Please create an account to participate in the Slashdot moderation system


Forgot your password?
DRM Microsoft Ubuntu Windows Linux

Richard Stallman Speaks About UEFI 549

An anonymous reader writes "Despite weaknesses in the Linux-hostile 'secure boot' mechanism, both Fedora and Ubuntu decided to facilitate it, by essentially adopting two different approaches. Richard Stallman has finally spoken out on this subject. He notes that 'if the user doesn't control the keys, then it's a kind of shackle, and that would be true no matter what system it is.' He says, 'Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot.' Stallman adds that 'this is not a security feature. This is abuse of the users. I think it ought to be illegal.'"
This discussion has been archived. No new comments can be posted.

Richard Stallman Speaks About UEFI

Comments Filter:
  • The Right To Read (Score:5, Informative)

    by andrew3 ( 2250992 ) on Tuesday July 17, 2012 @10:06PM (#40681021)

    Richard's story, The Right To Read [], has already sort of predicted this move.

    But not only were [free operating systems] illegal, like debuggers—you could not install one if you had one, without knowing your computer's root password. And neither the FBI nor Microsoft Support would tell you that.

    Despite what people say about Restricted Boot, it opens up the world of computers to a whole new set of attacks... by megacorporations like Microsoft.

  • Re:Crippled Hardware (Score:5, Informative)

    by Altanar ( 56809 ) on Tuesday July 17, 2012 @10:12PM (#40681071)
    Don't like it? Go into your BIOS and turn it off. The specification mandates that it have a disable option. How hard is it to disable? Take a look at this image: []
  • by DeathFromSomewhere ( 940915 ) on Tuesday July 17, 2012 @10:51PM (#40681359)
    Can we stop using this old folksy saying now? [] It just isn't true.
  • Or do you expect such applications not to exist?

    I'd be quite surprised to see one. The only API that Microsoft allows third-party developers to use on Windows RT is WinRT (well, and web apps of course). Although it is possible to write native apps using WinRT, the dev tools make it very easy to compile those apps for multiple architectures (ARM for Windows RT, x86 and x64 for "normal" Win8). So, unless somebody intentionally limits their market share to Windows RT only, for absolutely no benefit to themselves, I really don't expect to see Windows RT-exclusive apps at all.

    Besides, most people will probably write WinRT (Metro-style) apps using a managed language, like C# or Javascript. That gets you compatibility with both Win8 and Windows RT without even the trivial hassle of recompiling.

  • Re:Crippled Hardware (Score:4, Informative)

    by phantomfive ( 622387 ) on Tuesday July 17, 2012 @11:17PM (#40681517) Journal
    Does anyone actually support this move by Microsoft?

    The way I see it, if this were about the user, they would allow the user to change the key to whatever the user wants. Then you can sign your own OS.

    We've known for a long time [] that Microsoft wants to lock other OSes out of the hardware.
  • Re:Shackles (Score:5, Informative)

    by Kjella ( 173770 ) on Tuesday July 17, 2012 @11:19PM (#40681533) Homepage

    It is even worse than that - if it is wont be possible to change the certificate on a machine and that certificate get compromized, then it means there is no security anymore neither... The device is now junk after maybe one month of owning it. You need a new device regardless. And dont tell me you have not heard of the certificates for BlueRay and so on being compromised...

    BluRay players have a private key to decrypt that can be compromised. Secure Boot only has a public key to verify so it can't be compromised, there's no secret.

    The alternative - Microsoft can remotely update the certificate, but that also mean any remote attacker who break the key can change it...

    No. If Microsoft was to be hacked and their signing key compromised - a pretty heavy feat of hacking in itself, they'd pull out their root key and revoke that key then create and sign a new signing key. This is PKI 101, you always have a root key for situations like this. Of course if their root key was compromised they're fucked, but that one is deep in a vault deep in the bowels of Microsoft and the only place it'd come out would be in a secure facility to sign a new signing key.

  • Re:Crippled Hardware (Score:5, Informative)

    by Mousit ( 646085 ) on Wednesday July 18, 2012 @12:20AM (#40681921)

    Don't like it? Go into your BIOS and turn it off. The specification mandates that it have a disable option..

    No, no the specification does NOT mandate that it have a disable option. The specification simply does not prohibit providing such an option (for the moment at least). The motherboard manufacturer and/or BIOS makers are completely free to not provide a disable option if they so desire.

    Whether the (lack of) option becomes common or not is another thing entirely, of course.

  • by GigaplexNZ ( 1233886 ) on Wednesday July 18, 2012 @01:36AM (#40682293)

    No-one wants to pay the Apple tax so they can run Linux on an iPad. Windows tablets would be the cheap end of the market where installing another OS is a sane option... except Microsoft are prohibiting that.

    Except that Android tablets are the cheap end of the market (well, some of them are), and already ARE Linux.

  • by BlueStrat ( 756137 ) on Wednesday July 18, 2012 @02:40AM (#40682669)

    It has become part of the culture and popular language usage.

    That's because it's an easy cop out that cannot be falsified, eg: the OP used it used in response to facts that did not support his parinoia.

    Just because one is paranoid does not mean that nobody is out to get you. Paranoia is a logical reaction when somebody or something *is* out to get you. Considering that the natural progression of government is to expand in size, scope, and power while individual liberty shrinks, OP's reaction is not unreasonable.

    "Guard with jealous attention the public liberty. Suspect everyone who approaches that jewel." - Patrick Henry

    "The Price of Liberty is Eternal Vigilance." - Thomas Jefferson

    "The course of history shows that as a government grows, liberty decreases." - Thomas Jefferson

    "There is danger from all men. The only maxim of a free government ought to be to trust no man living with power to endanger the public liberty." - John Adams

    I would rather err on the side of caution.


  • Re:Shackles (Score:3, Informative)

    by sexconker ( 1179573 ) on Wednesday July 18, 2012 @03:30AM (#40682937)

    I don't believe that ripping your own BRD is illegal, this is well-established practice and nobody can seriously complain about it.

    Anyway, if you are on OSX, there is no other way than ripping the BRD if you want to watch them.

    I don't believe you've met the DMCA. Ripping a DVD or BluRay is illegal.

  • by jeremyp ( 130771 ) on Wednesday July 18, 2012 @08:52AM (#40684767) Homepage Journal

    The word "PC" comes from "IBM PC compatible"

    No it doesn't, it is an abbreviation for the term "Personal Computer". It was in use before there even was an IBM PC.

If I have seen farther than others, it is because I was standing on the shoulders of giants. -- Isaac Newton