Submitted by The story about how secure boot for Windows 8, part of UEFI, will hinder the use of non-signed binaries and operating systems, like Linux, has registered at Redmond as well. The company posted about it on the Building Windows 8 blog – but didn’t take any of the worries away. In fact, Red Hat’s Matthew Garrett, who originally broke this story, has some more information – worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
A short recap: if OEMs want to partake in the Windows 8 Logo Program (and they all want to), they will have to implement secure boot on all Windows 8 machines. Secure boot requires signing keys from either Microsoft or the OEMs themselves to be installed into the firmware – any binaries, drivers, or operating systems not signed by one of those signing keys will refuse to work on that machine.
Secure boot is part of UEFI, and in some cases, you will be able to go into UEFI and disable it. However, the fear is that OEMs will not include the option to disable it – there’s enough historical precedence to assume this will be the case. Just look at any of the gazzilion crippled BIOS implementations out there today.
Microsoft tried to address this lingering, but potentially very problematic issue in a blog post today, but sadly, none of our concerns were addressed. Microsoft does not intend to mandate OEMs include the option to turn secure boot off (surprising!), which means OEMs are free to omit this option from their firmware implementations.
And this is exactly what some of them intend to do, according to Red Hat’s Matthew Garrett in a response to Microsoft’s blog post. “Windows 8 certification does not require that the user be able to disable UEFI secure boot, and we’ve already been informed by hardware vendors that some hardware will not have this option,” he notes on his own blog.
Garret explains that Microsoft still dominates the desktop/laptop market. As tough a reality check as it may be, Apple’s worldwide marketshare there is still below 5% (not that they care though – they have a far larger share of the profit) and Linux barely even registers as a rounding error. This means that Microsoft still wields considerable power in this market.
“Why is this a problem? Because there’s no central certification authority for UEFI signing keys,” Garrett explains, “Microsoft can require that hardware vendors include their keys. Their competition can’t. A system that ships with Microsoft’s signing keys and no others will be unable to perform secure boot of any operating system other than Microsoft’s. No other vendor has the same position of power over the hardware vendors. Red Hat is unable to ensure that every OEM carries their signing key. Nor is Canonical. Nor is Nvidia, or AMD or any other PC component manufacturer. Microsoft’s influence here is greater than even Intel’s.”
This could be disastrous for end users. They will lose considerable control over their own hardware if Microsoft gets its way. “The end user is not guaranteed the ability to install extra signing keys in order to securely boot the operating system of their choice. The end user is not guaranteed the ability to disable this functionality,” Garrett details, “The end user is not guaranteed that their system will include the signing keys that would be required for them to swap their graphics card for one from another vendor, or replace their network card and still be able to netboot, or install a newer SATA controller and have it recognise their hard drive in the firmware.”
This is going from merely potentially maybe kind of problematic into full-on dangerous. From what both Microsoft and Garrett have told so far, this seems like a perfect storm for Microsoft – they will essentially lock people into using Windows without actually doing any of the locking themselves; they’re basically relying on the utter incompetence of OEMs. And let’s face, three things in life are certain: death, taxes, and incompetent OEMs. This is so damn clever and diabolical I just can’t help having some admiration for it.
I’m not really sure what we can do at this point to prevent this from getting really bad. All I can think of is that clever hackers start work right away on cracking the living daylights out of secure boot – you know, just to be prepared.
Every news outlet just needs to tell PC buyers that the option to turn it off is important. Give negative points in reviews and make comparison sites highlight the option.
If mainboards/PC without the option to turn it off don’t sell well the market will make sure that the option will be available.
That is what would would happen in a perfect world…
I think we need to be worried.
Major vendors should be told that if their inexpensive machines don’t provide a way to disable secure boot, or provide some other means to boot non-Microsoft operating systems, they’ll be hit with antitrust suits for conspiring with a convicted monopolist to suppress competition.
Otherwise they’ll provide only a special line of “developer machines” or “technical workstations” that cost hundreds more, so instead of a Windows tax you’ll have to pay a hefty premium if you want to run Linux, BSD, or some other OS on your machine.
“I’m not really sure what we can do at this point to prevent this from getting really bad.”
I would suggest doing two things.
1. On the technical front, as you said, mobilize armies of Linux hackers, I would start by calling up the Germans (Who had a field-day cracking the Xbox 10 years ago), so that when the systems with neutered BIOSes start to show up, secure boot will face an ambush.
2. On the legal front, call up the European Commission, they have been hunting down Microsoft for a long time, they should be able to instantly see the problem here.
This is an ‘opt-in’ program that Microsoft offers and Microsoft does not require that you buy a machine with a secure boot that cannot be turned off.
You can’t call the EU and complain about Microsoft because some OEM’s won’t permit secure boot to be turned off. You might be able to complain about the OEM but not Microsoft.
There is already going to be a bunch of OEM’s who build machines where secure boot can be turned off so you don’t need to mobilize any hackers. The market has done the hack.
You can complain about Microsoft using it’s domainant position to indirectly force a change that is bad for consumers.
right… because secure boot is an attempt to stifle Linux in the market place rather than Microsoft offering customers the ability to lock their systems down at a hardware level so device drivers cannot be used ti infiltrate a network.
modmans2ndcoming,
“right… because secure boot is an attempt to stifle Linux in the market place rather than Microsoft offering customers the ability to lock their systems down at a hardware level so device drivers cannot be used ti infiltrate a network.”
This is possible but it’s not what I believe to be the intent of secure boot. I believe the secure boot design points to an intent of keeping owners from being able to jailbreak the walled garden that MS is about to introduce with win8.
Microsoft has not really answered the question of whether win8 will be restricted or at all bootable without secure boot enabled. Maybe I am wrong and MS isn’t going to use this for DRM. But until they come out and indicate otherwise, I think DRM is the whole motivation for pushing secure boot. This is why secure boot is designed to keep keys out of the hands of computer owners (which logically we would have if DRM were not the intent).
The linux/otheros dual booting issues (if they turn out to be well founded as Garrett claims) will just be a convenient side effect for microsoft. They will claim that OEMs are responsible for approving alternative operating systems for secure boot, which is true. However MS are not dumb, they fully understand that few if any of the many thousands of OSS developers will manage to get their compiled binaries signed by all OEM keys, and this will result in linux becoming less reliable on the desktop.
Edited 2011-09-25 22:45 UTC
Because that happen a lot. Or not. Unless you mean like Sony’s rootkit but that would not have been stopeed since Sony would have a signed driver…
While we’re protecting ourselves from far-fetched and unlikely threats I’d like my computer to survive nuclear winter.
apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so.
modmans2ndcoming,
“apparently you are unaware of the malware that infected some Motherboard drivers shipped a year ago or so.”
This is vague, a citation or at least a manufacturer would be good.
It’s true, there are instances of windows drivers being infected, however as far as I know these have all been correctly signed to load under windows.
The windows code signing certificates that are sold to developers tell the windows to trust their code, and tell the user the identity of the developers (with the same caveats faced by SSL certificate authorities). However cryptography offers no features to block malicious code from being signed. Secure boot will not fix this, and can never hope to.
I have no idea which driver malware you are talking about, but unless it involved the bootloader, chances are secure boot would not have made a difference.
Yes I am so please enlighten us. I would expect a mobo manufacturer to already sign the drivers so neither driver signing nor secure boot would protect you from that.
Edited 2011-09-28 19:48 UTC
I’m sure you’d love this to be true and I’m sure Microsoft really want to wide behind the cloak of security but unfortunately it’s…..bollocks.
This option can be provided where the user can still have control of their system and install the operating systems and software they want. However, if you’d done some reading then you’d realise that this won’t be given to users.
Sure, OEM incompetence regarding secure booting will most often work to Microsoft’s advantage, but not always. It is also possible that users may buy some future Sony laptop and later discover that Sony only included keys for Windows 7 and they can’t upgrade to Windows 8. Take it one step further – the owner can only run the Sony restore image that came with the system, and can’t even upgrade from Home to Ultimate.
Don’t think that Sony would do something like that? We are, after all, talking about a company that intentionally silently installed rootkits on other people’s computers worldwide. There are other companies capable of acting like that, and many more who could do it out of ignorance.
Linux users alone may not have enough influence to change this. We need to convince Windows users that they are at risk, too. And they are.
Windows 7 doesn’t support secure boot.
An accurate example would be a user who purchases a Windows 8 system from an OEM that does not include an option to disable secure boot. The user is unable to install any prior version of Windows (other than in a VM) since none support secure boot.
Maybe Sony isn’t the best example.
Also, Sony is the only major OEM I can think of that actually has a BTO option to have a vanilla Windows 7 installation, rather than Win7 + OEM crap, and at no extra charge.
Also, regarding the rootkits, their Sony Music group is separate from their VAIO group.
Feel free to pick another example. I’ll take your word that Sony’s laptop group won’t do this, but the parent corporation has demonstrated their willingness to harm Sony customers. All it would take is a new head for that division.
The point remains: Microsoft is leaving the door open for OEMs to handle secure booting in ways that could harm Windows users as well as Linux users. Some OEM will do so. It doesn’t matter whether it’s Sony or someone else. Microsoft isn’t going to listen to Linux users. They might listen to Windows users. Help me convince Windows users that they should be concerned about the way this UEFI feature is implemented. By the way, it is a useful feature, but only if it’s done right.
I’m tired of short-sighted people saying that they don’t care about some issue because it doesn’t affect them. Yes it does. Don’t tell me that you don’t care about Firefox because you use IE. The only reason IE exists is because Netscape existed. Once Netscape ceased to be a threat, IE stagnated. As soon as Firefox came about, IE resumed improving. You don’t need to use something to benefit from its existence.
If the stupidity of OEMs allows Microsoft to gain an effective lock-in on some hardware, that hurts everyone. It hurts people who buy non-crippled hardware, because they have fewer choices. It hurts Windows users because it gives Microsoft one more reason to ignore Windows users; if your hardware only runs Windows, why should Microsoft listen to you? You’re stuck running Windows no matter how they treat you.
Unless the Win8 keys are compromised between the releases of Win8 and Win9, they would be the same keys.
The problem remains, however, that those keys are only valid for MS or MS-licensed soft/hardware.
Edited 2011-09-24 06:45 UTC
Icaria,
“Unless the Win8 keys are compromised between the releases of Win8 and Win9, they would be the same keys.”
Most likely the bios will trust one or more microsoft signing keys, and those keys will then be used to sign individual operating systems + updates. Therefor, a single MS key in the bios should work with all microsoft’s current and future operating systems.
I am assuming microsoft will sign all it’s current/future operating systems with all bios keys, which may not be the case. They could omit signatures in order to enforce planned obsolescence.
Bingo. You’re thinking along exactly the right lines. I’m not sure why you haven’t been modded up.
It also gets around the uncomfortable virtualisation problem Microsoft doesn’t like where you can run free virtualisation platforms and where people have been running versions of Windows long after they have ended support.
Edited 2011-09-27 00:16 UTC
The only way around this is to create enough vocal complaints against this, that will force Microsoft to change Windows 8 logo requirements.
OEM will be faithfull to themselves and deliver Windows 8 only motherboards.
Another way is to boycott all manufacturs that do such thing.
Somehow Apple is looking good again to me. At least one Apple sale is a Microsoft lost one.
Ah yes, because what Apple is doing with EFI + OSX is so much better?
What kind of fanboy response is this? Microsoft could behave better. So could Apple. Poor behavior by Apple does not excuse poor behavior by Microsoft.
I fail to see the relevance of anything that Apple does to Microsoft’s attempt to use an avoidable side-effect of a desirable security feature to lock out other operating systems.
Apple plays the lock-in game, too. That doesn’t make what Microsoft is doing right. Apple and Microsoft are both wrong. Is that hard to understand?
I think his point stands. If you buy from either, you’re rewarding the same behaviour.
Perhaps you missed the “Somehow Apple is looking good again to me.” part of the post I replied to?
The art of reading properly what someone writes is being lost it seems.
