Matthew Garrett Makes Available Secure Bootloader For Linux Distros 274
TrueSatan writes "Matthew Garrett, formerly of Red Hat, is providing a shim bootloader that will allow installation/booting of secure boot enabled computers. The shim is designed to chain boot GRUB (Grand Universal Bootloader) without the need for a distribution to obtain a key from Microsoft. Garrett asks that further contacts regarding the shim be made to him and not to Red Hat as he no longer works there and they may not have knowledge of the product."
Yay! (Score:5, Interesting)
I'm really proud of him and I really hope that there is no ensuing lawsuit for violating some sort of propitiatory BS.
Re:Yay! (Score:5, Funny)
violating some sort of propitiatory BS
Yeah I really hate all that appeasing the gods BS, too.
Re: (Score:2, Informative)
Re:Yay! (Score:5, Insightful)
You should never care if it is an AC.
It is the message that is important, not the messenger. Why, after 11 years of using this site, should I register an account? My words stay the same. All it would be good for is group validation through karma whoring. I'd rather be ignored out of irrational bias than lauded for conforming to groupthink.
Re: (Score:3)
The problem is karma actually provides a good system for weeding out the abusive troll, but not the clever troll. People who register an account and act like many of the ACs here will end up with a very poor default karma and thus their comments will be hidden per default slashdot settings. Yet if you post something completely indifferent you will still end up with karma that gives you a default score of 1 when you post.
That's the only reason I signed up for an account. I had things to say, and they never g
Re: (Score:3)
oh how terrible. Words you were told were 'bad' by your parents/society still cause you such harm that... seriously? Grow a pair.
what part of having/not having an account would prevent overly sensitive sorts like yourself from modding it down? ..and the term 'trolling' now has no meaning because, nowadays, it is mostly used to mislabel statements one doesn't agree with as an ad hom attack.
Re: (Score:2)
Given that conciliatory is a synonym for propitiatory, I suspect any scenarios involving Red Hat becoming litigious are unlikely to involve Red Hat acting in a conciliatory fashion on the matter at any point in the next decade or so thereafter.
Re:Yay! (Score:5, Interesting)
Here's what's funny. The chainloaded "Grub" boot loader is actually circumventing the secure boot, because it has its own "OS kernel-like" functionality until it passes control over to the kernel components that it's booting. Grub was used to circumvent Microsoft's DRM, and now it will be used to circumvent their secure boot nonsense. I love it.
Grub is way more complex, knowledgeable (figuratively speaking... it's got high level filesystem drivers etc.) and functional than any bootloader Microsoft would envision. They'll be crying foul. Not only will this be used to boot Linux, but it will also allow booting any other OS without signing.
Re: (Score:3, Insightful)
The signing process is relatively mechanical... Joe Blow could do it (with the proper notarization) and there is no way they can consider the full functionality of the binary that you upload to be signed. You put your credentials on the line, you pay the money, you get your binary certified. If it's bad, then there is someone to go after. The way they have set this up, it can only be reactive.
The implications of this will not make them happy. I'm betting that you would realize that this is being done for mo
Re: (Score:3)
Given the amount of press coverage that this whole story has been getting, I very much doubt that the people in charge of the process are not aware of it. And it's not like there are many of those signing requests coming in. I mean, really, how many other companies would need to sign their bootloader with MS key? all Windows OEMs just use the standard Windows bootloader; I wouldn't be surprised if, so far, this has actually been the first and only such request.
Also, did you actually read about how the signe
Re:Yay! (Score:4, Interesting)
He violated nothing. The better question to ask is "who the hell does MS think it is?" They don't and cannot control the HW manufacturers. Nothing stops independent HW dealers in Asia or wherever from selling directly to consumers. Look at Google, Amazon, and other large companies. They design and buy their HW direct from the manufacturer, cutting out the middle man. Cutting out the middle man is ALWAYS the right thing to do. No one is entitled to a profit. No one has the right to demand I buy from them and their overly-capitalist markup system. Screw all that.
I am going to start looking into buying from the source, even as a consumer. I have the right to buy from the source just like a company. I'm tired of dealing with the MS tax on computers. MS was and is a monopoly. I have used Linux as my home desktop/laptop system since 1998 and now this is happening. Screw any and all who would attempt to even try and dictate my actions with HW I've paid money for.
