"Booting our CDs will rely on a loader image signed by Microsoft's WinQual key...the UEFI specification only allows an image to be signed by a single key."
This is anti-competitive and should not be acceptable. The UEFI specification needs to be fixed before vendors are forced to comply with it. It is disappointing that this won't happen.
I'm willing to put a few K$ towards the cause of starting an antitrust inquiry against Microsoft for this (and the related ARM landgrab).
Any lawyer (or otherwise knowledgeable non-armchair HNers) knows how I can go about that?
Given that the EU and China antitrust authorities also need to okay things these days, I believe that the we should bring the legal fight to MS, rather than receive the technical battle and fight it on our turf.
It's my opinion that you should look deeper into the issues than just skimming it before throwing thousands of dollars away.
First, Microsoft has mandated(as much as they can mandate to OEMs without violating antitrust!) that in order to receive Windows 8 logo certification, the OEM must provide a way for a physically present user to turn off UEFI secure boot in the setup menu and for that user to be able to add remove signing keys(including removing Microsoft's key!) at their will.
Coming to ARM and Windows RT, perhaps your antitrust inquiry might want to look at the elephant in the HN discussion - Apple - first, instead of being laughed out of the courtroom about picking on a platform with 0% marketshare compared to a platform which does the same thing with ~80% marketshare and >90% profit share.
Coming to actual meaningful things that can be accomplished for F/OSS desktop, you might want to consider reading the Red Hat blog post about secure boot. OEMs are willing to add signing keys of other players, but no one is interested in starting or running an operation that can sign F/OSS kernels with their key(after checking if that it's not malware).
Perhaps your few K$ might be better spent on such a nonprofit organization or division of the Linux foundation instead of throwing it at lawyers? Just my thoughts.
> Microsoft has mandated(as much as they can mandate to OEMs without violating antitrust!)
And similarly, everyone can install the browser of their choice on Windows. But it was still an antitrust violation, because it was, in effect, leveraging a monopoly in one market (Operating Systems) to produce gains in another (Browsers). This is along the same lines, except it is using a monopoly in the Operating Systems market to farther same monopoly.
> picking on a platform with 0% marketshare compared to a platform which does the same thing with ~80% marketshare and >90% profit share.
There's a huge difference here; Apple makes both the software and the hardware. Microsoft makes software and forces hardware makers to comply. And no one would even care about that requirement, if it weren't for their desktop OS monopoly. Again, leveraging monopoly in one market to farther gains (limit competition) in another.
It's not the 0% marketshare I care about. It's the monopoly abuse.
And I don't think anyone has a reasonable legal complaint against Xbox360 not running Linux even if it were 90% of the console market. Apple sells (Hardware+Software) they make themselves. Xbox360 is (Hardware+Software) Microsoft makes themselves. This is NOT the situation in the PC or non-apple phone or non-apple tablet market.
> OEMs are willing to add signing keys of other players, but no one is interested in starting or running an operation that can sign F/OSS kernels with their key(after checking if that it's not malware).
Microsoft charging $100 for certifying something is not malware is a joke. As was mentioned earlier in this thread, it is much more likely that they are after pirate OEM Win7 activations.
If I was a malware distributor, I would make sure that I submit - directly and indirectly - hundreds of bootloaders and kernels, many of them exploitable through buffer overflows or similar tactics.
I've been burned too many times with hardware that supposedly worked but turned out to only work well under windows (With bad ACPI kernel tables, and other such stuff), to trust the theory that everything will work out well.
The only way to fight this is legally.
> Perhaps your few K$ might be better spent on such a nonprofit organization or division of the Linux foundation instead of throwing it at lawyers? Just my thoughts.
>This is along the same lines, except it is using a monopoly in the Operating Systems market to farther same monopoly.
None of the millions of apps written for DOS and Windows will ever run on Windows RT. How is that leveraging a monopoly? Doesn't your argument apply to Windows Phone too?
>There's a huge difference here; Apple makes both the software and the hardware. Microsoft makes software and forces hardware makers to comply.
Why would you want the government to exclusively punish the software OS makers who don't sell hardware with that software? So, a company making software that is open to running on hardware made by different companies should be burdened with additional restrictions that companies like Apple are not? Sounds like a nice way to kill the whole concept competing on hardware(which drove down PC prices in the latter 80s).
So the lesson here for MS is to go with Windows RT only on the Surface and follow Apple's model? After all there is Android for the OEMs(HTC and LG just dropped out due to bad sales).
>Microsoft charging $100 for certifying something is not malware is a joke. As was mentioned earlier in this thread, it is much more likely that they are after pirate OEM Win7 activations.