On my eyes Apples is even worse than Microsoft, because of all the class actions it has been doing lately.
But if the world would come to state where it is either Apple or Microsoft, then putting some money on Apple at least would get the balance even in market share. That was my point.
poor behavior
Replacing dreaded BIOS/MBR with more adequate system is considered as “poor behavior”?
I don’t think the whole “secure boot” thing is a problem because there are lot of mobo makers who fight with each other for every cent. And this feature will force the “potentially linux” consumers to avoid their stuff.
Yes it was better. EFI is technologically superior to ancient BIOS and closer to the OpenFirmware that apple used on PowerPC. Alternative OSs may have had to adapt to EFI, but they were not locked out of it with keys.
I would not mind the security enhancement in UEFI as long as the user gets a key to run their own code.
If vendors don’t offer a way to turn off the feature, SecureBoot will be a prime target for cracking since it will thoroughly irritate people who have the skills and motivation to break it.
Take it with a big pinch of salt, but if I remember correctly, Macs ship with a badly broken (and outdated) implementation of EFI, which gives headaches to everyone trying to run an OS which implements EFI support from the spec.
It is likely that OS X depends on some quirks of this implementation, both making it incompatible with PCs which run standard UEFI and making OSs compatible with standard UEFI incompatible with “Mac-EFI”. That would essentially make Apple’s EFI yet another proprietary firmware, which just happens to be based on EFI.
Again, take this with a big pinch of salt.
What are you taking about? Apple never used proprietary firmware (before EFI, they used OpenFirmware which is an IEEE Standard). And they were the first big vendor to support EFI.
Furthermore they have no interest in looking out other OSes (E.g. Mklinux was sponsered by Apple). Why should they?
Blinded by Apple hate?
Again, if I remember correctly, the implementation of EFI which you find on Macs does not follow the spec well, and standard-compliant EFI OSs must be heavily patched and riddled with specific workarounds to work well on Macs. For me, this qualifies as a proprietary firmware.
If I created a dvd drive which only works with square DVDs, and my company was the only one selling these drives, would you call that a standard DVD drive, or a proprietary drive ?
I don’t believe that Apple would have a strong interest in preventing installation of other OSs on Macs right now, they don’t have a strong interest in helping it either for that matter. However I do believe that the company has a strong interest in making installation of Mac OS X impossible on cheap standards-compliant PCs. And that nonstandard firmwares are a way to achieve that goal. So when I read on Linux development mailing lists that the implementation of EFI which you find on Macs is requires patching to deal with, I have a hard time believing that this is accidental.
Edited 2011-09-27 16:19 UTC
Pure speculation driven by blind Apple hate.
(you shouldn’t mix up the firm grip that Apple tries to get in the media / phone / tablet area with their politics in the Mac business – the same goes for MS: they behave completely different in markets where they have to fight uphill e. g. look at their HW business practices vs. their server software business behavior)
MysterMask,
“Pure speculation driven by blind Apple hate.”
Not likely. According to this link, there were already more than a million EFI systems on the market prior to Apple’s x86 switch in 2006.
http://www.intel.com/technology/framework/overview1.htm
“The first example of a complete end-user PC that was sold by a major OEM incorporating the framework was released in the second half of 2003. During 2005, more than one million systems shipped with the framework.”
It is well known that apple’s x86 macos refuses to run on non-apple PC hardware. I really do not know exactly why, however the fact that Psystar sold a “Rebel EFI” implementation designed to run MacOS on standard PCs is pretty compelling evidence that, somehow, MacOS depends on a proprietary EFI implementation.
http://techcrunch.com/2009/10/22/psystars-rebel-efi-allows-you-to-i…
Edited 2011-09-28 09:29 UTC
You mix things up. We were taking about the HW limiting the OS, not about an OS that is limited to specific HW.
Furthermore, part of “EFI” is the “E” for extensibel. Of course the are specific Apple add-ons only availabel on Macs e. g. Target Disk Mode, the ability to ad-hoc boot from a different device, Target Display Mode, etc.. That still doesn’t mean that Apple’s HW engineers somehow try to create an incompatible EFI implementation. This is pure and blind speculation from your side.
If they wanted to create a “walled garden HW”, they could have used OpenFirmware with x86, which is very uncommon in the x86 world. It’s in Apple’s own interest to be compatible with standard x86 HW which includes EFI compatibility
MysterMask,
“You mix things up. We were taking about the HW limiting the OS, not about an OS that is limited to specific HW.”
Sorry, I didn’t read it that way, but you may be right that their EFI works with other OSes (I wouldn’t know).
“That still doesn’t mean that Apple’s HW engineers somehow try to create an incompatible EFI implementation. This is pure and blind speculation from your side.”
Hold on a second, I said MacOS was designed to require a proprietary EFI implementation, which may not have been what you were talking about, however it’s not wrong. If I am wrong, then you have to come to gripes with the fact that MacOS is extremely buggy since it did not (still does not) run on standard EFI motherboards.
The fact that MacOS sued vendors of EFI implementations which were compatible with MacOS is damning evidence that the MacOS incompatibilities with standard EFI systems were deliberate.
You’re right that it’s a big affirmation that’s a bit hard to believe without sources, so I’ve tried to find my original source back. Although I haven’t, I have found something else which qualifies pretty well as a proof that Mac firmwares do not follow standard EFI specs.
https://help.ubuntu.com/community/UEFIBooting
https://wiki.archlinux.org/index.php/UEFI
These are howtos which explain how to install two popular Linux distros on (U)EFI systems. Notice the presence of Mac-specific instructions and information. The reason for their presence is clearly stated : Apple uses a nonstandard mix of EFI 1.x and UEFI 2.x, which cannot work with standard EFI code and requires specific workarounds.
I don’t think I confuse both. On iOS, Apple attempts to squeeze money off every single financial transaction, and even freeware development. On the Mac platform, they currently only want to sell expensive and high-profit margin hardware to people who don’t need necessarily need it. The introduction of an iOS-ish paying developer agreement and App Store system for OS X make it sound like they might want to introduce iOS-like full financial control in the future, but that’s not the way it is now.
I do not blindly hate Apple, their engineers can do some wonders (for me, examples would include Exposé, application bundles, and Lion’s Auto Save/Versions), but you must admit that the way they can treat their user base in the name of profit is quite irritating.
Edited 2011-09-28 17:36 UTC
Well first of all Apple sells both the hardware and the software, MS not.
MS produces the OS and force the hardware manufacturer to lock their products in order to be compliant with windows 8.
Also EFI on mac doesn’t prevent you to install windows or linux
Macs don’t require the use secure boot, do they? They prevent the OS from booting on non Apple hardware, but that’s different: its limiting the use of their software. Microsoft limits the use of the hardware that works with their software. I think Microsoft’s is much worse. Software is usually cheaper than hardware.
Selling a device that allows other people to decide what you do with your hardware. Not very original, we’ve seen this before. The PC platform loses a lot of its freedom should this move not be countered by legislative powers. I live in the EU and certainly hope that secure boot – with its announced weaknesses (sadly some people actually refer to these as “features” (and get away with it) ) – will be “banned”.
The guys at coreboot.org certainly saw this coming though. Might be an idea to put this “army of hackers” – that Tsuroerusu referred to – on designing / improving a BSD/GPL licensed EFI that is vastly superior (the BIOS powers of old aren’t that well known for their interfaces / features etc.) to this closed, mysterious and frightening code that will be running on a lot of machines.
BTW: I would love to encounter an error message whilst installing Linux/FreeBSD on a piece of new hardware, calling the supplier and telling him his server is broken
. Ofc, professional server manufacturers would want their devices to be “safe” as well, wouldn’t they 
?
The problem isn’t features – we at coreboot.org could crank out them by the week. The main issue is hardware support, and in particular with Intel and nVidia hardware, things look bleak.
As for EFI: http://www.tianocore.org – we could really use someone who’s willing to make this a coreboot payload.
Even more fun: Manage to install Linux with your own keys, then complain with Microsoft support that Windows 8 doesn’t install 🙂
Professional server manufacturers want to sell to the largest amount of customers and MS is not a dominant force in the server space.
the system fights you. fight back
Another overblown topic. Except maybe for tablets, I predict most motherboard makers will have an option to turn the security feature off. I can run DOS on current i7 PCs. Backwards compatibility is important in the PC space.
A better topic would have been about WinRT and where is DotNet/Silverlight heading?
Yes, you can run DOS, but how many users would actually want to? Large OEMs are far more concerned with having their machines blessed by Microsoft than with losing a few hundred customers who want to use DOS. They’re selling their machines as Windows machines to people who equate Windows with computers, and anything they can do to help them be perceived as more reliable or resilient to malware to 99% of their customers will be done.
What are we going to do?
We could start buying boards that are Coreboot compatible, and then move on to demanding, and buying, open hardware.
You know, the same thing we do for alt OS advocacy.
Good plan. Tell you what, you get started on that and the other 99.9% of consumers will continue buying the cheapest PCs in a box, will continue taking them back to the store when they get a virus and a small percentage will try an Ubuntu Live CD, assume it’s broken when it won’t boot, write an angry rant on UF and go back to using Win8 on their Win8-only machine.
OMG, you just wrecked my little world! It’s all crumbling down around me! Everything’s been a lie!
HaHaHaHaHa! Not really.
Oh, quit being a downer. Of course that’s what’s going to happen. People don’t actually care about technology, they don’t care about alternative Operating Systems, and they don’t care that McDonald’s food is awful. Even, I like McDonald’s Chicken Nuggets, so I understand the appeal of middle of the road, no hassles options.
I care about being able to use my hardware the way I want to, and you should too, you’re posting (probably trolling really) on a website dedicated alternative Operating Systems after all.
It’s people that say something can’t happen that keep things from happening. I’m not talking about unicorns and Leprechauns; I’m talking about real progress in public opinion and policies. We like to sit on our ass and complain and hope some one takes pity on us and dumps everything we want in our laps, but that’s not how things work. We have to advocate on our own behalf, and we have to create out own opportunities while supporting those that those that support us in order to have the future we want. We can make the world a better place. We just have to, you know, start.
In conclusion, whatever, FO! I’ve had enough moping about. I’m going to influence my little sphere and enjoy myself while hopefully influencing others in the process.
If you don’t have any better ideas besides “take it in the shorts and be mad about” (I have to assume you would have mentioned any great ideas you had in your post for the sake of rhetoric and conversation, I could be wrong about that.), why bother posting?
Have a great day and don’t die.
I have to warn you that I don’t respond well to motivational speeches. BRB, murdering kittens.
Where’s VMWare in this discussion? Seems like they’re in the same boat as RedHat.
Indeed they are. No one has yet realised what this means for virtualisation platforms that Microsoft doesn’t like.
Matthew Garrett, Red Hat:
“If Microsoft were serious about giving the end user control, they’d be mandating that systems ship without any keys installed.”
Please come back to earth Garrett! It’s a safety feature, the whole point is that it’s on by default. PCs aren’t about ‘giving the end user control’, they are about creating an efficient, beautiful, and secure computing experience. Linux guys will never understand 99% of the user population (after 20 years I’m sure of this). Hence the 1% market share on the desktop.
I love the new innovative and assertive Microsoft. MS has a serious fight on their hands (not with Linux, of course). Anyone who doesn’t get this deserves to be steamrolled into the ground.
Go Microsoft!
You do realize that not only are your numbers off, but also your entire point.
The PC took off for the very reason that it was easily modifiable. Security has never been a concern. All a manufacturer who doesn’t include the ability to shut off the “secure boot” option does is shoot themselves in the foot.
At first, the PC wasn’t free at all, IBM owned the the original BIOS, and you couldn’t build an open PC without it. Compaq reverse engineered the BIOS, and IBM took them to court and lost.
If IBM had of won, the PC market as it exists now wouldn’t have existed at all.
Hmmm, my desktop OS is Ubuntu and I choose not to live in a “walled garden” with Windows 8 or OS X. I expect my hardware to allow me to make that choice without needing permission from Microsoft. It’s my hardware and I expect to be able to use it as I see fit.
