After the spread of some information, and some mis-information, the story of secure boot in Windows 8, achieved through security features of UFEI has gone viral. Linux forums all over the web are suddenly full of activists angry about some evil corporation wanting to deprive them of free software. The aforementioned company has issued a long blog post by way of clarification.
In brief, the point is that there are plans to replace the BIOS – the main body of firmware which sets up a PC to be ready to run an operating system. A key task of the BIOS in most systems is to start the boot loader program (or ‘pre-OS environment’), which in turn loads the operating system and gets it running. This process is prone to attack: if someone can run an alternative boot loader (or reconfigure it, or launch a different operating system), they can either steal all the data on your disk, or they can launch something which looks just like your operating system, but is subverted to send copies of all your secrets – such as everything you type – to the bad guys.
Replacing the normal BIOS with something which will launch only programs with a suitable digital signature is intended to prevent this from happening: effectively a white list of acceptable low-level software is created. If your operating system boots correctly, you should be able to have confidence that the software that is running is the software that was installed by or for the owner, and not an impersonator.
[I think that Windows 8 is expecting to make use of the white-listing capability when it’s available, as far as making a secure boot to the pre-os (loader): so the system will simply stop if a loader with a bad signature is presented to it. A related but distinct approach will enlist the help of the TPM to achieve a measured (or authenticated) boot – where anything can be loaded, but the identity of what has been loaded cannot be spoofed: Windows will use this for the OS and above – a far as I understand it.]
Now, the point of contention appears to be the question of who should control that process (who manages the cryptographic keys which are used in making and validating the signature), and whether or not the owner of the platform should have an override which can switch off the secure boot check. Microsoft have said that the Windows 8 certification badge will be available only to platforms which “have secure boot enabled by default, that firmware not allow programmatic control of secure boot (to prevent malware from disabling security policies in firmware)” The latter point (and related restrictions on firmware update) is essential for the approach to work – otherwise the trojan program can turn off secure boot before installing itself.
Now, that is very different from not allowing the controls to be turned off at all. There are lots of controls in current BIOSes that users can opt into or out of, and little reason (unless you have a curious victim mentality) to suppose that a vendor would fail to add secure boot to the selection of configuration options. Doing so would, in any case, be a commercial decision, and it would be odd for a vendor to want to reduce the value of their hardware in this way.
Now, what is the impact for Linux? The platform owner who wants to run Linux can surely then turn off those controls which enable secure boot. There can be few who choose Linux who would be unwilling or unable to mess with BIOS-type controls, if needed. Of course, Linux aspires to be an OS which an untutored user might install, and has made great strides in that direction lately – but if platforms must default to either secure boot or not, I think I’d choose the first, as giving the best benefit to the most.
However, Linux users will, if they are wise, want to gain the benefits of secure boot, also: they will want it to be turned on, and will want a signed boot-loader. There are plenty of vectors by which your ordinary boot-loader might be subverted. It’s naive to the point of foolhardiness to imagine that no such root-kit will ever subvert a Linux platform. Exploits circulate, and willl attack the most attractive targets. Indeed, if Linux wants to enjoy the widespread success that its advocates (among whom I would count myself, having been using Linux since about 1994) hope for, then it must address weaknesses in the boot chain.
Can there be a Linux loader (or several) which is signed with a key acceptable to the firmware of all major PC manufacturers? Surely, yes. The licencing terms of that loader might need care, since recent GPL versions seem to have painted themselves into a corner over key-controlled configuration controls. Will this prevent innovation, and inhibit user-compiled kernels? No – unless you choose a secure boot-loader which enforces a particular launch policy (TrustedGRUB would help you head in that direction, and in general launch policy control is a good idea).
To summarize, the best response to the current hue and cry is, to quote Michael Winner, “calm down, dear”.
What of the perspective of competition law and monopolies? You could use these mechanisms to force a particular hardware/software configuration on each platform, and freeze out your competition: till it gets hacked/jailbroken/rooted, anyway. Microsoft could “encourage” equipment manufacturers to support only Microsoft operating systems – and exclude others with cryptographic strength. But doing so would be commercial madness, especially when you didn’t design the technology with this purpose in mind.
I confidently assert that those engaged in the technical work on this stuff are not designing for anti-competitive solutions. If they were, they’ve made a pretty poor job of that. That’s not to say that an executive decision couldn’t push a particular product in that direction – but frankly, these people are not fools, and do have lawyers to tell them when they are heading for massive retaliation.
And this frustrates me: trusted computing wasn’t “defeated” in 2003 – the technologies and ideas are going strong (and your business laptop almost certainly contains a TPM, properly integrated with the firmware, and supported by drivers in your operating system – there being better support in Linux than in Windows 7!). The platforms that emerge for Windows 8 will not be trying to kill Linux, and will not by themselves reduce Linux’s market share. And when life continues as normal, certain people will claim this as a “victory”. And it will be nothing of the sort.
Security needs to be taken seriously, and white-listing has a lot of scope for making it better: mistaking white-listing as an attack per se on freedom is foolish. Solutions need to be carefully designed to allow system owners as much flexibility as possible, whilst limiting the vectors for attack: and this is precisely what all the relevant technical working groups have been doing. I know this because I didn’t lob half-baked arguments from the side-lines, I went and got involved: and I found a process very open to reasoned academic voices. I sincerely hope that secure boot has a bright future.
Full disclosure: in the last decade, I have attended several events hosted and funded (expenses paid) by Microsoft – many other academics were there also. My students have benefitted from summer schools funded by the Trusted Computing Group and/or some of its member companies. My University has received payment for some tutorial materials I developed for the Trusted Computing Group. I don’t speak for anyone but myself, and just want to call this as I see it.