Re:Yay! (Score:5, Funny)
Cutting out the middle man is ALWAYS the right thing to do.
Next time you're sick, I'll call the undertaker.
Re: (Score:2)
Cutting out the middle man is ALWAYS the right thing to do
Unless it comes to the HR department, where the lack of a middleman between a worker and the employer (incorrectly) is considered a problem.
Re: (Score:3)
Only out of fear of an anti-monopoly response I'm sure. They're requiring the exact opposite (no bypass possible) to certify ARM-based devices.
How does this work? (Score:3)
Re:How does this work? (Score:5, Informative)
In simplistic terms, it's a bit like on iOS devices: they'll only boot software that is signed by Apple, thus preventing low-level viruses and such from tampering with the OS.
In more complicated terms, I'll defer to the wiki page [wikipedia.org].
Re:How does this work? (Score:4, Insightful)
thus preventing people from using their hardware as they see fit.
FTFY
Re: (Score:2)
"thus preventing Romanian hackers from installing undetectable bootkits on your dad's computer"
Fixed that for you
Re:How does this work? (Score:5, Insightful)
Why couldnt the romanian hackers use the signed chainloader to load their code?
Re: (Score:2)
Right, because you have no right to do that with a device you supposedly own.
Re:How does this work? (Score:5, Informative)
Right, because you have no right to do that with a device you supposedly own.
The specs already require that the x86 EFI allows you to load your own key. This is just something to let you install and use linux or other OSes without having to go through the process of loading your own keys into the bios and instead using the ms key that's already been loaded.
Re: (Score:3)
This is a losing battle, there are too many uninformed posters who can't understand such technical matters. You reply to one and 5 other posts come up saying the same wrong things and still modded up. This is happening since a year, there's no use. The smart neckbeards have been replaced by 14 year old kids who don't know what they're talking about and only read headlines and other raving modded retarded rants by the likes of BMO.
Re: (Score:3)
I understand the issues quite well. The GP seemed to be stating that people have no right to run as root on their own hardware. It was actually unrelated to UEFI. Personally, I don't have that much of a problem with UEFI other than it's Microsoft administering it and it makes it much more difficult for an average user to install Linux (I think that's the actual motive behind it). Hopefully this boot shim will help solve the ease of use issue.
Re: (Score:2)
How long until this becomes a malware feature too? I like what this guy is doing to ensure the x86 platform stays open, but who doesn't see malware loading its own keys?
Re:How does this work? (Score:5, Informative)
Try reading the OP.
This is a build of shim that's signed by Microsoft. It has particular properties. It is intended to be distributed by small Linux distros, with their own key as config data. When you boot it, it offers you the option to trust a single specific key - the key it was provided to you with. You have to specifically perform a certain operation to trust the key.
What all this wiggling achieves is allow to say 'I trust the entity that provided me with this key to provide an operating system for my machine'. The safeguards prevent it from being used for malware, unless you're _really_ dumb and, when this screen pops up on your system after you install something you didn't think was an operating system, you carefully jump through all the hoops to allow it to nerf your system.
So Microsoft is happy because the malware path is very unlikely to occur, and the Linux distributor is happy because if the person really is installing an alternative OS, all they have to do is navigate a menu once in order to say that OS's key is trusted, and from then on, that OS can function with SB enabled indefinitely.
Clear?
Re: (Score:3)
You mean, 'on your Windows RT device'. Which, if you don't want to deal with the restrictions on, you don't buy. Just like if you don't want to deal with the restrictions on an iPad, you don't buy an iPad.
Re: (Score:2)
Re: (Score:3)
It is signed with Microsoft's key.
Re: (Score:2)
And we all seen how well it stops people from rooting or jailbreaning iOS devices because an Apple product has never been rooted or jailbroken before.
Re: (Score:3)
It'll only boot grub if grub is signed with a key that a physically present user has manually enrolled. If you choose to enrol a key that's been used to sign a grub that'll then boot anything (including viruses) then you're vulnerable, but such a virus would only be able to infect systems with that key installed - anyone who hasn't installed that key still gets the protection.
Clarification (Score:3)
Re:Clarification (Score:5, Funny)
Micro$oft and Windoze? Have you recently emerged from 15 years in stasis? To bring you up to date...