Yeah, I also do not believe in intrusive government either. Freedom is a beautiful thing. It is a shame that Microsoft doesn’t agree.
Does UEFI secure boot do this? How?
What *exactly* is the benefit of this technology, other than the obvious one for Microsoft?
The benefit is that when Windows is inevitably compromised by a piece of malware, the malware can’t write itself to the boot sector.
Icaria,
“The benefit is that when Windows is inevitably compromised by a piece of malware, the malware can’t write itself to the boot sector.”
Not to poke fun at you, I think we’re on the same page, but this type of attack is so last century it’s barely even relevant to today’s malware industry. What would a cracker, who has successfully compromised the machine, want to do with a user’s boot sector?
I believe the actual secret goal is to pre-emptively strike against windows-8 mods/jailbreakers deliberately installed by owners to bypass the walled garden microsoft intends to sell to customers.
Install the malware to it, bootstrapping Windows, permitting very low-level access and making it extra difficult to detect and remove. Some malware already does this.
http://threatpost.com/en_us/blogs/symantec-boot-sector-malware-vogu…
http://en.wikipedia.org/wiki/Rootkit#Bootkits
That said, it’s not a major problem and I have no doubt it’s partially a convenient excuse for MS to wrest more control over the systems running their software.
Edited 2011-09-24 08:27 UTC
Icaria,
“Install the malware to it, bootstrapping Windows, permitting very low-level access and making it extra difficult to detect and remove. Some malware already does this.”
Oh I get that, but since doing this implies root access, the system is already compromised by this point. Nothing on the system can be trusted without a deep scan of some sort which may as well include the bootloader. Whatever mechanism the malware used to load itself the first time round will work again on the next boot too.
I’ve already seen mainboards which lock down the bootloaders. Now I’m not sure how they determine which sectors to lock out, but something like that seems like a much simpler & effective way to protect the bootloader against tampering in an OS agnostic way.
Using PKI to solve this problem is overkill. Hard coding keys which do not belong to the owner in all systems is just evil.
Who cares if it can write itself in another critical system service ?
OK, you do realize that once the OS is compromised, nothing stops the malware from deactivating the signature check mechanism and installing a key logger as a signed update or even throw in a modified kernel image while they are at it, right? Once a software gains “root/admin” *user* access to the system, this is end game for *any* security mechanism. (Even SELinux in strict mode can be circumvented given sufficiently determined attacker).
*Even* if Microsoft goes the extra mile (and they are most likely thinking about it) and disable installation of legacy applications and/or any applications that are not downloaded from MS Market – this still will be useless against OS vulnerabilities.
Walled garden, nothing more, nothing less.
– Gilboa
Edited 2011-09-24 20:26 UTC
Well that’s not actually accurate. This isn’t like BIOS, where you can run a desktop application in Windows to update your BIOS image. Windows, regardless of the runlevel, has no direct access to the UEFI image.
I’m not sure I see the connection.
You claimed that having secure boot *improves* the security of the OS, I (easily) disproved it by pointing the having secure drivers and boot sector is *completely* irrelevant once the OS itself is compromised – either by abusing an OS exploit or by (ab)using end-user stupidity.
In the long term secure boot can and will only be used to create a walled garden around the Windows eco-system; nothing more, nothing less.
– Gilboa
Look, you seem to be under at least a couple of misapprehensions.
– The firmware will only boot code that has been signed using the right keys.
– The private signing keys have (theoretically) not been compromised.
– Unless the malware has those keys, there is simply no way for the malware to write anything to the boot sector that UEFI will boot.
– The malware also cannot write over UEFI, itself (theoretically).
There is merit to the security argument. Of course, to even get to the security argument, you have to grant that Windows is going to be compromised and that a substantial amount of malware is going to target the boot sector.
Also, you’re contradicting yourself: either the tech is sufficient to create a walled garden (ie. it’s secure), or it’s not. If it’s not secure, then people can get past the signing mechanisms in exactly the same way that you propose that malware could.
Edited 2011-09-25 09:07 UTC
OK.
For the 15’th time, I not claiming that it’s impossible to secure the boot environment – I am saying that securing the boot environment has zero, 0, NULL effect on the security of the system as it cannot prevent a *OS* or *USER* level vulnerability (or plain stupidity) from compromising the OS and/or the user file.
How could I possibly make my point clearer?
– Gilboa
You started out saying:
Which is what I addressed.
Perhaps by not changing your ‘point’ once it proves fallacious? I’ve been perfectly civil and patient with you throughout this exchange, so I feel justified when I say don’t be a douchebag.
Oh boy….
Edited 2011-09-26 10:26 UTC
Thanks for the reply!
Is this really a big risk these days? Seems more like a DOS-era attack.
Does it actually prevent a write to the boot sector, or it just the case that the boot sector must be “signed” and therefore unauthorised boot sector code cannot be executed? (Got a link is really what I’m asking.)
The latter and no.
I think you’re missing the point. I’m sure most OSNews users are fine with UEFI — it’s a great feature. However, it’s only a feature if it can be turned off. Think of it like this: Cake is great. I love cake. Sometimes I want to eat cake, and sometimes I want to eat things that aren’t cake. If someone gives me cake, I’ll probably enjoy it. If someone gives me cake and then stops me from eating anything else ever, I’d be pretty upset. And in poor health.
noamsmi,
“I think you’re missing the point. I’m sure most OSNews users are fine with UEFI — it’s a great feature. However, it’s only a feature if it can be turned off.”
Well, there are three issues that I’ve picked up on so far. In order of significance, they are:
1. Turn the flag off to boot alternative OS at all.
2. The ability to dual boot linux and windows without reconfiguring the bios each time.
3. The ability to actually use the feature under linux instead of merely disabling it.
Even if secure boot can be disabled, linux users still have legitimate concerns about the other two unnecessary restrictions built into the computer.
They say Linux has a very small part of the market, yet in the next breath, they say they can’t really tell how many people are running Linux, because nobody is keeping count. I simply refuse to believe Microsoft has that much of the market place. But they do like to toot their own horn. I’ve been Microsoft free for quite a few years. I’ve not even seen Windows 7, and frankly, I really don’t want to mess with it. For me, Microsoft represents buggy software that breaks. That’s why I switched and never looked back. And by the way, I’m an end user, not a developer. Hell, I don’t even work in IT, I’m a Correctional Officer.
“I simply refuse to believe Microsoft has that much of the market place”
WTF? Really? What colour is the sky in your world?
You say Windows (or how you retards like to call it, Windblows) is riddled with bugs and it breaks. But you haven’t used Windows, you said it yourself. So you believe in some outdated FUD spread my linux zealots?
Oh please, idiot.
Edited 2011-09-25 01:32 UTC
You might not work in IT, but you’re the kind of person who hangs out on IT sites. Not exactly representative of the less technically-inclined elements of the population…
I wonder if there is an anti-trust spin on this.
I think MS only had governments on their tail for the browser thing because the internet was poorly understood, and regulators were paranoid that MS could be destroying some massive burgeoning business. In hindsight that wasn’t really the case, but. I wonder if this new security system can be construed as destroying new operating systems.
Probably not. It would be a bit hypocritical for governments to come down on Microsoft for this, while at the same time giving tablet and smartphone vendors a free pass. It’s not like MS has a monopoly on the desktop either, when you consider that it competes with OSX, as well as smartphones and tablets these days.
As for this whole secure boot thing, it’ll go down just like it does on Android – 1-2% of the userbase is going to complain bitterly and will eventually figure out a way to ‘root’ their PCs (or just buy one unlocked), while the other 98% of the population won’t give a shit. I’m not saying this is a good thing, but that’s just the way it’s going to be. My parents are not going to give a rat’s ass that Windows is the only OS they can install, if that’s all they intended to install anyway.
WorknMan,
“It’s not like MS has a monopoly on the desktop either, when you consider that it competes with OSX, as well as smartphones and tablets these days.”
Semantically, it depends on the definition you choose to use for monopoly. While there’s no market share breakdown which is universally agreed upon, individual markets do define what it means to legally be a monopoly.
In the UK, I’ve read that’s it is a 25% market share. In the US 50% qualifies as a monopoly. A “pure monopoly” would be 100%, but I’m not really sure whether any company in modern history has ever had 100% market share. It terms of what matters here, microsoft is monopoly which can be subjected to anti-trust law.
“will eventually figure out a way to ‘root’ their PCs (or just buy one unlocked)”
This is presumptuous. I believe the bios has always been more secure than the OS, even if only because it’s much less complex. It’s not like users can run software within the bios to exploit a privilege escalation attack. The bios is a few dozen menus with static options, how likely is it that pounding on any of the computers’s external IO ports will manage to jailbreak the bios?
Even if we can, we’d have to reflash the bios for the hack to be persistent. This is possible but every single motherboard would need a custom hack in order remain jailbroken. Also, there’s a serious risk of bricking the motherboard this way.
“98% of the population won’t give a shit. I’m not saying this is a good thing, but that’s just the way it’s going to be.”
I think people do mind anti-features like DRM, vendor lock in, and application restricts, but they just not informed about these things until it bites them. An iphone user once asked me if I could write him a simple app, and wasn’t even aware that his device was forcefully locked to the apple store, and that he or I would have to enroll as a commercial apple developer before we could write software for his iphone. Strangely enough, even though he owned the iphone, he never knew that he was tethered to apple without hacking into his phone.
But I think your conclusion is fair, people will buy into microsoft locked devices just as they bought into apple locked ones. For us, that means we can no longer buy any random new/used computer and expect it to run under linux anymore. And we may no longer be able to recover windows machines with knoppix rescue disks and the like.
Edited 2011-09-24 05:08 UTC
Right, which is why I said they’ll either find a way to unlock it, OR just buy a motherboard that’s already unlocked. Since there are mobos that are friendly to overclockers (who are definitely a niche group), I have no doubt that there will be manufacturers selling unlocked boards as well.
As for the mainstream, it’s pretty much all over. As you said, they would only care about these restrictions if it happens to bite them, but for the majority of the population, it’s not going to. So if things go as projected, we’re just gonna have to choose our PCs/laptops carefully, because there probably are not enough enthusiasts out there to make a big enough stink about this for most major PC vendors to care.
Edited 2011-09-24 17:58 UTC
By the time your dire predictions come true, we’ll be talking about android laptops sitting next to windows laptops in stores. ARM android, ARM windows.
At that point, there will be a viable alternative operating system to Windows. Sold in stores, next to Windows. Using the same hardware. And the question will be: Can you change the operating system on your computer?
I’m curious to see how this effects the corporate environment where they often like to make a wholesale shift from say Win7 to Win8. Basically, buying win 8 hardware they won’t be able to load Win 7 on. Going to make migration and desktop management even more of a nightmare than it currently is with Windows. So glad I work in the server/network environment and don’t need to bother with this any more. I actually like to see MS make themselves more and more of a pain to use. Eventually people should reach a point of frustration where they throw up their hands and say enough. I really hope the hardware vendors dive all in and choke on this colossally bad idea. Let the support costs / returns explode for Win8 certified hardware and see if the OEMs are willing to choke down the MS garbage next time.
When the users and IT depts finally have had enough and throw up their hands we’ll get more variety in the desktop market. Vista was a godsend for Apple and Linux on the desktop, this could just be part two of that saga.
Surely the only real option is through the legal route with anti-competitive behaviour? But you’d have to address the proposal BEFORE it’s implemented, or otherwise they’ll just enjoy their time reaping havoc and you need only a few months to cause serious damage.
UEFI has Microsoft’s blessings, so it is going to happen.
There are also many reasons to implement secure boot, ranging from the legitimate (security is a very real concern on modern computers) to the illegitimate (anything proposed by the marketing department).
I’m also fairly certain that bitching about it ain’t going to make it go away. But maybe we can propose coherent solutions that will allow our voice to be heard.
