Yesterday the German Ministry of the Interior published a white paper about "Trusted Computing" and "Secure Boot". The white paper says that "device owners must be in complete control of (able to manage and monitor) all the trusted computing security systems of their devices." This has been one of FSFE's key demands from the beginning. The document continues that "delegating this control to third parties requires conscious and informed consent by the device owner".
Another demand by the FSFE is adressed by the government's white paper. That before purchasing a device, buyers must be informed concisely about the technical measures implemented in this device, as well as the specific usage restrictions and their consequences for the owner: "Trusted computing security systems must be deactivated (opt-in principle)" when devices are delivered. "Based on the necessary transparency with regard to technical features and content of trusted computing solutions, device owners must be able to make responsible decisions when it comes to product selection, start-up, configuration, operation and shut-down." And "Deactivation must also be possible later (opt- out function) and must not have any negative impact on the functioning of hard- and software that does not use trusted computing functions."
"It is an important step, that a government now takes a firm stand on "Secure Boot", too. We as a society have to make sure, that we are in control of our computers, so everyone can install arbitrary software and is able to retain exclusive control over his own data. Full, sole and permanent control over security subsystems is necessary for this.", says Matthias Kirschner, German Coordinator of the FSFE. "Now the Government has to implement their position when buying new hardware."