Madonna is still shit and now looks like Iggy Pop.
9/11
Year of Linux on the desktop is imminent
The president's black
The Rolling Stones aren't dead
We sent cool shit to Mars
World didn't end but will end again later this month
Re: (Score:2)
....I need more mod points.
Re:Clarification (Score:5, Insightful)
Of course you can add to that list:
- Microsoft still doing things to suppress competition.
- Apple has joined them.
They earned that dollar sign. The OS is a bit better behaved than 15 years ago, although NT was pretty quick.
Re:Clarification (Score:5, Funny)
And Duke Nukem Forever was released.
Re: (Score:3)
And Duke Nukem Forever was released.
Steady on there. We don't want to overwhelm him.
Must ship with a way to turn off Secure Boot (Score:5, Informative)
Re: (Score:3)
Two previous versions (Score:3)
Just because Microsoft has to support PCs that don't have secure boot doesn't mean they can't force machines that do to be Microsoft only.
UEFI can't tell that Windows 7 is a Microsoft operating system because Windows 7 doesn't carry a UEFI Secure Boot signature. Therefore, end users exercising downgrade rights will have to turn off Secure Boot [eightforums.com] to use Windows 7. And the page about downgrade rights [microsoft.com] implies that downgrade rights appear to cover the last two major versions: Windows 8 licensees can downgrade to 7 or Vista, and Windows 7 licensees can downgrade to Vista or XP. So Microsoft will more than likely allow end users to turn off Secure Bo
Re: (Score:2)
Kudos (Score:4, Funny)
The man delivered! I really hate not being able to use GRUB or some other bootloader anymore. Why the heck can't I choose what to install on the computer I bought with my own money? Imagine you were Linux Torvalds trying to write your own operating system but in a computer with UEFI enabled.
The way to get the key is also particularly weird. It's like Microsoft has gone out of their way to make it so you need to use Windows to get a key. .CAB files, Silverlight applications, .exe to generate a key, etc.
You can't even choose not to enable UEFI anymore. I bought a 3 TB hard disk recently and the BIOS isn't able to see anything above 2 TB on a non-UEFI system without GPT partitions.
Re: (Score:2)
Re:Kudos (Score:4, Informative)
First UEFI != UEFI Secure Boot.
Second, you can turn off Secure Boot in the settings. So, I am guessing the young Mr. Torvalds would be smart enough to do that.
Third, the keys are editable, i.e you can remove Microsoft's key and add your own or Linux's key if you don't trust Microsoft and that'll stop your machine from ever booting Windows. Thus, you're really in control of your computer. The defaults are setup that way to stop undetectable bootkits infecting your mom's computers because just wants to run Excel and doesn't know or care about signing keys and hashes.
There is so much FUD and misinformation being spread by stupid people.
Re:Kudos (Score:5, Informative)
But to get your own key, you have to shell out 99 bucks.
That's fucking galling. It's a tax.
--
BMO
Re:Kudos (Score:5, Informative)
No.
The $99 fee is if you want to get stuff signed with the default Microsoft keys (or rather, with a chain-of-trust that ties back to the default Microsoft keys)
Anyone can load new keys into the UEFI boot key-store no problems via the BIOS options.
Re:Kudos (Score:4, Interesting)
Re: (Score:2)
First of all, adding keys should NOT be with a simple click or else malware will just instruct users to do that to watch DancingBunnies.exe
Second of all, it isn't that bad, There are GUI screens navigatable with a mouse(unlike BIOS) where you can input/remove keys. Perhaps you have ideas to make it easier while still maintaining security, instead of just kneejerk bashing and conspiracy theories of "OH THEY'RE GONNA GET US OMG".
If there are users incapable of doing that, do you really expect to be able to in
Re:Kudos (Score:5, Informative)
Second of all, it isn't that bad, There are GUI screens navigatable with a mouse(unlike BIOS) where you can input/remove keys. Perhaps you have ideas to make it easier while still maintaining security, instead of just kneejerk bashing and conspiracy theories of "OH THEY'RE GONNA GET US OMG".
It's a much bigger deal than apologists are making it out to be. It's a big step in making the switch to Linux MUCH more difficult.