While I don’t know the answers, here are two suggestions on my end:
Create a registry of devices where secure boot can be disabled and where there aren’t restrictions on modifying the hardware. It won’t force companies to introduce open hardware, but a few companies will produce open hardware to serve particular segments of the market. (This isn’t exactly as complex as supporting Linux after all, since they’re only providing an option to disable a feature.)
Maybe an independent bootloader could be implemented, one where the maintainers have a set of keys that hardware vendors are willing to distribute with their devices. They may have to play by the vendors rules while developing the bootloader, but that shouldn’t be a problem as long as the OS developers don’t have to play by the vendors rules.
So what is your proposed, and preferably non-confrontational, solution.
But bitching about it just might make it go away. In the 90s, Intel tried to implement a processor id, and the tech world went nuts, and they were forced to make it optional.
Just recently, Apple wrote a new version of Final Cut Pro, and it was (by all accounts, I don’t use it, I don’t do video) crippled compared to previous versions. It’s users were very vocal, and now Apple is quietly selling the old version again, and are putting out updates to address some of the issues.
The squeaky wheel gets the grease, ya know.
worst of which is that Red Hat has received confirmation from hardware vendors that some of them will not allow you to disable secure boot.
Where was this taken from? I didn’t see that in the linked blog post or in the other related ones.
From what i gathered, this is fairly blatant anti-competitive behavior. I see no real reason for it, apart from locking people’s PC’s into Windows 8. The PC world lacks enough competition as it is, without OEM’s locking out the ability to install alternative OS’s.
Frankly, although my views on Apple have been mixed in the past, i’m glad i’ve got a MacBook.
I posted this to the European Commission for Competition (http://ec.europa.eu/competition/consumers). I still wait for some kind to response or registration ID to follow up on later.
BR
Erik
Sir or Madam,
I have followed the discussion on the Internet regarding new requirements from Microsoft that PC vendors are obliged to use UEFI secure boot to label PD hardware with the Windows logo. The problem is best describe in reference [1] bellow; PC vendors is obliged to have UEFI but not obliged to be able to disable it if users need to, nor are there a central database of certificates where different software vendors can register certificates.
I am concerned that Microsoft and PC vendors effectively restrict the competition in choice of operating system by using this mechanism.
Analysing the situation is seems clear to me and the parts of the open source community that this will effectively disable the ability of using operating systems other than Windows 8 on the device. From my perspective it seems like Microsoft are using their dominant position to enforce the PC vendors to lock user to Microsoft operating systems and software thus disable owners to have a different opinion of the software on their purchased hardware device.
Similar mechanisms has been used for along time and with great success by some mobile phone vendors to secure that the telephone software is the original software from the original vendor. This is an indication of how well the mechanism works and how well it hinders competitive software to be loaded on the device unless new certificates can be added or the mechanism can be disabled.
I propose that this problem is analysed and that measures are taken to ensure that PC hardware sold in EU are open to run any feasible operating system by owners choice, preferable using the same secure mechanism.
Mind that Android, MeeGo, or Apple OS X would not exist if the PC users had been enforced to use only operating systems from Microsoft. All of them relies on operating systems (GNU/Linux and BSD) developed outside the control of Microsoft. This depicts the the benefit of competition on the operating system level, and the price of locking computer to only one commercial operating system vendor.
References:
[1] http://www.osnews.com/story/25185/Microsoft_Responds_to_Secure_Boot…
[2] http://blogs.msdn.com/b/b8/archive/2011/09/22/protecting-the-pre-os…
[3] http://mjg59.dreamwidth.org/5850.html
Where is the page where to complain to:
http://ec.europa.eu/competition/consumers/contacts_en.html
Let’s just send similar emails to them.
http://ec.europa.eu/competition/consumers/contacts_en.html
Under “1. What can I do if I suspect that a business practice restricts competition?” and step 2a is recommended you to send email to:
[email protected]
to inform the Commission that there is a possible threat to a competitive market.
So lets see if there is some power in the EC
BR
Erik
Thank you Paddlaren, this is exactly what I was looking for, I will also be writing to them. Only way to stop anti-competitive measures like this is to raise it to European / US Parliaments/courts so that they can intervene and stop this.
Thom really just a golf clap for Microsoft, if this was Apple implementing something like this I wonder what your reaction would be…
“I’m not really sure what we can do at this point to prevent this from getting really bad…”
cracking the bios for hardware you have legitimately bought which should work with any os is not the answer, whether you are a Linux / Mac or Windows fan, something like this just shouldn’t be allowed its as simple as that. Can you imagine the difficulty any person would have running Linux ? The complexity this would cause for any other os to legitimately run is just absurd never mind the fact that you would have to void your warranty to run another os.
A pc does not equal Windows, contrary to Microsoft’s advertising campaigns. This has nothing to do with the incompetence of OEM manufacturers and everything to do with Microsoft once again exploiting their monopoly position.
They’ll let you turn it off, or they won’t sell MBs. I think most computer OEMs will go the same way, it is too easy to put the switch in, and in the end, OEMs will just say what they always say, “oh, that configuration isn’t supported”
That you won’t be able to know what capabilities with regard to turning off secure boot or installing keys a laptop you are considering buying has. The OEM won’t post the information on their web site and the sales drone on the other end of the phone is always totally clueless about just about anything.
kristoph,
You are sadly missing the point. Microsoft is not doing this to make the system more secure. That technology already exists. Modern motherboards have two features which renders secure booting unnecessary. The first is a feature to watch the MBR for changes. This tells you if the MBR has been tampered with by a virus. The second is dual bioses. One bios is hardware based and unchangeable. This allows the system to recover from malicious activity or a bad flash of the second bios.
While I am sure that their will be OEMs who give you the option to turn it off, this is something that will be a pain in the butt for dual booting. In the end anyone wanting to boot off a live cd or anything else will have to disable it. At that point the option becomes useless. Microsoft could and should have had the foresight to work with other OS makers to design a secure system that is user controlled.
One question I have is: What will be the ramifications of running a Windows 8 system with out having the secure boot enabled? Will it even boot? Will there be things disabled?
Edited 2011-09-24 17:48 UTC
It’s not just about the BIOS being protected, but the chain of code between the BIOS and OS (e.g., preventing the boot loader from being replaced so the BIOS doesn’t hand off to malware that inserts itself below the OS).
Windows 8 still supports BIOS-based systems and non-Secure Boot UEFI systems. The OS will boot normally. You simply lose the added security.
First the ruin Windows for Desktop users. Now this. Just when we thought Apple was replacing MS as the evil empire. Can we call this chapter “The Empire Strikes Back”?
How much Windows software will this break. There is a lot of software that actually writes to the MBR for different reasons. Also, what happens when a virus corrupts your key registry? You wont be able to boot and if you can’t boot, will you be able to update the registry with new keys?
http://blogs.msdn.com/cfs-file.ashx/__key/communityserver-blogs-com…
There is the damn option to disable it.
I dunno how much more black and white you guys need it.
If a manufacturer locks this down … just don’t buy from them.
BTW I have owned Laptops and Computers from Dell, HP, Acer, Asus, Apple and none of these have ever locked down the BIOS down.
Edited 2011-09-24 19:19 UTC
I suggest you actually READ the article before jumping to Microsoft’s defence once again, because your post seems to indicate you did nothing even remotely resembling “reading”.
I read the blog post and you article which rallies the Linux crowd.
May I remind you I actually use OpenBSD … and I buy my OpenBSD CDs.
As another has already said on this forum … Motherboard manufacturers for OEM systems won’t be as foolish as to do this.
I don’t rally to Microsoft’s defence …
I was a Linux System Admin for 2 years.
I buy OpenBSD CDs to donate to the project.
I use an Android Phone.
I use Fedora 15 for my media box.
I use Windows 7 on My girlfriends laptop and my own desktop.
What I am fed up with … is the constant Microsoft Bashing which is like the Zerg rush on every Website that is tech orientated.
I am a pragmatist and I use whatever works. Though I was initially worried about the announcement I waited patiently to actually know WTF was going on before getting upset.
If Microsoft do indeed threaten OEMs to remove the “disable Secure boot” option … there will be in another anti trust case.
If OEMs stop you from disabling it … then don’t buy that hardware.
At the end of the day we are a fringe case and we are far more tech savvy than most … I always check my OS compatibility when shopping for hardware … and I use an OS that is far less popular than Linux (OpenBSD)
Edited 2011-09-24 21:00 UTC
I’m sure there were completely naive people like you who said that Microsoft is just one OS company. They could never keep OSM’s from using all other OS options. Right? Except that Microsoft did exactly that. And it took about 20 years before that started to change a bit. Still its almost impossible to find a PC without Windows in any store. Windows should be an option, not a must buy. Wake up and read history. Those who forget it are doomed to repeat it.
Bingo.
Don’t buy from those manufacturers then.
You guys have never worked with IT vendors that are REALLY shitty, I have.
Let me tell you that, I work with a system that has been deliberately locked down so it makes it difficult for developers to do any work on it and now another which isn’t fit for purpose.
Microsoft at their worst are still much nicer to work with than these IT companies … but the hate is always
directed at Microsoft because they are big.
I don’t buy Laptops which I know I can’t fiddle with the BIOS.
Simple.
Edited 2011-09-25 08:21 UTC
lucas_maximus,
“If OEMs stop you from disabling it … then don’t buy that hardware. … I always check my OS compatibility when shopping for hardware … and I use an OS that is far less popular than Linux (OpenBSD)”
You are only addressing one issue, that of disabling the secure boot feature. But will windows run unrestricted when secure boot is disabled? Or will owners be punished for having Linux/BSD installed?
If you know the answer to these questions, the please provide the source because I really do want to know.
Edit: Will users need to disable secure boot just to run knoppix? It sounds like the answer is yes. It will discourage people from using the linux live CDs in the back of some magazines, assuming publishers will even bother distributing them any more.
Edited 2011-09-24 21:51 UTC
They have already said that it will work with “less features” … which basically means the Software part of Secure boot.
Interesting how you didn’t quote the Microsoft blog’s statement:
“OEMs are free to choose how to enable this [Secure Boot] support…”
In other words, Microsoft are letting the OEMs decide whether to include a “disable secure boot” in the UEFI BIOS. It’s a bit surprising that the UEFI standard didn’t actually insist that the user should always be able to disable secure boot (I don’t care if it’s enabled by default, but I do care if it can’t be disabled).
If Microsoft will indeed insist that the secure boot can’t be disabled for OEMs to qualify for the Windows 8 certification logo, then *all* OEMs will do so and those machines won’t be able use any other OS than Windows 8 or later. You can be guaranteed that OEMs won’t advertise the fact that you can only run Windows 8 or later on their latest kit either, since that’s surely a negative selling point?
As people have said, this will potentially impact Windows users too – no XP, Vista or Windows 7 on those new machines and bang goes third-party rescue CDs (you’ll be forced to use MS’es signed rescue disks and no others).
There are surely anti-trust issues if Microsoft effectively force OEMs to only allow Windows to be installed on machines, even after the end-user has bought the machine and taken it home? It’s a clear monopoly abuse because although MS might claim OEMs had a clear choice, the logo certification program insisting on secure boot not being able to be disabled is a major influence in the OEMs decision.
So don’t buy from those OEM that do. Simple.
Which is why they will leave in the option
When Dell decided to sell laptop with Ubuntu preinstalled had to quickly bactrack. Eventually they decided to offer only a small number of overpriced and unappealing laptops. Was there Microsoft behind this decision?
I can’t prove it, but the number of PCs with Linux preinstalled on the market is so small to sound an alarm bell. How many devices will we find on the market that are not locked ? It’s not so simple as you put it.
They can blame the OEMs and pressure them behind the doors. Did you forget the past anti-trust cases?
And some manufacturers have already stated that the option to disable will not be present. Many OEM’s even now with just a regular BIOS do not allow users to change all the features that are present. Dell is pretty good, but that doesn’t mean the option will always be there. Also, if Microsoft can mandate that OEMs include this functionality, what is to stop Microsoft from later mandating that the disable option be removed?