Perhaps, they're not mutually exclusive with rootkits.
And maybe you missed the memo that UEFI secure boot must be able to be turned off by the user? The pirates can simply disable it.
>If I was a malware distributor, I would make sure that I submit - directly and indirectly - hundreds of bootloaders and kernels, many of them exploitable through buffer overflows or similar tactics.
Good luck with that, I am sure the requirements will be like the iOS app store, requiring a credit card and a tax id which they can track across all your accounts. One piece of malicious software detected will lead to the keys of all your submissions revoked.
>I've been burned too many times with hardware that supposedly worked but turned out to only work well under windows (With bad ACPI kernel tables, and other such stuff), to trust the theory that everything will work out well.
Just turn off the secure boot? Too hard to go into UEFI setup and turn this off?
I can understand why bright kids these days want to be lawyers these days instead of going into the tech space.
What are you trying to fight legally on what grounds? Windows RT secure boot or Windows 8 UEFI requirements too?
How is it Microsoft's fault that OS vendor don't want to bother to create a mechanism to sign kernels with their keys that the OEMs are perfectly willing to add and if not, the user can add themselves?
> How is that leveraging a monopoly? Doesn't your argument apply to Windows Phone too?
It is leveraging the desktop monopoly to make inroads into the tablet and phone market. If I start a company tomorrow called "Zikrosoft" which produces "Win Zit 8 ZT", a phone OS on par with WinRT 8, I might get some traction or not, but I most definitely would NOT got anyone to lock down hardware they produce for use with my software. The only reason someone takes the Microsoft requirement seriously is that MS has a monopoly in desktop and business software. Ergo: leveraging monopoly in one market (desktop operating system / business software) to gain an advantage in another market (phones, tablets).
> Why would you want the government to exclusively punish the software OS makers who don't sell hardware with that software?
> Sounds like a nice way to kill the whole concept competing on hardware(which drove down PC prices in the latter 80s).
Dude, Microsoft is a convicted monopolist. They've killed tens of companies with practices similar to this. Antitrust laws exist for a reason, and microsoft is arguably abusing its monopoly position in the os market here.
Instead of asking me, ask yourself - how is this different than the integrated browser thing, which was decided by both US and European court to be an antitrust violation. I can't see a material difference.
> Good luck with that, I am sure the requirements will be like the iOS app store, requiring a credit card and a tax id which they can track across all your accounts. One piece of malicious software detected will lead to the keys of all your submissions revoked.
There are apps on the app store that give you proxying ability. (A "trojan" against Apple's and the carrier's tethering income). Whenever one gets famous it is pulled from the store. I cannot name one that is active right now, but I'm aware of at least 3 which were available for months each.
Furthermore, I'm sure there are hundreds of apps which unintentionally can be exploited through buffer overflows (source: I found those in every C program I've evaluated) - the exploitable code can be useful; it doesn't have to be malicious - just exploitable.
Certification against malware is a joke. Just like the SSL certification process is supposed to guarantee identity. If you think this is going to work better than SSL certificates and Authenticode signatures for ActiveX, you have to know something I (and most of the public) doesn't.
> Just turn off the secure boot? Too hard to go into UEFI setup and turn this off?
I don't know. I would think that including reliable ACPI tables would be simple, rather than non-standard ones that only Windows could read (or that are overridden by Windows drivers). And yet, it isn't. I'm not trusting that it is possible to comfortably turn off secure boot until I've seen it happen.
> What are you trying to fight legally on what grounds? Windows RT secure boot or Windows 8 UEFI requirements too?
Yes. Microsoft's monopoly abuse. Both are examples of it.
> How is it Microsoft's fault that OS vendor don't want to bother to create a mechanism to sign kernels with their keys that the OEMs are perfectly willing to add and if not, the user can add themselves?
How is it Microsoft's fault that they give away IE, when everyone is free to install a new browser themselves?
It is, because of antitrust laws. And they are there for a reason.
IE was, at the time, a much better browser than Netscape. But it didn't get any significant market share until it was getting bundled with the OS. And a few years later Microsoft had 90% of the browser market. Yes, Netscape was just as much to blame -- but if IE wasn't bundled, perhaps they (or Opera) would have used the slower IE adoption to get their act together.
You are arguing theory, and I'm arguing practice (as shown by history). History doesn't usually repeat itself, but it rhymes very well.
I'm surprised that Microsoft pushes this in such a blunt way. They could have at least created a semi-independent non-profit to take care of signing. It seems like EFF or some other organization should push for antitrust investigation on this issue.