For the last ten years or so Linux has been easier to install on a raw machine then Windows. Microsoft finally came up with a way to reverse that. And of course it has nothing to do with making their OS easier to install.
Also no more booting a live CD/DVD so you can try things out or show them to someone. No more Knoppix STD when you're trying to figure out what crap your mom got on her computer this time or recover data from a flaked hard drive. Etc, etc...
Re: (Score:2)
I don't suppose you (or anyone else) knows if these options (loading keys, disabling secure boot, etc.) will be available from all OEMs or is it something they can choose to not implement if they want?
I know with Windows RT, it's all locked down with no way to change it but that's not a "real" PC in any term.
Re: (Score:2)
I know with Windows RT, it's all locked down with no way to change it but that's not a "real" PC in any term.
Right. Its not a "real" PC. Its an ARM based mobile device.
Because Microsoft smells the death of "real" PCs and the market's migration to mobile and to ARM, away from Intel. So, sure, you can still have your beige tower and run whatever OS you want on it.
Re: (Score:2)
Apparently I need to qualify my statement further: Windows RT is generally built on some sort of a SoC rather than assembling together components in the traditional sense (CPU, Motherboard, RAM, etc.). Different ARM SoC's tend to use customised code left, right and centre which includes the boot code so it's expected that it'll be as locked down as the likes of smartphones, routers, set top boxes, etc.
At least with traditional x86 PC's, they'll (hopefully) still be made up of off-the-shelf components from p
Re: (Score:2)
Well, laptops are usually not built up of components like 'traditional' PCs are. And yet the mandatory lockdown doesn't seem to apply to them. It seems to be a function of ARM/not ARM (Windows RT/not RT) rather than the hardware architecture of the device.
I'd expect the Windows RT architecture for ARM devices to allow for upgrades to drivers and other components for patching purposes as well as to the entire OS for new releases. So, in this sense, the s/w architecture of an ARM device needs to be closer to
Re: (Score:2)
I don't think laptops are a fair comparison to an SoC. While the components may be generally soldered to the motherboard, they're still based off of discrete components supplied by other parties. The same motherboard can accompany several different CPUs and even different GPUs. They still use the same boot code as their desktop counterparts and things like that.
Still what you're saying is true, RT has to be flexible enough to allow for other components and drivers. I believe Microsoft mandates that this all
Re: (Score:2, Informative)
First, that's to get your own binary get signed with the default installed Microsoft key, so it's meant for distributors, not users who can add/remove keys without any cost.
Also, if you think Microsoft is trying to make any money from the $99 you're sorely mistaken.
Read this and I hope you have enough reading comprehension skills to under the reasoning behind Microsoft's fee.
http://indiegames.com/2012/09/valves_solution_for_steam_gree.html [indiegames.com]
If there was no fee, every Russian malware author will apply thousand
Fuck secure boot. (Score:4, Insightful)
I find it disappointing that instead of actively fighting secure boot and making a BIG PUBLIC STINK about it and embarrassing everyone involved in implementing this, the community is aquiescing to the concept and "working with it."
Stallman is right, guys, and anyone endorsing Trusted Computing 2.0 by either actively participating in the distribution of it, or tacit approval needs to be publicly humiliated and embarassed into doing the right thing.
Secure boot was never about protecting the end user.
--
BMO
Re: (Score:3, Insightful)
What BMO said. Where's a +10 when you need it.
Re:Fuck secure boot. (Score:4, Insightful)
Re: (Score:2)
Don't frown upon this please. It is usually better to first show that any resistance is futile, before politely asking not to put such weird and unusuable features into production machines.
Re: (Score:3)
There was a time when the community embarassed Intel into not putting serial numbers into their processors.
I miss that time.
We have become soft.
--
BMO
Re: (Score:2)
Because secure boot actually has real, nice consequences, open source or not?
Re: (Score:2, Interesting)
If you could generate a self-signed key for free, then I would have less of a problem with this.
But to get a key, you have to pay a notary and prostrate yourself before Microsoft and get their blessing, for 99 bucks. It's a tax on kernel builders and hobbyists who compile their own kernels with experimental patches - a tax on progress for BSD, Linux, Haiku, everyone who isn't Microsoft. It's also a hoop to jump through deliberately engineered to scare the less informed and to make it inconveniient to use
Re:Fuck secure boot. (Score:4, Informative)
No, no, no. You got it wrong.