Case in point, I have a 1U server that has procs that include VT-x. The motherboard has a chipset that supports VT-x. The OEM set the BIOS to permanently disable hardware virtualization. Why? Because they could I guess? Because it was sold at a price point that they didn’t want hurting sales of more robust expensive servers?
Who has said the option to disable won’t be present?
A renowned and respected Linux and Red Hat developer? It’s right there in the article.
If I have to pick who to trust more, you, Microsoft, or Garrett… Well, sorry, but that’s a very easy choice.
And both of them work for companies that regularly compete against one another.
So tbh I don’t trust either of them.
However a screenshot of something that looks like BIOS/UEFI whatever it is (at the end of the day I am going to be pressing F12 after Computer POST) … Is more convincing.
A single screenshot, at this point in time, is enough to convince you NO OTHER OEM will disable this option EVAR AND EVAR?
It’s clear you have little experience dealing with the BIOS implementations of OEMs. They are regularly crippled, features removed for no reason, unpatched, and sometimes even flat-out broken. All this does it make it harder to install anything other than Windows 8, since you can bet your sweet ass no OEM will post information about this on their website, forcing you to DuckDuckGo for hours on end through conflicting information, and having to deal with different revisions of the same machines, and so on, and so forth.
It is better than conjecture … which is all your article is. As I said I am a little worried … but I am not writing rants about it.
I have actually worked as a Second Line Support, First Line Support, General Fix it monkey at a PC repair shop … and I went to university to learn how to write software.
So don’t tell me about Hardware BIOS implementations.
Shitty manufacturers will have shitty BIOSes that are locked down … it up to the OEM as to whether they are shitty … end of.
As I said in another post we are an edge cases … and tbh in every other industry the community (for example me … Bicycles) will fill in for the lack of diversity if it ever becomes a problem.
Edited 2011-09-24 21:35 UTC
Like this hasn’t been the case forever?
If you are running unusual Operating Systems and Configurations .. you are going to expect to have to “FUCK AROUND” …
TBH finding that option in a Firmware menu … is it really that much more difficult than telling your PC to boot from USB stick/CDROM instead of Primary Hardrive?
You forgot one key word. A very simple one. It is
YET
That argument is stupid …
e.g.
I have YET to do a commit a massacre … therefore I might because I haven’t yet ???
Most of these decisions are due to the corp policy.
Edited 2011-09-24 21:49 UTC
lucas_maximus,
“That argument is stupid … ”
Frankly, I was thinking the same thing as shotsman before he said it.
“I have YET to do a commit a massacre … therefore I might because I haven’t yet ???”
This is a new feature which is designed to shut down unsigned software, that’s the whole purpose of it’s existence. Why do you think it will obviously be optional on OEM systems that are “designed for windows 8”?
If you were in charge of how this feature was implemented, would you hardcode exclusively microsoft/OEM keys into the firmware, or would you allow the end user to control their own keys?
Edited 2011-09-24 22:09 UTC
The option is quite clearly highlighted that you can disable.
As with Companies locking down the BIOS … there will be those companies that do this to UEFI as well .. and those that don’t.
I fail to see how this is any different whether it is UEFI or BIOS … the same situation exists to some extent now.
It is upto the consumer to do their research before hand … like in every other industry. If you want the best deal you gotta do your research.
Edited 2011-09-24 22:42 UTC
Not to a very wide extend. Right now, if you buy a laptop/desktop PC and put in your own boot CD or USB stick, you can pretty much count on your computer to be able to boot from it. The OEM might cripple your ability to overclock or tweak advanced settings, but at least you can boot from any attached boot device.
This secure boot “feature” is designed to blow away that behavior, and allowing the user to disable or control this “feature” has been labeled “optional”.
lucas_maximus,
I’m not sure how your post relates to the questions in my post which you responded to?
***Hypothetically*** speaking, would you have a problem if 100% “designed for windows” OEM PCs were locked to microsoft?
If 100% makes you uncomfortable, then what hypothetical percentage would you be comfortable with? Isn’t the scale of damage to the linux community proportional to the ubiquity of MS locked machines (whoever is responsible)?
Edit: I’d like to ask this again: if you were designing secure boot, would you hard code OEM/microsoft keys into it? Or would the owner have control over who’s signatures to trust?
Edited 2011-09-25 01:02 UTC
As I said … there will be shitty manufacturers that would give you this option … where they don’t care about their customers … and there will be those that do.
That is my answer to your question.
lucas_maximus,
“As I said … there will be shitty manufacturers that would give you this option … where they don’t care about their customers … and there will be those that do. That is my answer to your question.”
No, you didn’t answer my questions.
I get the impression that you don’t care that secure boot has the potential to harm linux adoption. If that is your opinion, then ok, you are part of the majority of people who may very well remain unaffected by this change. It is true that linux users are a fraction of the market.
However, you cannot reasonably dismiss the concerns of hardcoding MS keys into the bios on behalf of those of us who are regular linux users at home. We are the ones affected by this change, even if you are not. We don’t want artificially restricted hardware, new or used, that prevents us from running our OS of choice. The vast majority of us started by running linux on a previously windows machine. Microsoft still hasn’t addressed whether dual booting will be possible. It isn’t at all unreasonable for us to object when our interests are at stake, even though yours are not.
I’ll ask once again: If it were up to you to design an ideal secure boot feature, would you design secure boot by hardcoding exclusive MS/OEM keys into it? Or would you enable the owner to override those keys?
Seeing as you keep avoiding the question, I’ll take the liberty of answering it for you: It depends on who the feature is being designed to protect, microsoft or the owner.
I won’t comment on how to design such a system because I am not qualified to comment, and far brighter people than me have designed these systems.
lucas_maximus,
“I won’t comment on how to design such a system because I am not qualified to comment, and far brighter people than me have designed these systems.”
That’s fine. But I actually do have the expertise to design such systems*. I have both theoretical knowledge of and practical experience with implementing PKI. Furthermore, I have first hand experience developing bootloaders from scratch on the x86, and I know exactly what goes on there. This topic is right up my alley.
For the moment, take my word that a secure booting facility could have been implemented generically to protect from bootloader malware without hard-coding MS/OEM keys into it. Assuming I am correct, then would you agree that that the inclusion of hardcoded MS/OEM keys is suspicious of an ulterior motive?
Edit: * No insult is intended by this, it just happens to be my domain
Edited 2011-09-25 13:39 UTC
It occurs to me that a lot of people may not understand how PKI based bootloader security works. So here is a quick overview:
At a high level, each subsystem in the bootsequence is responsible for authenticating the next piece. When UEFI loads the bootloader, it will compute a cryptographic hash against it and verify that it matches the hash in the bootloader metadata. This metadata is signed by one of microsoft’s private signing keys. In order to maximize flexibility, these keys are themselves signed by one or more master keys (owned by MS/OEMs). It is these master keys which will be hard coded into the firmware.
So anyways, now the bootloader is verified to be microsoft’s to the satisfaction of the bios, and the bootloader itself needs to load the OS kernel. The bootloader has full control of the system by this point, it’s up to the bootloader to decide how to securely load the OS. The bootloader may implement it’s own verification, or it can call upon UEFI to do it. Assuming both are bug free, then neither approach is more secure than the other, however placing the verification in the bootloader provides a lot more flexibility in terms of what it can do.
Once the kernel is loaded, the same general ideas apply to loading drivers. As for user mode apps, the situation is different, in theory the secure kernel should be able to run untrusted applications without risk of compromising itself, assuming the cpu+OS+drivers don’t have any bugs.
I wonder what this’ll mean for those of us who like to self-build our machines. Granted we’re a small niche, but we must be a big enough one since we can easily buy the components needed. I wonder about this from both sides, will our self-builds not be able to run Windows 8? What happens when trying to run Windows 8 without secure boot? On the other hand, will most purchasable motherboards have the same lock-in as many of the cheap PCs will, and will I not be able to build myself an awesome Linux machine anymore? Maybe I’d better stock up on some components just in case things go south.
Our self-builds won’t be able to get Windows 8 logo certification. That’s it. No sane person would want it on their self-built rig anyway.
It’s the OEMs who seem to think that Windows sticker is the most important feature of their products.
They have definite financial reasons to value the Windows Logo program. It’s how they qualify for special pricing and other incentives from Microsoft. Anyone who doesn’t qualify will be hard pressed to compete in a market with such slim margins.
Cracking the bios is not the solution. First because only power users will resort to this solution, so it will deepen the divide with the other users.
Second because every time someone will be called to help a friend or a colleague whose PC is not booting any more the use of tools like Partition Magic won’t be possible. We can’t crack any PC we put the hands on.Third reason, the most important is that cracking the bios has always a risk. Being forced to run the risk of damaging your own device because it follows the orders or of the vendor is not right.
What we should do is step up the pressure. Ask Red Hat and Canonical to team up setting up a site that informs everyone what hardware is usable. We already know that the clients will never be informed properly. A full list of brands and models with their capabilities will scare the vendors pushing them to be more flexible.
If Microsoft locks down the PC and Intel is usurped by ARM, will the new PC be… Android and ARM?
Will The Fall of Wintel be heralded by The Rise of Anvidia?
Is Linux’s time to shine yet to come?
Right Microsoft idea here is stuffed.
Issue one you have a 5 year old machine in the future MS has lost the key so you system can be attacked. Yet OEM has locked you motherboard and is providing no more update. So you cannot update bootloader to fix problem. So when microsoft pushes out update to bootloader signed with new key your computer now dies.
Who thinks this is a good idea now?
Great. Stupid moron move. The system needs a way to insert new keys and disable old ones. Other wise its a bit like saying when you lose your door keys you cannot replace your house locks.
If you cannot disable MS better insist on a way to replace the approval key. This does get around the Grub issue. Since the Linux distributors or end users could produce there own signing pair. Yes makes installation annoying. Ie fat formated usb key with a approval key to upload before able to install the OS.
Key of course is make the only way to upload the key inside bios software.
Linux way is better not having a default key set.
I agree with you that users need to be guaranteed more control over this, but there are a couple issues with this statement.
(1) Microsoft wouldn’t “lose” a key; what you’re referring to is the key’s being leaked. Microsoft would still have the key, but so would everyone else, and as such, anyone could sign boot loaders for the motherboards set up with that key. It would effectively nullify the security “feature” for anyone smart enough to sign an arbitrary boot loader with the leaked key.
(2) Even if the old key is leaked, Microsoft can continue to sign things with it as well as the new key(s). So chances are they would continue to sign their OS and future OSes with those keys so that people who bought locked PCs would continue to be able to install MS OSes. (Even if smart people can sign their own boot loaders with the leaked keys, the average PC user won’t be able to, so it would make economical sense to keep providing upgrades that will work with the leaked keys.)
Once boot key is leaked its over. Attackers will be able to breach all those systems.
So protection from boot breaching is basically gone as soon as MS loses control of the key.
Design only allows for UEFI only allows for a bootloader to be signed by 1 key not 2 or 3. The UEFI load system can contain more than 1 key to check boot loader against. So yes UEFI setup correctly where you can load extra keys in transition from one key to another would not require a disruption. Heck you could be creative and make it a one way process. When bios sees something using a newer key leave the old key behind.
You are stupid on one statement. Average PC user cannot create a core breaching virus either. The Key will return system breaches to what it is now. Basically the signing system is not about protecting the Average from the system is about protecting the elite from attacking systems. So signing there fake boot-loaders are going to be a walk in park.
Remember the people breaching the systems are already doing illegal things so breaching Microsoft to get the primary signing key is not going to worry them one bit.
Basically once the primary signing key is lost it has to be given up being used if you wish to maintain secuirty.
Basically Microsoft will be waving a big flag to a very powerful force doing this. Even with Microsofts resources I don’t see them has having enough to stop it.
So if your solution is MS keeps on signing with the OLD key are you saying its suitable to leave users exposed to secuirty risk. Hello. This is unfair and wrong.
So forced upgrade of motherboards because someone at Microsoft carelessly lost a key so we force to buy more Microsoft software. Yes SUX major-ally this idea. Microsoft design is screwed for all end users.
