Announcement

Collapse
No announcement yet.

Ubuntu's Plans To Implement UEFI SecureBoot: No GRUB2

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by timofonic View Post
    They too!

    But Canonical and Red Hat are now the Microsoft whores, paying the cost for staying alive even in a very bad environment.

    They are showing their real nature these days...
    As far as I know, the money goes to Verisign, not Microsoft.
    Still, why should those assholes Verisign get the money?
    Shouldn't it be handled by a non-profit?

    Comment


    • #22
      Future OEM PCs to have Ubuntu pre-installed and certified will require that the Ubuntu key be part of the device's UEFI signature database.
      This seems nice.

      Comment


      • #23
        UEFI is probably a good thing for inspiring different boot methods as they wont be locked down to boot vectors on x86 based systems, but they will be partially restricted to UEFI and the real bios options.

        Comment


        • #24
          Originally posted by werfu View Post
          I dont get why this Secured Boot and requiring Microsoft key doesn't bring an Anti-trust suit againt MS. I mean, they're basically locking out people from using other OS unless these OS have paid MS for the signing. That's a hell of case!
          You'd have difficulty convincing anyone of that in a court of law.

          Microsoft isn't preventing anyone else from acting as a signing authority. They aren't preventing OEMs from shipping systems with multiple signing keys; the certification requirements explicitly _don't_ say that the Microsoft key should be the _only_ key present, only that the Microsoft key should be _one_ of the keys present.

          So how, precisely, are Microsoft locking anyone out of anything? The fact that no-one else seems to be willing to act as a signing authority is difficult to hold against Microsoft. They aren't preventing it from happening.

          Comment


          • #25
            Originally posted by uid313 View Post
            As far as I know, the money goes to Verisign, not Microsoft.
            Still, why should those assholes Verisign get the money?
            Shouldn't it be handled by a non-profit?
            What non-profit? There isn't one. Are you offering to found one?

            Comment


            • #26
              Is there anywhere I can get a good overview how this whole signing business works in this case? Is it possible to make your own keys and sign your own stuff? How do you go about that? Who has given Verisign the role they have now? Is there any legal requirement stopping people setting up an alternative? How would someone who wanted to do that go about doing it?

              Comment


              • #27
                Originally posted by DanL View Post
                If you're drinking the Microsoft Kool-Aid, then yes, SecureBoot is about security, but those of us with half a brain realize it's about 1% security-inspired and 99% about selling keys and making other OS's a pain to use.
                The conspiracy theories around this whole thing are, honestly, pretty amusing.

                Making other OSes a pain to use? Why? If anyone is going to ship OEM systems with Linux pre-installed - the only case in which Microsoft loses sales - then the Microsoft certification requirements have no force; the OEM doesn't have to comply with them. As indeed this story illustrates - if there _are_ any OEMs who are going to ship Secure Boot-enabled systems with Ubuntu pre-installed, then to comply with Ubuntu requirements they will have to ship with Ubuntu's key pre-installed. So Microsoft's Evil Secure Boot Conspiracy hasn't actually helped them at all. If Secure Boot truly were intended to lock out other OSes, then it would be designed in such a way that it wasn't _possible_ for Canonical to provide their own signing key for Ubuntu pre-installed systems. It isn't. The other case - where you buy a system with Windows pre-installed, then add Linux to it - is the case where Secure Boot actually causes inconvenience, but why would Microsoft have written it for that purpose? They got their money anyway, with the pre-load. They don't care. Hell, by converting it to Linux, the only effect you have on Microsoft is to reduce their support costs.

                'selling keys' is even more ludicrous. Let's be very generous and say there are, oh, a couple of thousand bodies in the world making operating systems that the public are realistically likely to want to install onto their systems. I suspect that's a huge over-estimate, but I'm being generous to Microsoft here. At $100 a pop, their potential revenue is an absolutely *massive*...$200,000. Microsoft's revenues are seventeen billion dollars a quarter. A one-time revenue hit of $200,000 is less than a rounding error to Microsoft. Besides, as already noted, Microsoft isn't getting the money; and even if they were, running a certification authority for Secure Boot is almost certainly a money losing proposition - it'll cost them far more than whatever revenue they receive (which in practice will be way south of $200,000) to go through all the trouble of implementing a public signing authority. It would be much much cheaper for Microsoft *not* to offer signing services to other organizations. The offering of such services is a _concession_, not an evil scheme to make money.