I hate this whole kerfuffle as much as everybody, but the part about not being able to load self signed keys isn't correct. You can load self-signed keys into the UEFI boot key-store right from the UEFI UI. Of course that will prevent Windows 8+ from booting, but that's another story. You can disable it altogether, with the same result.
So you can either disable secure boot or have your own chain of trust separated from Microsoft and boot other OSes. BUT if you want to boot Windows 8+ you have to enable it and use Microsoft's chain of trust, and is in THAT case, when you want to also boot other OSes you must have the other OSes bootloaders signed by Microsoft.
This shim bootloader represents a convenience to the users of that specific case (which indeed is the most common one). They have a "generic" Microsoft-signed bootloader along with some tools to extend a chain of trust from that bootloader to another one, and this second one won't have to get through the dreaded certification process (which indeed forces you to use Windows).
The problem here is NOT UEFI / SECURE BOOT. The problem is MICROSOFT CERTIFICATION PROGRAM. That's where they boicott the whole industry, and where they should be given a fight. That stupid certification process they combined with a twisted use of the new capabilities of UEFI. Make no mistakes, shouldn't UEFI exist today, they would still be looking for ways to exploit their certification program to make manufacturers do anything they want, just so they can bless them with being "Win compatible". THAT is the great lie right there, by which they have the industry inexplicably grabbed by the balls.
The solution of course would be everyone giving the finger to Microsoft on their fucking certification program, and a more open competition would arise. I very much want to see how long they last on that environment.
Re: (Score:2)
The problem here is NOT UEFI / SECURE BOOT. The problem is MICROSOFT CERTIFICATION PROGRAM. That's where they boicott the whole industry, and where they should be given a fight. That stupid certification process they combined with a twisted use of the new capabilities of UEFI. Make no mistakes, shouldn't UEFI exist today, they would still be looking for ways to exploit their certification program to make manufacturers do anything they want, just so they can bless them with being "Win compatible". THAT is the great lie right there, by which they have the industry inexplicably grabbed by the balls.
The solution of course would be everyone giving the finger to Microsoft on their fucking certification program, and a more open competition would arise. I very much want to see how long they last on that environment.
You're close, and much better informed unlike the other modded up posts which are simply put, retarded. But you got a few things wrong.
The motherboard manufacturers and OEMs offered RedHat and others to include their keys. But they or the Linux foundation are too afraid to maintain a key signing infrastructure and to filter malware and are shirking from the responsibility. Perhaps your energy is better directed at making an organization which does key signing instead of just blaming MS for their certificati
Re: (Score:2)
No. The last time that happened was only because Microsoft was not playing the regulatory capture game. Before the whole bundling internet explorer with windows antitrust case. Microsoft did not lobby that much if at all in Washington.
They have since learned that to not get targeted with any antitrust junk they must lobby the feds. They have done so to the point that many ex Microsoft, and possibly future Microsoft employee's* are running the needed groups that instead of targeting Microsoft for this 'clear
Re: (Score:2)
Wrong, there is no case for an antitrust trial in the US or Europe in spite of uninformed Slashdot posts. If there was one, FSF Europe would've jumped on it. The technical matters are much different from the stupid modded posts like BMO's which are simply wrong. The FSF lawyers know their legal and technical stuff, Slashdot posters and moderators don't seem to.
Re: (Score:2)
It isn't about the kernel - it's about the boot loader. And yes, I agree that there should be a dip switch on the motherboard that disables secure boot (letting this know to the boot loaders, so that they won't boot potentially).
"It's a tax, an inconvenience, and it does absolutely nothing in reality to protect the end user."
Yes it does, it's just that you don't see it. Probably because the end user scenarios that you can think of, don't involve it. But when a box is properly tamper-evident, secure boot doe
Re: (Score:2)
If you could generate a self-signed key for free, then I would have less of a problem with this.
Oh please, you can do exactly that.
It's clear by your posts that you're out of your technical depth here inspite of your misinformed rants getting modded up by clueless moderators. Your every new post on this topic shows that you're probably a 14 year old kid who just got his new Macbook and iPad.
May I ask what you do for a living? Or are you afraid to tell us?