Key update system is mandatory when design any system with key based secuirty if you wish for it to remain secure.
If this solution from Microsoft was sane there would not be this issue at all. There would be a mandatory key update system that Linux and other competitors could use. Pain in but for the competitors since installing their OS’s would have extra steps ie since out box is most likely windows.
Yes Microsoft would still gain a competitive advantage this way. But not put everyone ass on the preferable chopping block when key leaks. I say when not if because I don’t believe for one min it going to be if.
Really? Where did you find this out? If that’s the case, Microsoft can still include multiple signatures with the boot loader — they just have to install it with one that will work on the system in question.
We all know that this “secure” boot has just about nothing to do with the users’ security. The only party that really stands to lose if the old key is compromised is Microsoft, but only savvy users will really be able to exploit the weakness. As such, even if the key is compromised, I doubt they’ll be in a huge rush to fix it.
It’s kind of like the DRM on DVD and Blu-ray. They’ve both been compromised, but your average user won’t know how to exploit that, so the entertainment industry just keeps using the same flawed system. It’s not like they really have our best interests at heart. They’re just concerned with keeping a majority of users under their control, and as long as the old way keeps working somewhat effectively, they’ll usually avoid changing it, since that invariably leads to users’ getting locked out — the exact opposite of what they want.
Just as a side note, it kind of looks like English might not be your first language. So as a piece of advice: Most people will be offended if you associate the word “stupid” with them. A gentler term would be “misinformed”, but it seems like this is more of a miscommunication than anything else. 😉
I think I agree with this. 😉
Part of UEFI design is that you cannot probe from OS side what keys are in the store. So yes it will be leap of faith at times if you try just putting up signed boot-loaders guessing what key works. This is about making attackers life harder.
So providing multi copies of the bootloader are not going to cut it either. Also once key is breached you don’t want to keep on using it. Since attackers these days are after to place bootloader before OS so anti malware software inside the OS cannot detect the virus /bot/worm is there. Breached key equals exploited OS at core.
So yes only way to see what keys are in there would basically have something in the bios dialogs to show you. This is also useful for techs debuging why something has gone south. Go into bios look at the keys and go o boy that bios needs a update. If you can add keys you could just add the missing one remove the now expired one problem solved.
Now if you have to go by bios version numbers to makers site to find out if a particular version of windows can be installed is going to be a complete pain in but.
nonoitall the average user has nothing todo with why the secuirty is being done in the first place. What has better chance of average user being able to cope with secure boot. Having to visit a makers site or being able to check page in bios for what is supported. Having to check page in bios for what is support is closer average users skill limits.
Many windows machines are being exploited by malware/bot/worm/virus boot loader that effectively render all forms of detection of infection bar booting from different media almost impossible.
The prime reason for this is not DRM. Its the rate of infected machines out there. Something has to be done when more and more users are getting infected and the infection not being detectable.
Breach of DVD and Blueray is not a major problem. Reason what can you make a Blueray machine do by the breach nothing. What can you make a standard computer do when you breach it.
List of items.
Send spam
DDOS attack
Infect Others
Steal Identities
Steal person money and many other evils.
Basically if we want to stop OS being infected we need auditing from boot up all the way to user applications. This is many times more effective than anti-virus software. White listing. If only white listed stuff can work areas that can be infected are reduced.
Mandatory secure boot I have no problem with as long as I can add my own keys when I want to. And remove keys I know they are breached.
Most of the Linux world would not care either if they can added the keys required.
Simple fact here the rate viruses are growing its getting too cpu consuming to be working by black list. Items like secure boot based on public key encryption has to come.
So secure boot provides the promise of less anti-virus scanning required.
Most import is the implementation is sane for consumers. Microsoft current implementation fails the sane test. Insane to take too much control out of consumers hands and transfer to hardware makers.
oiaohm,
“The prime reason for this is not DRM. Its the rate of infected machines out there. Something has to be done when more and more users are getting infected and the infection not being detectable.”
How do you know that this isn’t about DRM? The inability for the owner to control their own keys is extremely conspicuous of this design, which seems to be a backdoor way of imposing DRM upon the public.
Assuming the OS is entirely secure (yes, that’s a big leap of faith), do you acknowledge that this “security mechanism” enables microsoft to enforce application store restrictions as well as protecting from bootloader malware?
“Mandatory secure boot I have no problem with as long as I can add my own keys when I want to. And remove keys I know they are breached.
Most of the Linux world would not care either if they can added the keys required.”
I think we are all in concurrence, however it is sounding like this is not part of the spec for new systems sold with secure boot.
“Simple fact here the rate viruses are growing its getting too cpu consuming to be working by black list. Items like secure boot based on public key encryption has to come.”
If this is your criticism of signature based antivirus scanners, then I agree it’s a problem. However adding vendor controlled PKI authentication to secure boot neither addresses this problem, nor is it required of the security problem which secure boot allegedly tries to solve.
Why put all this effort in locking the front door when it’s the windows that are broken? (I hope you appreciate the play on words).
Quoted for truth. 😀
They don’t need to provide multiple copies of the boot loader — just multiple signatures for it.
I think the significance of this threat has been overstated. Even with current technology, there are superior techniques for handling this than neutering the motherboard and locking out the user. (I bet if Microsoft simply blocked ads in IE with a comprehensive block list like the ones AdBlock+ has, infection rates would plummet far more significantly than secure boot could ever hope to achieve, but we all know they won’t do that.)
That said, I still sincerely doubt that a compromised key (which will happen eventually) would be met with prompt action by whoever dealt the key. I don’t buy the “we’re doing this to keep users secure” line that Microsoft is spouting. If that’s what they really wanted to do there are better ways to go about it.
That “if” is the whole crux of the matter. 😀
I still doubt the scope of this is as great as you or Microsoft say. Most (all?) of the infected computers I’ve had to work on haven’t had their boot loaders tampered with.
What you said brought up another thought to me though on why mandatory secure boot could be such a pain. There are many ways a system can become severely infected without touching the boot loader — some of which necessitate reinstalling the OS. In those cases, it’s very helpful to be able to boot up from a LiveCD to salvage documents, and secure boot could stand in the way of this if there’s no way to add keys or disable it.
A boot loader infection is not required to achieve any of those things you listed. Heck, root/administrator access isn’t even required. A good percentage of the infections I’ve seen have never even left the confines of the user’s home directory. So again, I call foul on this being for the users’ benefit. And when you think in terms of it being for the industry’s benefit, it compares with DRM quite well.
I agree with the users being in control, though I still don’t consider secure boot to be quite as crucial an instrument as you apparently do. 😉
Incorrect signature has to be embed in the loader so the only way you can have UEFI try multi signatures is install multi copies of the loader yes waste of space.
What world have you been on. McAfee and and other anti-virus vendors have been trying to solve this exact problem. The number of worms/bots that exploit at boot loader level to render anti-virus software and other malware scanning software worthless is increasing.
Most of the boot loader level infections are going unnoticed by everyone other than honey pot runners and banks where they have customers being repeated breached so leading to the discovery of the boot loader level breach in their system. Even that they have current anti-virus software run malware bytes and every other detection method. Reason some are even deeper than bootloader. Some are bios. Because the bios was not protected by a signing key in lots of motherboards either.
So yes some of the current most evil defeat livecd’s as well. Removing harddrive and inserting into another machine only partly detect this.
So yes there are machines you could be declaring clean that get reinfected rapidly that are one of the new classes of infections. 24 to 48 hours after being cleaned being reinfected is not uncommon.
Basically these infections are still low numbers. But will grow.
You need to read the the full extent of the protection. Boot loader validates everything else above it. Mandatory secure boot would not be a major annoyance as long as you can add the keys for your recovery LiveCD so yes just a minor annoyance. But yes if it left the way it is your recovery LiveCD could be worthless so a major annoyance. No system recovery without ripping harddrive out fun.
Problem is the low number of current generation worms out there are using the boot loader to disable the anti-virus and any other malware scanning from being able to find their existence in the machine.
But we know with all virus tech this will increase in numbers. So as the numbers grow your anti-virus software will just become more and more a joke unless something like secure boot is done.
Yes anti-virus software needs attackers prevented from being able to get between it and the real hardware.
I do run honey pots I have seen the most nasty of current generation worms/bots. The time is up basically. Secuirty has to be improved or the complete lot will fail. Time of head in sand is over.
oiaohm,
“You need to read the the full extent of the protection. Boot loader validates everything else above it. Mandatory secure boot would not be a major annoyance as long as you can add the keys for your recovery LiveCD so yes just a minor annoyance. But yes if it left the way it is your recovery LiveCD could be worthless so a major annoyance. No system recovery without ripping harddrive out fun.”
I think the threat of bootloader malware is rather exaggerated but I don’t deny that it could be helpful in some cases and I don’t mind such a feature being added *generically*. As you’ve said, what is controversial is hard coding MS/OEM keys into the system firmware, such that microsoft/OEMs will be the gatekeepers of this feature. Windows will be trusted by defacto, all other OSes will be hit and miss.
Also, for all the reservations linux users may have, they are the 800 pound guerrilla in comparison to some homebrew OS projects whose chances of getting their binaries signed by hardcoded MS/OEM keys are virtually nil.
Edited 2011-09-25 12:54 UTC
I was referring to space taken up on the installation medium. 😉
I’m sure it is, though I think the pace has been exaggerated. In addition, any malware with that gains sufficient access to [attempt to] modify the boot loader basically owns your computer anyway.
If a bank server’s security is lax enough to allow attackers to overwrite its boot loader, this technology is not going to save them. They need to fire their security administrator and hire a competent/trustworthy one.
There’s that big “if” again. 😀
Like I said, if the malware can already attempt to overwrite the boot loader (only to be stopped by secure boot), then you’re already screwed. There are any number of other places the malware could impregnate itself with that level of access.
Secure boot is not an effective defense against malware. It’s like sealing the king inside his throne room in order to protect the whole kingdom from attack.
That being the case, don’t you think you might have a warped view of a typical malware infection?
I’ve done a little searching but haven’t found this.
One of the pictures from the article implies some sort of key revocation scheme.
Anyone know if this is supposed to be over the internet, a la AACS, or if it is done at the time of manufacture, and is then unchangeable?
Thanks.
Depends on your OEM still providing updates. justSomeGuy.
Its the number 1 step to load the bootloader latter on in the process there are some internet links.
The Platform Key is OEM hardware makers that protects the KEK that contains the OS bootloader and other need firmware parts that are approved.
Key issues here the power of updating the KEK goes to the hands of the Hardware maker.
So yes they can bust things. Allowed in KEK contain approved signing keys for bootloaders.
So yes Microsoft needs to update there signing key Hardware maker decides only to update on todays hardware. People get a service pack update that changes the boot loader their computer dies because UEFI no longer will load the Windows loader.
This is a god darn land mine. Customer needs to have the means to insert and remove allowed keys and see the allowed keys.
Change able as long as hardware maker is supporting the hardware you have. Reason why I said 5 years then screwed.
Other issue is black list. Disallowed malware hashes those should be inspect-able as well.
Hi,
Just wondering if anyone (FSF, Redhat, Oracle, etc.) have started considering an “Open Source Certified” program (based on trademark law); so that consumers can easily identify which computers don’t prevent the installation of open source and/or alternative OSs.
I want a large number of “worried” companies and organisations to join together and create such a program, and promote it to consumers and OEMs worldwide.
– Brendan
And when asked…
Mathew Garrett just responds with:
http://mjg59.dreamwidth.org/5850.html?thread=151258#cmt151258
So there you have it. If it was MS behaving like this, everyone would say it’s all pure, unadulterated FUD. But of course, we’re talking about open source guys here, so even if it’s a company with an obligation to their shareholders, they can do no wrong, they’d never do something out of self-interest. Right?
If Red Hat is so interested about competition, perhaps they shouldn’t have abandoned the desktop market when they did. I don’t recall anyone locking them out through the use of signing keys back then.
