Secure boot is the sort of security solution Microsoft loves. Back in the days when Windows was even less secure than it is now, one of their security solutions was to have software vetted and signed. Although this might have helped enterprise customers a bit, it did little to make the home user more secure, as any software would still install normally after clicking through an “are you sure” warning. If this scheme did anything, it hurt small vendors who couldn’t afford to go through the process of having their software approved by Redmond.
Secure boot is the same sort of scheme, except this time there’s no “are you sure” screen to click through. If a user is trying to install an operating system (or even run one from a live CD) on a machine with secure boot enabled, that operating system will have to have unlock keys to enable hardware devices. These keys are provided to the creator of the operating system at the whim of the hardware makers.
I can’t begin to explain the number of things wrong with this system. To begin with, for this feature to fulfill its intended purpose, the keys must be kept secret. Nobody but the hardware maker and, perhaps, the OS distributor, can have access to them – meaning they probably must be kept in binary form with no source code being made available.
This is how MS plans to protect you from malicious boot viruses. They’re requiring OEMs who want to certify their devices with the Windows logo to implement this feature – and they’re not requiring these OEMs to offer a way for the user to disable it. And, as I said, it all depends on keeping the unlock codes secret. How long do you suppose that will last?
I’ll bet you dollars to doughnuts that within weeks, if not days or hours, of Windows 8’s release the secure boot unlock codes will be broken and available on the Internet. The jailbreakers, the counterfeiters, the hackers and crackers will be able to install anything they want on any machine, whether secure boot can be disabled or not. As soon as that happens, malicious bootkits will be found in the wild that can get around secure boot as easily as a little kid can get around a childproof safety cap.
Within six months of the release of Windows 8, the only people who’ll have trouble breaking secure boot will be consumer users who want to install an OS that doesn’t natively speak secure boot on their computers – which will probably mean any OS other than Windows.
I am not a coder, nor do I fancy myself as any kind of security expert. If I can figure out that secure boot will barely be a speed bump for the bad guys, but will be a killer for the casual computer enthusiast, wouldn’t it be safe to figure that the geniuses at Microsoft understood this long before the decision was made to require the feature’s full use by OEMs who want one of those nifty “certified Windows 8” stickers on their boxes?
Is their purpose to stop Linux? I don’t think so, not entirely. The folks up in Redmond aren’t that stupid, no matter how much of Starbuck’s coffee flavored Kool-Aid they’ve been drinking. They know they’re not going to stop a determined penguinista from installing a Linux distro by just throwing a few tacks in the road. I think they’re going after the new user, the person who wants to try their first Linux install.
The other day I was thumbing through the September 19th edition of eWeek. I stopped to read a PR piece on Windows 8 by Nicholas Kolakowski, which read like an advertisement for MS. In the article there was one paragraph that got me thinking:
“Through its official ‘Building Windows 8’ blog, Microsoft has offered select glimpses into the operating system’s nuts and bolts, including USB 3.0 support, fast boot times and the ability to run multiple virtualized operating systems on the same physical machine (emphasis mine).
Maybe MS doesn’t care if tons of home users decide to give Linux a try, as long as they do it atop Windows. A virtualized Linux running in Windows still counts, market share wise, as Windows. And the new user will still have to go through Windows, which he or she knows, to get to Linux, which he or she is just learning. I imagine most would quickly ask, “What’s the use?” and just return back to “old reliable” Windows.
This also could be a defense in an anti-trust suit, if Red Hat, IBM or Google ever decides to sue over this. Microsoft could claim they’re not blocking the implementation of Linux, that folks can run Linux all they want from within Windows. They might even try to claim they’re doing Linux users a service, offering them secure boot and Windows “security protections.”
Here’s something else on which to chew: Will SUSE be the first Linux distro able to boot on a Wintel machine with secure boot enabled – using keys provided by Redmond? Just saying.