Re: (Score:2, Insightful)
>The free option allows you to generate your own key.
With a UEFI Secure Boot that requires a Microsoft signed key, how does one generate a self-signed key that works?
>you're safe from hypervisor malware attacks.
This is an unrealistic attack and to present it as plausible and likely is laughable, since more mundane and common attacks are far more likely to be an actual problem. It's like recommending that I go outside every day with a hardhat to avoid falling meteors when the actual threat to my safet
Secure Boot in custom mode (Score:4, Informative)
With a UEFI Secure Boot that requires a Microsoft signed key, how does one generate a self-signed key that works?
By setting Secure Boot to custom mode and installing the self-signed key. Microsoft requires makers of x86 and x86-64 PCs to allow neutering Secure Boot as a condition for Windows 8 certification, just like Google requires a device to have Android Debug Bridge open as a condition for access to the Google Play Store. The strict game-console-style lockdown is only for Windows RT.
Re: (Score:3)
>The strict game-console-style lockdown is only for Windows RT.
As if this makes it ok.
An ARM computer is just as much a real computer as one with an IA64 processor in it, especially when the new ARM processors coming out support 64 bit computing
Why shouldn't I be able to put Linux or any other OS compiled for ARM on an ARM machine? An ARM laptop running Linux would be a nice thing with longer battery life than what can be found with Intel processors. Why do I have to supplicate and offer $$ to Redmond,
Re: (Score:2, Flamebait)
Give it up,BMO is probably a PHB, he does not understand technical stuff, so he just trolls the karmawhoring Slashdot line by writing retarded anti-MS stuff and calling people paid shills. It's useless as trying to explain quantum mechanics to an amoeba.
Re: (Score:3)
This is an unrealistic attack and to present it as plausible and likely is laughable, since more mundane and common attacks are far more likely to be an actual problem. It's like recommending that I go outside every day with a hardhat to avoid falling meteors when the actual threat to my safety is people speeding through the neighborhood and not stopping at stop signs as I attempt to cross the street
You don't seem know much about malware and how it works. Here are some references about boot malware which UEFI secure boot can prevent.
http://www.chmag.in/article/sep2011/rootkits-are-back-boot-infection [chmag.in]
http://www.theregister.co.uk/2010/11/16/tdl_rootkit_does_64_bit_windows/ [theregister.co.uk]
http://www.computerworld.com/s/article/9217953/Rootkit_infection_requires_Windows_reinstall_says_Microsoft [computerworld.com]
I recommend reading atleast the first link.
Here's one juicy bit:
TDL4 is the most recent high tech and widely spread member of the
Re:Fuck secure boot. (Score:5, Informative)
"With a UEFI Secure Boot that requires a Microsoft signed key, how does one generate a self-signed key that works?"
openssl req -new -nodes x509 -outform DER -out sig.crt -keyout signing_key.priv
And then enrol it with mokutil or MokManager from shim.
Re: (Score:2, Insightful)
secure boot is in no way "Trusted Computing 2.0" and Microsoft requires OEMs shipping Windows 8 to provide both options for the user to turn secure boot off completly AND for the user to install new keys of their choice.
Also, Secure Boot is very much about protecting the end user. It stops unknown/untrusted/unwanted low-level code running including many of the new breed of viruses that infect the master boot record to make it harder for anti-virus programs to defeat them.
Now if a manufacturer of x86 PCs sta
Re:Fuck secure boot. (Score:5, Informative)
" Microsoft requires OEMs shipping Windows 8 to provide both options for the user to turn secure boot off completly AND for the user to install new keys of their choice."
A half truth is a whole lie.
Stop lying.
The other half of the truth is that on ARM devices, Secure Boot is ABSOLUTELY REQUIRED AND MUST NEVER BE TURNED OFF
Shill.
--
BMO
Windows RT is not called Windows 8 (Score:2)
Microsoft requires OEMs shipping Windows 8 to provide both options for the user to turn secure boot off completly AND for the user to install new keys of their choice.
The other half of the truth is that on ARM devices, Secure Boot is ABSOLUTELY REQUIRED
And the gripping half [catb.org] is that the operating system for devices with an ARM CPU is not called Windows 8. It is called Windows RT (for 10" screens) or Windows Phone 8 (for 4" screens).