Although I would like to agree with you, I'm not convinced.
The reason Ubuntu (and Red Hat) aren't pushing to get their key included in the hardware is clear from the article:
"Microsoft's WinQual key, for much the same reasons as Fedora: it's a key that, realistically, more or less every off-the-shelf system is going to have, as it also signs things like option ROMs, and the UEFI specification only allows an image to be signed by a single key."
The Microsoft WinQual key monopoly is there because option ROMs (and other drivers) are only given one slot for a signature. After Microsoft signs the ROM, the manufacturer _can't_ add a Red Hat or Ubuntu signature to the drivers for their hardware.
This means even if you convinced all the manufacturers to include, say, a Ubuntu key, you still couldn't verify option ROMs were secure. Only Microsoft's key would work for that - thus, Microsoft's key will be the only one installed by the manufacturers.
Your next solution - creating unstickered hardware - is not a solution. There are a few manufacturers offering a linux option (Dell, Lenovo), and a few who sell only linux hardware (system76.com). In a UEFI secure boot world, there would be < 1% of hardware that wasn't locked to Microsoft's key, while 99%+ would be locked. I know users are supposed to be able to access a BIOS screen to disable secure boot, but that makes installing Linux much more painful than installing Windows 8. Why cede the advantage to Microsoft?
The best way to fight this, I believe, is to put your time and resources into coreboot.org and the FSF.
I'm not arguing that unstickered hardware solves anything, I'm arguing that it is hard to construe the sticker program as anti-competitive. As long as the stickered hardware can boot anything, then it is a reach to say that it is harming anyone (I don't find the confusion and unnecessary difficulty arguments very compelling, people that have difficulty twiddling the bios are going to run into problems anyway).
I don't understand the details of the option rom stuff, but my superficial impression is that no other entity is particularly motivated to run a meaningful program for signing such code. And it's still an open question if Microsoft can run such a program and have it end up meaning anything.
The context of my comment was someone labeling the practice anti-competitive. That's where harm comes into the picture.
I'm sure that the stuff will continue to get bad press, the idea of centrally controlled hardware is offensive to a large chunk of the people that bother to think about it.
Anti-competitive includes future harm. The way bundling IE was found anticompetitive by US and EU courts. Specifically, it is illegal to leverage monopoly in one market to gain entry to others - because history has shown that this is always abused and eventually harms society.
>Otherwise, Microsoft, Secure Boot-enabled laptops, and anything with a Windows 8 sticker will continue to get lots of bad press.
The iPad and iPhone got loads of bad press about the lockdown, the 30% cut of all in app payments and rejecting things like Android magazine apps and a bunch of other stuff. And Apple still can barely keep up with the demand. I think consumers have been conditioned by iOS not to think about openness.
By iOS? I do not remember seeing people walk the streets in protest against the closed nature of XBox, PS2, Playstation,…, or the Xerox 9700.
If you disagree, please give some proof of consumers (at large, as opposed to small groups, or at least in greater numbers than they do today) thinking of openness before iOS.
Look at the media coverage of Palladium, Trusted Computing etc.... it was brutally against it. When the iPad hit, the media was mostly about fawning over it and pushing the openness concerns under the rug for the most part.
Thanks reminding me of that case. Thinking of this, it is a nice example of why one has to start shouting for the tiniest infringement of rights. Trusted computing got press because people knew it was a battle that could lose the war. iOS and the App store, on the other hand, seemed a battle not worth fighting over when they debuted.
> The logo program doesn't stop manufacturers creating similar unstickered hardware
Effectively, it does. Microsoft routinely audits OEMs' products for logo/MDA compliance, and if any product offered under the same brand name fails the audit, then the entire company could lose all of its MS 'discounts' (that they've already likely baked into their cost accounting.)
In other words, if MS audits you, and any of your products fail the audit, then your unit cost for Windows licenses goes up significantly across all of your product lines.
It's very difficult for an OEM to simultaneously offer some products which are covered by the MS logo agreement and some which aren't.
Source: I used to work for a large OEM, and dealt with MS logo compliance on a daily basis.
That's orthogonal: the issue here is that if you want to sign a bootloader (or anything else) then you can only do it with a single key. While there's nothing stopping Win8 stickered machines containing two keys, you can be sure that not all of them will, so you need to sign your code with a Microsoft-derived key if you want it to work everywhere. That means you can't sign it with your own key.
This is anti-competitive and should not be acceptable. The UEFI specification needs to be fixed before vendors are forced to comply with it. It is disappointing that this won't happen.