Edited 2011-09-25 09:25 UTC
All that MS has to do is remotely reset the key in your copy and bingo, your copy of windows is dead in the water.
How perfect is that for a shakedown method?
They can already can do that, with Windows Update and Genuine Advantage. They don’t need this tech to keep you from running Windows.
The existing method at least allows the system to boot. If they revoke the boot keys, you are totally stuffed. you can’t do anything with your PC. Then if they disable switching off the UEFI bits that PC which you have spent a load of money on is just scrap.
There are moved by the EU to stop vehicle owners from doing any work on their Cars,Trucks or Motorcycles. This included things like changing the plugs. I was at a Demo today to protest about these proposals.
IT is not all that far fetched to move this to PC’s. Imagine the era of the sealed box pc. You are not allowed to swap the HDD or add RAM. I don’t mean making it difficult (like some All-in-1’s) but not allowed by LAW.
This is the sort of world that would suit Microsoft perfectly.
MS wouldn’t do that, they would be smothered under the mass of antitrust actions that every government in the world would bring to bear. They can mess with the OS, because it’s licensed, not bought, but they can’t mess with the hardware.
They wouldn’t be that stupid.
Not just Linux users. While MS is partially doing this to fuck with Linux, this is mainly their insurance policy against another Vista-like backlash with “downgrades” to the previous version. They’re deeply insecure about Windows 8 because of the interface changes that will likely prove very controversial if Unity is any guide. They know perfectly well that most people aren’t interested in upgrading from Windows 7, which has achieved much greater acceptance than Vista. They’re obviously scared to death of Windows 7 having an XP like lifespan.
I expect that this issue will be tackled on two fronts:
1) Grub or LILO bases boot loaders would allow regular non signed kernels to boot. This is after getting the keys through reverse engineering and all more or less in a similar fashion like the DVD scene played out through DeCSS.
2) legally through the anti-trust process.
On my side, personally, I would refrain from purchasing any PC motherboard or laptop that does not allow disabling this feature.
benayed,
“Grub or LILO bases boot loaders would allow regular non signed kernels to boot. This is after getting the keys through reverse engineering and all more or less in a similar fashion like the DVD scene played out through DeCSS.”
This is a misunderstanding of the public key cryptography involved. Reverse engineering may reveal bugs in the bios which might be exploited, however all the keys present in the firmware are public knowledge. Even if the firmware is completely open source, it would not help break the private keys.
DVDs on the other hand are not cryptographically sound because the encryption keys used must be accessible on the end user device (otherwise the DVD would not play).
“2) legally through the anti-trust process.”
Maybe someone with a legal background can provide some legal insight?
“On my side, personally, I would refrain from purchasing any PC motherboard or laptop that does not allow disabling this feature.”
Same here, but we’d be such a minority that the large OEMs may not take notice. The key is to get the major media to pick it up.
uhh, anyone here know a reporter with significant clout, we gotta get the word out hard and fast
Correct. Linux, for example, does not use DeCSS software to play DVDs, it uses libdvdcss.
DeCSS used a “stolen” player key, it was stolen from the Xing software player I believe. This strategy is arguably illegal.
libdvdcss does not use a stolen player key, but rather it reads information from the DVD it is attempting to play, and from that data it calculates a list of possible keys. All of the possible keys are tried until one which works for that DVD is found.
The situation with UEFI secure boot is that the keys will be stored in secure storage on the motherboard, and they will not be accessible to the boot loader.
In order to boot the boot loader must in effect know one of the signing keys, because no method similar to that used by libdvdcss will be possible. Any work-around will have to be similar to DeCSS, which is to say it must use “stolen” keys. This will probably be in violation of the DMCA, and therefore illegal.
lemur2,
“The situation with UEFI secure boot is that the keys will be stored in secure storage on the motherboard, and they will not be accessible to the boot loader.”
One slight clarification here. Only the *public key* will be on the motherboard, the private key will be with MS/OEM and cannot be leaked/cracked by analyzing the motherboard.
“In order to boot the boot loader must in effect know one of the signing keys, because no method similar to that used by libdvdcss will be possible.”
I don’t think the DVD analogy fits very well, though I know you were just continuing with benayed’s example.
Edited 2011-09-26 03:40 UTC
Correct. Public keys are public, everyone has a copy. Private keys are private, only one party has a copy, and it must be kept secret. Each public key has a corresponding private key, together they are known as a key pair.
In the case of UEFI secure boot, the boot loader software on disk will presumably be signed with a private key of an OS vendor. UEFI will only run the software if it has a matching public key in its ROM.
The reason why I said that “that the keys will be stored in secure storage on the motherboard”, plural of keys, is that as far as I know UEFI Secure boot can handle multiple different keys. Only the various public keys will be held by UEFI, not the corresponding private keys. Each different private key will be held by, and kept secret by, each software vendor.
lemur2,
“The reason why I said that ‘that the keys will be stored in secure storage on the motherboard’, plural of keys, is that as far as I know UEFI Secure boot can handle multiple different keys.”
Where did you learn this? I can’t find any information saying that multiple keys (hardcoded or not) will be supported?
From UEFI spec 2.3.1, Section 27.5 “Firmware/OS Key Exchange: creating trust relationships”, there is only a single “Platform Key”, which the “platform owner” (= OEM, I guess) uses to sign authorized bootable code. Once an OS is booted, it can add extra “Key Exchange Keys”, which it entrusts, to the public key database.
PS : Speaking of EFI, am I the only one annoyed by the way it mandates use of Microsoft’s executable formats for loadable binaries ?
Edited 2011-09-26 17:14 UTC
Neolander,
Thank you for the info. From what I understand though, the KEKs are just intermediate keys for use by the operating system (for example, to maintain blacklists which cannot be tampered with by the user). In particular, the KEKs need to be signed by the PK and are merely extending it’s chain of trust rather than establishing an alternate chain of trust.
http://lwn.net/Articles/447381/
“Before a PK is loaded into the firmware, UEFI is considered to be in setup mode, which allows anyone to write a PK to the firmware. Writing the PK switches the firmware into user mode. Once in user mode, PKs and KEKs can only be written if they are signed using the private portion of the PK, though KEKs can be freely written during setup mode. Essentially, the PK is meant to authenticate the platform owner, while the KEKs are used to authenticate other components, like operating systems.”
So I guess the answer to my stated question is yes, there are multiple keys. But the answer to what I was actually thinking is no, there will be no support for multiple authorities.
This design makes me wonder if the PK will be user settable again after a new bios flash? Or if the PK is truly permanently recorded in some chip and can never be reset again by anybody?
http://mjg59.dreamwidth.org/5552.html
“The UEFI secure boot protocol is part of recent UEFI specification releases. It permits one or more signing keys to be installed into a system firmware. Once enabled, secure boot prevents executables or drivers from being loaded unless they’re signed by one of these keys. Another set of keys (Pkek) permits communication between an OS and the firmware. An OS with a Pkek matching that installed in the firmware may add additional keys to the whitelist. Alternatively, it may add keys to a blacklist. Binaries signed with a blacklisted key will not load.
There is no centralised signing authority for these UEFI keys. If a vendor key is installed on a machine, the only way to get code signed with that key is to get the vendor to perform the signing. A machine may have several keys installed, but if you are unable to get any of them to sign your binary then it won’t be installable.”
Comment from George Orwell’s Animal Farm still applies. “Twelve voices were shouting in anger, and they were all alike. No question, now, what had happened to the faces of the pigs. The creatures outside looked from pig to man, and from man to pig, and from pig to man again; but already it was impossible to say which was which.”
Microsoft, Apple, incompetent OEMs, they all look the same.
Don’t forget: most OS repair tools boot under modified versions of Linux or DOS. Requiring signed binaries to run basically means that no repair tools will be able to recover your system.
To the best of my limited knowledge, most newer implementations of UEFI are 64 bit, so DOS recovery tools wouldn’t work anyway as the system wouldn’t have real-mode available. I could be wrong.
Also to the best of my limited knowledge, most people would be using Windows Recovery Console for OS repair, assuming of course they don’t just take the machine into the shop to have it fixed.
As long as there is an option to disable the feature, I’m personally fine with it. Implemented properly, It is a good idea. The best thing one who is interested in alternative software can do is make sure they only buy machines that have the option to disable UEFI secure boot/have the ability in the firmware setup to add/remove keys.
In the end is this really going to do anything other than annoy a lot of people. I mean, how secure can this be? So the bios is locked, the bootloader, the kernel, and maybe the drivers. So what? Most malware is not designed to remove functionality anyway. Its designed to take over your PC. None of this secure boot stops that. You can still have infected browsers and software that is really malware start on boot up. I see it every day. The only way this works is if Microsoft creates a completely closed system like Apple did with iOS. You only get apps Microsoft approves. Do we really want to go down that road?
For anyone who’s interested, here is a quick example of RSA public key encryption:
(Follow along by installing the “apcalc” package and running “calc” or use arbitrary math package of your choice).
Set variables representing the public and private keys. These are 1024 bit RSA keys in raw decimal form:
pub=65537
priv=10034701516581607751438717050886575134854567927773406346110095389 3880607258989277229978848721573396656818709713200926839511880509613865 9474100668909735440576231560731353120314326442917250425554249145477285 0129649359760655421361386946859858098073967083122130092429101461607165 5771225693620196033624908952782337
mod=129569752008079601861068484388831561709544451549075130369811908254 0636251464335302589077903827282626033952198454182587729744288942896196 0350330116308876109346648935805264992779319753450874988762827064435308 9787488188343904181776607311622352871569989214585044083692694467436005 432575044089339511423879924748093
Encryption and decryption are astonishingly simple:
ciphertext = (plaintext ^ pub) % mod
where (pub, mod) make up the public key.
plaintext = (ciphertext ^ priv) % mod
where (priv, mod) make up the private key.
Now lets put this to use, our secret message is “12345”(using calc’s syntax):
ct = pmod(12345, pub, mod)
ct =649561333757451757004248916422444207210624792546812513939697190576800 5598628412789281587428693978445925410757595668337235621964710636482986 7678609454140521694918033207929545708825534606806618029320280335294395 2108081515947478212104872619337026831010184080090087060494955661721844 6386794696129430701630814522
And to decrypt using the private key:
pt = pmod(ct, priv, mod)
pt
=12345 VOILA! We get back our secret “message”.
Real life implementations use extra padding to eliminate vulnerabilities with certain trivial cases like the following (they work, but they’re not secure):
ct = pmod(0, pub, mod) = 0
ct = pmod(1, pub, mod) = 1
Notice the public factor is very short, and public factors are often hand picked to increase performance (65537 has only two “1” bits in binary). Until rather recently, it was even common to use 2 & 3.
To do RSA signatures, do modular exponentiation with the private key.
sig = pmod(12345, priv, mod)
sig
=100205529258865419244879929646186044045195253646483476594890711551327 4982492169370293702770904064497440555524437909863740900509951289739909 0562448712559790233458569876089221632715449998674923202958889156494344 0373081036036755363704923479676797763088081336323388508085704457488066 5932754001725793366736813449
To verify a signature, use the public key:
pmod(sig, pub, mod)
= 12345
A few things to note:
the value being signed/encrypted may not be larger than the modulus (1024 bit=128 byte). Additionally RSA is much slower than block level ciphers and hashes, therefor RSA is always used in conjunction with other cryptographic primitives.
Anyways, if you play around with the examples, it should become clear that to verify a signature, one does not require the private key which generated the signature. This is one of the basic properties of PKI cryptography. And this is the reason that reverse engineering the bios will not yield the signing keys that microsoft/OEM possess.
If anyone’s got questions, I love talking about this stuff!
Isn’t it possible to defeat hash signing by producing a binary which has the same hash, but different code ? After all, the transformation which turns a multi-MB binary into a small, easy to compute and check hash, loses so much information that there’s a huge number of possible binaries associated to a given hash.
(It is my understanding that this is what happened with MD5, and is potentially also happening with SHA-1… Breaking hashes this way seems to be purely a matter of time, given that you have some skilled mathematicians at hand)
Edited 2011-09-26 05:48 UTC
For cryptographically secure hash algorithms, it’s not really feasible time-wise to do this.