Re: (Score:2, Insightful)
I love it how Windows RT tablets(which are supposed to be DoA anyway according to Slashdotters) are somehow "ARM devices" but the iPads and Android tablets, Kindle Fires, Nooks with locked bootloaders with 99% marketshare in mobile are just iPads and Android tablets, Kindle Fires, Nooks. Win32 software which is a big reason for the monopoly won't even run on Windows RT. And then they call for government intervention. Meanwhile Apple is locking everything down but the fanboys keep the discussion down. Why do
Re: (Score:2)
The whole point is that the bootloader shim will only load further code if the key used to sign that code is in the shim's internal (and unchangeable once the system has actually booted from what I can tell) list of valid keys. Since the malware authors probably dont have any of the keys likely to be in that list, if there is an attempt to boot (via the shim) a piece of malware, the shim bootloader would see that its signed with something not in its database and prompt the user "hey, this isn't signed, do y
Re: (Score:2)
Yes, and Microsoft has immunized users against questions from their computer using UAC so the user will say yes, do what you want and let me do my work. So yes, genius.
Re: (Score:2)
And by the time the malware has enough power to change the boot up stuff, your OS is so pwned that secureboot will make no difference if the malware author knows what he's doing.
So as far as I can see, it's not about protecting the user.
Re: (Score:3)
You didn't read past his first sentence.
You don't need to infect the boot to hose the user. It's so much easier to hose the user through normal channels - piracy, troans, spyware, annoyware (toolbars, etc) and "legitimate" software that has "we'll hose you when we like" in the privacy statement that never gets read.
Step 1. Take a popular software package. Bundle malware with it that passes the top 10 scanners.
Step 2. Upload to usenet, direct download sites, and torrents.
Step 3. Wait.
Step 4. Botnet. T
Re: (Score:3)
Oh to have mod points!...If people keep working around this crap rather than voting with their wallets they're saying it's OK. Everyone who gives a shit about this MUST refuse to buy any computer with secure boot...period.
Re: (Score:2)
I'd like to know why there's all this outrage about this, but iOS devices which are even worse get a pass. Someone above said you can actually install your own key and remove the Microsoft ones as well.
Re: (Score:2)
I'd also like to clarify that by "someone above" I meant a previous commenter, not FSM. Sorry for the confusion.
Re: (Score:2)
>but iOS devices which are even worse get a pass
No they don't, not from the technorati. The lumpenproletariat don't care, but that's because they don't know and don't want to know.
Just because Apple does it doesn't make it right for Microsoft to do it.
"Timmy, stop hitting Audrey on the playground! It's not nice!"
"But moooom, Bobby was hitting Audrey too!"
Fucking schoolyard mentality.
--
BMO
Re: (Score:2)
I'm not saying it's right, I'm saying people should call Apple on it as well. Apple is defended regularly here, which is a somewhat technically literate site.
Re: (Score:2)
which is a somewhat technically literate site
No longer, my friend. It's now all kids who think it's cool to hate on MS and then many run to buy the latest iDevices and then promote it to everyone around them.
It's more about hating on MS and bringing them down than fighting for true user and developer freedom. Since Apple is a rival to MS, it gets a free pass and even promotion on Slashdot even though it goes much farther than Secure Boot and implements the Palladium spec to the letter to all programs runnin
Re: (Score:2)
No they don't, not from the technorati. The lumpenproletariat don't care, but that's because they don't know and don't want to know.
The problem here is that marketing a product to the technorati and only the technorati is often unprofitable. The proles dictate what enjoys economies of scale. Otherwise, for example, there would be more video games targeted at members of the technorati who want to replace a video game console with a home theater PC. Instead, because of tradition, video games in console-style genres tend to be released only for PlayStation 3 and Xbox 360 and not ported to the PC, despite that PCs use an operating system th
Re: (Score:2)
We will tolerate no dissent! Not only will we refuse to use
Re: (Score:2)
I find it disappointing that instead of actively fighting secure boot and making a BIG PUBLIC STINK about it and embarrassing everyone involved in implementing this, the community is aquiescing to the concept and "working with it."
The community is not united against secure boot. There are real benefits for the user.
