Dangerous Concessions: Red Hat, Fedora and the Secure Boot Shocker
Jun 11, 2012 5:00 AM PT
Well it's been a jubilant few weeks here in the Linux blogosphere, thanks largely to some of the spectacularly sane decisions coming out of the tempestuous case of Oracle v. Google.
There have been parties in the streets, celebrations in the cafes, and rowdy songs aplenty being sung down at Linux Girl's favorite Punchy Penguin Saloon.
So exuberant have been the celebrations, in fact, that Linux Girl quickly lost track of time amid all the revelries. Late last week, more than a few Tequila Tux cocktails later, she lifted her head from the bar once again only to find the mood had shifted dramatically.
'Signed With a Microsoft Key'
"Microsoft will be offering signing services through their sysdev portal," wrote Red Hat developer Matthew Garrett in a blog post late last month. "It's not entirely free (there's a one-off $99 fee to gain access), but it's cheaper than any realistic alternative would have been. It ensures compatibility with as wide a range of hardware as possible and it avoids Fedora having any special privileges over other Linux distributions.
"If there are better options then we haven't found them," Garrett added. "So, in all probability, this is the approach we'll take. Our first stage bootloader will be signed with a Microsoft key."
How innocent words can seem when taken apart from their meaning; put in context, the result was nothing short of a bomb going off in the Linux blogosphere's main downtown.
'A Clear Case of Abuse'
"How can this be legal and not an abuse of their monopoly power?" Slashdot blogger nurb432 demanded to know, for example. "Aside from the fact you can turn it off (for now), it still sounds like a clear case of abuse to me and someone should be talking to an attorney about this."
Indeed, "it's entirely obvious how this makes it harder for the little man to get ahead in the game," agreed ZeroSumHappiness among the nearly 800 comments in the same Slashdot discussion.
And again: "Any proper system would have the end user hold the root key for the system and they could choose (or not) to bless certs from various vendors (or just directly sign the bootloader)," sjames pointed out. "Of course, MS doesn't want a proper system, they want lock-in."
And one more time: "No, $99 is not a big deal for Redhat," wrote sl4shd0rk. Trusting Microsoft, however, is, sl4shd0rk added: "'Ooops, lol.. guess we borked your key sign just before you had that big competing product release. Gee, sorry. We'll get that fixed right away'."
'I Was Profoundly Disappointed'
Such was the dismay over Red Hat's concession, in fact, that Tim Burke, the company's vice president for Linux engineering, was compelled to add further explanation last Monday -- to the tune of an additional 400-plus comments in yet another Slashdot discussion.
Did his words calm the roiling waters of the Linux blogosphere? That depends who you ask.
"I was profoundly disappointed to see that Red Hat was legitimizing Microsoft's claim over the boot process," Google+ blogger Linux Rants told Linux Girl.
'A Sad State of Affairs'
In fact, "I would like to see a rebellion over Microsoft's demands," Linux Rants suggested. "I would like to see hardware vendors coming down on the side of the end users for once."
Microsoft "has no real authority here," he added. "If hardware vendors as a whole told them no, Microsoft would have to back down."
Unfortunately, "hardware vendors lose motivation to do that when end users are apathetic about it, and alternate OS vendors submit to Microsoft's demands," Linux Rants explained. "This will only strengthen Microsoft's hold on the desktop market. It's a sad state of affairs."
'I Hope Anti-Trust Authorities Look into This'
Google+ blogger Kevin O'Brien saw it similarly.
"This certainly gives me a bit of concern because it puts Microsoft in the position of controlling the hardware and being a gatekeeper on what can be installed," O'Brien explained.
"IS there any evidence that they have ever had this kind of power and *not* used it to crush their competition?" O'Brien wondered. "I hope the anti-trust authorities look into this."
'The Weak Link in the Chain'
Red Hat "should never rely upon M$ for anything as fundamental as booting," asserted blogger Robert Pogson. "There's just no way increasing the complexity of the boot process and putting M$ and its 'partners' as the weak link in the chain is an improvement on anything."
If the secure boot feature can't be disabled, "getting hundreds of distros to boot on random hardware will get harder," Pogson added. "GNU/Linux was at a stage where complete newbies could install and boot. Soon GNU/Linux installers will be treated as malware. Great..."
Instead of joining the ranks of Microsoft's partners, "Red Hat and others should obtain injunctions on the basis of anti-competition law," Pogson suggested. "There's no reason 'secure boot' should exclude GNU/Linux. It's not malware. If the owner of the system wants to install any OS, they should be able to do that without M$'s permission."
'More Harm Than Good'
Red Hat's solution may be good for Red Hat customers and Fedora users, Google+ blogger Alessandro Ebersol told Linux Girl.
"But it's bad when it legitimates the UEFI locked boot, so M$ can escape anti-trust prosecution," Ebersol asserted. "M$ is trying to pull off an Apple, which locks its machines' boots. But then, Apple is a hardware maker, and M$ isn't."
At the end of the day, "I think this move from Red Hat does more harm than good, for the whole Linux ecosystem," he concluded. "It remains to be seen if this farcical nonsense from M$ (UEFI Locked Boot) will stick. I'm guessing it won't."
'Microsoft Should Not Be in Control'
The solution is "actually a lot better than I thought it would be, since $99 for the distro's publisher isn't bad," consultant and Slashdot blogger Gerhard Mack opined.
However, "having said that, Microsoft should not be in control of the master certificate," Mack added. "Some organization of PC manufacturers should handle it, and Microsoft should be a customer rather than the proprietor to reduce the possibilities for abuse."
Slashdot blogger hairyfeet, on the other hand, felt the whole topic was "much ado about nothing," he told Linux Girl.
'Insane Conspiracy Theory Territory'
"Saying that someone who is 1) smart enough to know what Linux is and to install their own OS; 2) smart enough to find and download an ISO and to burn said ISO; is also 3) too stupid to flip a switch in BIOS seems to stretch the suspension of disbelief into insane conspiracy theory territory," hairyfeet opined.
"Then there is the fact that secure boot makes NO sense for a good 99 percent of the Linux distros out there, since it's tied to the kernel," hairyfeet went on. "As we all know, the Linux kernels get updated with more frequency than Snooki's wardrobe, so it would be completely pointless to even bother with it when it comes to Linux distros."
In fact, "the ONLY reason that it makes sense in the case of RHEL is the simple fact that, like most things built for enterprise markets, it's EXTREMELY conservative when it comes to updates, so frankly they stick with the old kernels a LOT longer than anybody else," hairyfeet concluded.
"The few companies that keep a kernel long enough to need or desire certification can get it," he added. "Everyone else can have a three-line how-to on their download page."
'This Is a Big Deal'
Much ado about nothing? Others weren't so sure.
"I don't think we really know what the antitrust fallout for this is yet," began Chris Travers, a Slashdot blogger who works on the LedgerSMB project. "I would personally rather see Red Hat sue Microsoft than pay them.
"Microsoft is probably vulnerable here," he explained. "I would also be surprised if regulators in the US and Europe aren't watching Microsoft here deciding whether to pursue additional actions against them."
In short, "they are probably less vulnerable in the ARM space, but in the desktop space this is a big deal," Travers concluded.