Which properties of a hash algorithm make it cryptographically secure ?
(Fascinating discussion, by the way… I’ve been wondering about this since the first time I’ve heard about the concept of digital signing)
Neolander,
“Which properties of a hash algorithm make it cryptographically secure ?”
This isn’t the answer you want, but probably the one which is closest to the truth: The property of having been seriously analyzed by thousands of cryptographers in public and still remaining standing.
Haha…ok I wont avoid the question. In principal, the the hash bits must not reveal any information about the input bits. In practice, this means:
Any single bit change must, on average, effect 50% of the hash. There must be no calculable correlation between any input bit and output bit. Linearly sequencing through input values must not produce any pattern in output values. Any bias whatsoever indicates a weakness.
All else being equal, a slower hash function is theoretically more secure than a faster one (after both having been optimized as much as possible). If the faster one requires X operations to brute force, the slower one may take X*100 operations to brute force.
As you were saying, even the ideal hash function is vulnerable to deliberate collisions every 1/(2^bit) iterations, therefor the bit length must be chosen such that the fastest conceivable cracking machine will be unlikely to uncover any collisions in it’s lifetime.
Some research is being done to make cryptographic primitives which are not only computationally hard, but also “memory hard”. Most hash functions today don’t need more than a few hundred bytes of ram, which hypothetically makes it possible to brute force millions of instances simultaneously on a single chip. If a hash function uses 50MB of state, then clearly the parallelism potential of these chips is sharply reduced.
Also something worth noting. Anyone can build a database of forward hashes regardless of the algorithm, and then lookup the reverse hashes on demand. For this reason, it is unwise to hash secret data without random salt.
e9fe51f94eadabf54dbf2fbbd57188b9abee436e
Lookup this sha1hash value at
http://www.sha1-lookup.com/
Edited 2011-09-26 18:31 UTC
Many thanks for the answers !
Neolander,
“Isn’t it possible to defeat hash signing by producing a binary which has the same hash, but different code ? After all, the transformation which turns a multi-MB binary into a small, easy to compute and check hash, loses so much information that there’s a huge number of possible binaries associated to a given hash.”
You are absolutely right about the hash. Furthermore, you might say the same thing about RSA itself. There are only a finite number of possibilities to try, which implies that it’s not difficult to build algorithms to enumerate them.
The key to all digital cryptography is that all known algorithms to crack the numbers use exponential time. Every additional bit is exponentially more difficult crack.
However these problems also fit squarely into the class of parallel problems considered “embarrassingly parallel”, with no IO/sync overhead. This means shorter bit lengths are vulnerable against massive specialized cracking clusters.
History shows us that we need to be much more conservative with our estimates of cryptographic security. I recall when the EFF deliberately build a DES cracking machine in 1998 to publicly embarrass the US government on it’s legal policy of restricting international crypto products to algorithms known to be extremely weak.
http://news.cnet.com/Record-set-in-cracking-56-bit-crypto/2100-1017…
Now days that we routinely use far larger bit lengths, and our encryption is much more resilient to brute force attacks. 256 bit cryptography cannot be brute forced today or in the near future. But we are still occasionally finding flaws in the algorithms which mathematically etch away at their security.
It is an open question whether cryptographers will ever be able to place a lower boundary on the work needed to crack a code, or whether sufficiently clever algorithms will always exist to reduce the search space ever further.
I’m also wondering if it’s possible to mathematically reverse a hash algorithm in a way that provides, say, all files within a size range between X and Y that result in a given hash Z when going through the hashing algorithm. This operation could be followed by analyzing those files in the hope of finding one which has some desirable properties (like, in the context of secure boot, some simple code which is able to load other code)
And if it is, whether such a “clever” approach would have the potential to beat brute force random data injection to a tampered binary until it gets the same hash, in terms of execution speed.
Edited 2011-09-26 17:41 UTC
Neolander,
“I’m also wondering if it’s possible to mathematically reverse a hash algorithm in a way that provides…”
Lets go on the assumption that our function is an ideal hash function with no mathematical weaknesses. Since we already know that a broken hash function will limit the scope of search. An idea hash function means that the only way to find a collision is to brute force various inputs until we generate a collision.
sha256sum(x1) = y
sha256sum(x2) = y
How would we find x2, such that it produces the same hash as x1? This can be as simple as taking a known payload, and modifying it with a nonce until we generate the collision we’re looking for. It’s trivial, and it’s been done with MD5. However, this task becomes exponentially more difficult as bits are added to the hash.
Let’s reduce the difficulty of the problem:
1 bit hash function
sha256sum(x1) & 0x1 = y
sha256sum(x2) & 0x1 = y
Here, y can only be 0 or 1, therefor every other X value will produce a collision.
2 bit hash function:
sha256sum(x1) & 0x3 = y
sha256sum(x2) & 0x3 = y
Now, y can be 0,1,2,3, every 4th X value will produce a collision, twice as much work as 1 bit.
3 bit hash function:
sha256sum(x1) & 0x7 = y
sha256sum(x2) & 0x7 = y
Every 8th X produces a hash collision, twice as much work as 2 bits.
So with this exponential growth, a 256 bit hash function would collide every 1157920892373161954235709850086879078532699846656405640394575840079131 29639936 X values on average.
Assuming we have 1 billion computers, each able to forward hash 1 billion X values every second, then we might expect a collision every 3764568028158688209515806576697354474006124657512762 years on average (double check my math).
This is if we stick to classical computing, quantum computing introduces yet a whole new dimension to the problem. It’s too bad quantum computing was not offered at my university, since I don’t know that much about it.
Edit: I’d be happy to leave my cheap web development clients to work on this stuff instead, if anyone’s willing to pay me to do it.
Edited 2011-09-26 19:24 UTC
This is the part which I don’t understand. I don’t get how it is possible to create a hash function and publicly distribute it, in a way that mathematicians are not able to find collisions just by studying the form of the hash function itself.
Well, I have a course on it later this school year (jan-feb 2012), so I can send you lecture notes if you want. It’s targeted towards physicists, though, so maybe you would experience a feeling of unbalanced complexity, the mathematical part looking over-explained while the physical part would look under-explained.
Edited 2011-09-26 19:32 UTC
Neolander,
“I don’t get how it is possible to create a hash function and publicly distribute it, in a way that mathematicians are not able to find collisions just by studying the form of the hash function itself.”
This has to do with “diffusion”.
It is actually rather easy to correlate bits for a single SHA1/2 round, such that one can derive the internal state of the hash function from the output bits. Hash/crypto functions are routinely cracked for a limited number of rounds.
But when the process is repeated a sufficient number of rounds, there is no record of which round(s) are responsible for changing a bit. All traces of the original bits are diffused and all that remains is unintelligible entropy. Algebraic solutions become exponentially complex and offer no benefit over brute force scanning. (As always, we’re assuming the hash has no mathematically exploitable weaknesses).
This may be similar (or not) to dropping a pebble in a pool and then backtracking the point at which the pebble was dropped by observing the waves. As the waves bounce against the edge of the water, they become more and more diffused until one can no longer determine the point of origin.
“Well, I have a course on it later this school year (jan-feb 2012), so I can send you lecture notes if you want.”
I’m curious at a high level, but I don’t really feel like reading long papers. Whereas I used to buy computer books and read them through and through, today I can hardly bother to open the cover. I can’t explain it, maybe it’s the influence of the real world after college. I learned all this cool & interesting theory, but haven’t much chance to really apply it in my jobs, and no ROI.
“It’s targeted towards physicists…the mathematical part looking over-explained while the physical part would look under-explained.”
I’d still need to learn the mathematics anyways.
Edited 2011-09-26 22:20 UTC
So when calculating a hash, a function that’s relatively easy to reverse in itself is typically applied a large number of times on the incoming data (data -> hash 1 -> hash 2 -> hash 3…) so that the results are not exploitable algebraically anymore ?
I don’t know if it’s similar, but it’s certainly an analogy which I can get
It’s not necessarily so long. The course only lasts 4 weeks (1/3 of the usual duration in France) and includes stuff which you probably won’t care about concerning experimental implementations of quantum information. It’s meant to be an introduction to the subject, not one of the central parts of my Master’s.
Well, not even left college yet and I already read much less than I used to when entering it. In my case, I prefer to believe that it’s because I’ve exhausted the very small interesting content of the “science” shelves of the book shop next to the university. I only find a subject which I’m fascinated by from time to time, the rest of my book purchases are just reference books on a given subject for later…
What I meant with this sentence is that you probably already know a lot of the “information theory” part. Just need to get used to a new form of logic (I think I’ve read somewhere that quantum computers cannot compute operations which destroy information, like “AND” or “OR”, and thus require use of new logic gates and reasoning).
Neolander,
“So when calculating a hash, a function that’s relatively easy to reverse in itself is typically applied a large number of times on the incoming data”
I can’t say for sure that this is true of all hash functions, but it is of the SHA variants (and many block ciphers as well). Keep in mind that a major design goals for these functions is that they run well on ordinary 32bit CPUs where it’d be relatively difficult to achieve sufficient diffusion using standard opcodes in one pass.
“Just need to get used to a new form of logic (I think I’ve read somewhere that quantum computers cannot compute operations which destroy information, like AND or OR, and thus require use of new logic gates and reasoning).”
Yep, that’s the stuff I need to learn about. I have no excuse not to learn it (other than time).
[deleted rambling personal story]
Mankind generally divides into two groups: Those who care, and those who don’t. The latter is the majority. They determine their own fate by their own actions. In the end, they always get what they deserve, and those who care are the loosers and suffer from that. But they’re only collateral damage. People who jump onto the Google/Android restrictive bandwagon will embrace a locked Windows 8 PC as well. Those people won’t realize that they’re drowning even if they’re already 3 meters under the sea – that’s the real pity… They never learn… Sad, but that’s how humans were, are and always will be. There will always be niches, but the mainstream will continue to follow the guidelines of the priests of money. Windows 8 will be a giant step in the wrong direction if all that news will come true…
How is Google/Android a “restrictive bandwagon”? Maybe you mean Apple/iOS.
ahinterl,
“Mankind generally divides into two groups: Those who care, and those who don’t. The latter is the majority. They determine their own fate by their own actions. In the end, they always get what they deserve, and those who care are the loosers and suffer from that. But they’re only collateral damage.”
This is an incredibly insightful post. It is accurately describing what’s going on here, and probably explains why humans settle for less time and time again. This same concept explains software patents, walled gardens, DRM, etc…
I’ll really need to keep this in mind the next time I’m part of the group that doesn’t care, and see how I’m being used to manipulate the outcome.
There will be a public outcry if Linux cannot be installed in future machines. I am sure that Microsoft knows this, and therefore they will not dare other operating systems out of the PC space.
So… why don’t we start signing Linux kernels (or even just the boot loaders)? Surely someone like RedHat could easily contribute a signing authority?
– chrish
Because it is against the GPL for one. Open source means I can take the source code and use it. If I can’t compile my own software because I can’t get it signed, then I really can’t use it.
Yet another GPL/RMS fail.
You can’t even sign compiled GPL code? Wow.
There comes a time when a license is too restrictive to be of use.
Instead of Linux fanboys demanding that everyone else live within the restrictions of RMS/GPL religion, why not dump GPL and pick a different OSI-approved open source license?
An opposing (and rational) viewpoint from Ross Anderson, security engineering professor at Cambridge University, can be read here:
http://www.lightbluetouchpaper.org/2011/09/20/trusted-computing-2-0…
Edited 2011-09-26 23:56 UTC
Because there is no centralized signing authority ?
http://delimiter.com.au/2011/09/28/linux-fans-file-accc-complaint-o…
A number of Australian Linux users have filed a formal complaint with the national competition regulator over what many perceive to be restrictive practices introduced in upcoming Microsoft’s Windows 8 operating system which may stop many mass-market computers from being able to boot alternatives such as Linux.