One security threat that has been getting a lot of interest lately is the ability to ensure the integrity of the early boot sequence - the handoff of control from the lowest level system firmware (traditionally provided by the hardware vendor) through to the operating system kernel. This is important because there have increasingly been real-world exploits where fraudulently modified early boot code has introduced vulnerabilities into the operating system.
To confront this challenge, the upcoming generation of system firmware, referred to as Unified Extensible Firmware Interface (UEFI) secure boot, has capabilities in the system startup sequence designed to only pass control to operating system software that can be confirmed to be not tampered with. The mechanism used to confirm the integrity of operating system software is not novel, rather it uses traditional key signing and variations of checksumming. While these mechanisms have traditionally been used higher up in the software stack and later in the startup sequence - what is new is the fact that these validation checks are expected to now be available at the earliest points in the system startup sequence. Performing the checks early is crucial as it provides a safe, verified starting point.
UEFI Secure Boot [redhat.com] [Tim Burke, vice president, Linux Engineering, Red Hat]
Re: (Score:2)
Why? Where are your rants against Apple locking down the iPad and selling tens of millions a year while PC and laptop sales are declining every quarter and the OEMs are going down? iOS is even worse, you can't run programs on your device without paying 30% to Apple even for content purchased inside the apps. Maybe you have some rants against the Kindle Fire?
crickets
No? That means you're not for Freedom, but just are an anti-MS troll, Apple fanboy or both.
Doesn't work (Score:4, Insightful)
I happen to have a computer with Secure Boot enabled by default. Matthew Garrett's boot loader doesn't work while Secure Boot is enabled. The reason being that the machine will not (repeat not) boot from any device except the hard drive unless Secure Boot is first disabled. The steps to load any OS, with or without Secure Boot support, goes like this:
Enter into UEFI control panel.
Disable Secure Boot
Enable Legacy boot options
Enable specific Legacy device, such as DVD drive
Save settings and reboot.
Change boot device to DVD
If Secure Boot is turned on, "Legacy" devices can not be used to boot the computer. Therefore having this boot loader doesn't do any good on machines with Secure Boot enabled. It has to be turned off just to access the installation media.
Re: (Score:2)
Please provide the exact text that will show up on each menu/button. ohh right, UEFI did not spec the menu/configuration structure and nameing conventions. So directions for a VENDOR1 may not work for VENDOR2, and worse than that VENDOR1-2012 may not work for VENDOR1-2013.
So yea, that is really the issue here. It's like explaining to someone (who has issues with why Gmail and their computer can have different passwords) how to boot their computer from a USB stick. There is no common layout to BIOS and the s
Re:Doesn't work (Score:5, Informative)
If your system currently has Windows 8 installed, then do this:
1) Insert the install media
2) Mouse to the bottom right
3) Select "Settings"
4) Click "Power"
5) While holding down shift, click "Restart"
6) Click "Use a device"
7) Click your install media
This is a little more involved than ideal, but it's got the huge benefit that it's consistent between systems rather than requiring you to use different hotkeys for different platforms.
What's the point of secure boot? (Score:2)
What's the point of secure boot, if you can just use this bootloader to boot anything you want?
Re: (Score:2, Informative)
Read his blog, he explains it all.
Basically, the Shim is signed with the Microsoft key, it will load on any system which trusts that key (i.e. every system out there).
The Shim will then load anything that's signed with any of the keys in the secure boot trust database, but it will also allow you to add keys to that trust database yourself.
For example: if you try to boot from a SuSe install DVD is will first start the Shim (which is trusted, because it's signed by Microsoft). The Shim will then ask you if yo
Re: (Score:2)
easy answer ms tried screwing with the linux guys. they however just saw some programmers name on this application and signed it. MS is run by chair throwing anticompetitive dicks. if you start from that base assumption it all make perfect since.
Re:Making No Sense (Score:5, Informative)
Given that I've been working with the Microsoft people who manage the signing for the best part of a year now, I'm pretty sure they know who I am and what I was getting signed.
Re: (Score:2)
"Or else he'll post ad-hominem personal attacks about you on his blog"
And this matters why?
--
BMO
Re: (Score:3, Interesting)
Why does it matter? Because it could ruin your reputation, even wreck your career?
http://www.itwire.com/business-it-news/open-source/57290-garrett-slams-tso-as-rape-apologist
Garrett is scum.