                I know it's lots of fun and exciting to see conspiracy theories everywhere, but if you stop and think about it for a minute, this one is prima facie ludicrous. The truth is far more boring and humdrum: Microsoft isn't involved in an evil conspiracy to destroy alternative OSes. Microsoft just doesn't _care_ an awful lot. To Microsoft, at this point, Linux on general-purpose consumer PCs is not a mortal enemy; it's an irrelevance. Microsoft supports Secure Boot for precisely the purpose it claims to support Secure Boot - to reduce the threat of boot sequence malware. Does Secure Boot as designed have some problematic consequences for alternative OSes? Yeah, it does. Is that the result of evil intent on Microsoft's part? No. If anything, it's simply the result of negligence. Microsoft has zero reason to give a crap about alternative OSes, in the sense of supporting or opposing them. It just doesn't really care. So far as Microsoft influenced the design of Secure Boot, it did so in a way which would support its own goals - the security of its OS. The alternative OS community, in giving input to the Secure Boot design, secured several concessions, of which Microsoft's providing signing services is one (others are things like the mandated ability for the user to disable Secure Boot). Would more concessions have been better? Sure. But that's what we got. The design as it stands isn't the result of exciting conspiratorial meetings in smoky rooms, nothing as exciting as that. Sorry.

                Comment


                • #28
                  Originally posted by Kristian Joensen View Post
                  Is there anywhere I can get a good overview how this whole signing business works in this case? Is it possible to make your own keys and sign your own stuff?
                  Yes. Anyone can sign anything with any key they like. The trick, if you care about it, is having anyone else trust your key. If it's just for your personal purposes, though, then you're fine.

                  Originally posted by Kristian Joensen View Post
                  How do you go about that?
                  Matthew Garrett is working on tools to allow end users to do their own signing.

                  Originally posted by Kristian Joensen View Post
                  Who has given Verisign the role they have now?
                  Actively, Microsoft. Passively, everyone else. It seems a given that there is going to be no neutral third party with the trust of all vendors who will act as an independent signing authority. No body that might be so trusted wants to take the time, trouble and expense to do this. So Microsoft, obviously, needs to effectively do its own signing. Instead of really doing it in-house it is outsourcing this to Verisign, since they're an expert in the domain and ought to be more efficient at it. As a concession to other OS vendors, Microsoft/Verisign are offering to sign other OSes with the 'Microsoft' key for a nominal fee (a fee at which they will almost certainly be making a loss). No-one really _made_ them do so, but of course it looks much better if they do so. The 'passively, everyone else' bit is about the lack of a third-party independent signing authority as an alternative. No-one in the industry much liked the look of the effort involved in setting up an enterprise; so by default, Microsoft/Verisign winds up as the only public signing service (as things stand at present).

                  Originally posted by Kristian Joensen View Post
                  Is there any legal requirement stopping people setting up an alternative? How would someone who wanted to do that go about doing it?
                  To my knowledge, none whatsoever. How would you go about doing it? Well, you'd have to set up an organization, a non-profit or whatever. You'd then have to negotiate with system vendors to include your signing key on the systems they ship. Matt says quite a lot of vendors were open in principle to doing this. Then you'd have to offer signing services to OS developers in such a way as to ensure trust on the part of everyone involved - OEMs, end users, OS developers. You'd have to do some sort of verification of the bona fides of those applying for keys, and review the code they wanted to have signed. You'd need a mechanism for signing things and of course keeping the keys secure. In many ways it's much like acting as a CA for anything else - SSL certificates or whatever. It's just a different payload, but most of the same considerations apply.

                  Given the amount of organizations that make OSes, and their likely ability to pay for such signing services, it seems almost inconceivable that such a service could be run as a straightforward for-profit business. It would have to be some kind of industry-funded non-profit.

                  Comment


                  • #29
                    Thank you very much for your answer. Very infornative. So let me get this straight, with the tools you were talking about for people signing their stuff they could boot any OS using any bootloader even with secureboot enabled? Including booting any Linux distro(provided it otherwise supports UEFI/secureboot) using Grub2?

                    Comment


                    • #30
                      Originally posted by Kristian Joensen View Post
                      Thank you very much for your answer. Very infornative. So let me get this straight, with the tools you were talking about for people signing their stuff they could boot any OS using any bootloader even with secureboot enabled? Including booting any Linux distro(provided it otherwise supports UEFI/secureboot) using Grub2?
                      As long as the system firmware allows the user to add arbitrary keys as trusted, yes. The Microsoft certification requirements specify that the user must be able to add keys, so that ought to be possible on the vast majority of shipped systems with Secure Boot support.

                      Of course, the easier way to boot any arbitrary OS is just to disable Secure Boot (the Microsoft certification requirements specify that the user must be able to do this, too). The self-signing stuff applies only if you want to preserve the benefits of secure boot and ensure your system can only boot code you have checked and signed yourself.

                      Comment

                      Working...
                      X