this, too). The self-signing stuff applies only if you want to preserve the benefits of secure boot and ensure your system can only boot code you have checked and signed yourself.

                                Comment

                                Working...
                                X