Linux Foundation: Secure Boot Need Not Be a Problem
By Katherine Noyes PCWorld
There’s been considerable concern in recent weeks over the secure boot mechanism planned for Microsoft’s upcoming Windows 8, primarily among Linux users and others worried that the technology will make it impossible to run alternative operating systems on Windows 8 certified PCs.
Such fears were only compounded when the Free Software Foundation weighed in with its own statement of concern about what the technology might mean for users of free and open source software.
On Friday, however, the Linux Foundation added its own voice and perspective to the mix with an explanation of why secure boot doesn’t necessarily have to be a bad thing for Linux users.
‘If It Is Implemented Properly’
Secure boot offers “the prospect of a hardware-verified, malware-free operating system bootstrap process that can improve the security of many system deployments,” write Linux Foundation Technical Advisory Board Chair James Bottomley and Technical Advisory Board Member Jonathan Corbet in the group’s six-page document (PDF).
“Linux and other open operating systems will be able to take advantage of secure boot if it is implemented properly in the hardware,” they add.
That’s a big “if,” of course, and the paper makes several key recommendations to help ensure that happens.
‘The Only Bootable Operating System’
At the heart of the Unified Extensible Firmware Interface (UEFI) secure boot protocol are Platform Keys (PKs)–which are designed to be controlled by the owner of the hardware in question–and Key-Exchange Keys (KEKs), which are controlled by the hardware and operating system vendors, the paper explains.
“This separation is vital because it allows the platform owner to decide which keys they trust without compromising the ability of the KEK controllers to assure themselves that the OS booted securely,” Bottomley and Corbet write.
The implementation of UEFI described by Microsoft’s Steven Sinofsky, however, “runs counter to the UEFI recommendation that the platform owner be the PK controller and would ensure that the Windows operating system would then become the only bootable operating system on the platform,” the paper notes.
An Open ‘Setup Mode’
While that may be a valid choice for some informed users, it’s also essential that users be able to regain control by resetting their hardware back to setup mode, the authors argue.
Toward that end, all hardware should ship in an open “setup mode” with no platform key installed. That way, hardware owners can install the platform key of their choice or let their operating system do so for them, Bottomley and Corbet explain.
It should also be possible for the owner of a piece of hardware to return a system back to setup mode in the future, they add. Meanwhile, there needs to be a firmware-based mechanism for adding new KEKs to make dual-boot systems possible, as well as one for easy booting of removable media.
Time Will Tell
The Linux Foundation’s paper specifies in considerably more detail how UEFI can best be implemented for compatibility with both open and closed operating systems, but in essence the bottom line seems to be this open setup mode that can be restored at any time and the ability to add new KEKs to the firmware.
Red Hat and Canonical, incidentally, also spoke out on Friday with their own take on the situation (PDF), including a number of like-minded suggestions.
Only time will tell how Microsoft ends up implementing the technology, but it’s nice to hear it confirmed that UEFI won’t necessarily be a problem for Linux users.