216 lines
11 KiB
HTML
216 lines
11 KiB
HTML
<?xml version="1.0" encoding="UTF-8" ?>
|
||
|
||
<html>
|
||
<version>1</version>
|
||
|
||
<head>
|
||
<title>"Secure Boot": Who will control your next computer?</title>
|
||
</head>
|
||
<body class="article" microformats="h-entry">
|
||
|
||
<p id="category">
|
||
<a href="/freesoftware/freesoftware.html">Free Software</a>
|
||
</p>
|
||
|
||
<h1 class="p-name">"Secure Boot": Who will control your next computer?</h1>
|
||
|
||
<div class="e-content">
|
||
<p class="p-summary">FSFE's goal is to ensure that the owners of IT devices are always in full
|
||
and sole control of them. <!-- German: permanent die volle und alleinige
|
||
Verfügungsgewalt über ihre IT-Geräte innehaben) --> This fundamental principle
|
||
is recently being challenged.</p>
|
||
|
||
<p>With a function called "Secure Boot", which will be deployed in computers
|
||
starting 2012, manufacturers of IT hardware and software components are
|
||
striving to get into a position where they permanently control the IT devices
|
||
they produce. Hence such devices will be "secure" from the manufacturer's
|
||
perspective, but not necessarily from the owner's point of view. As a result, the owner could
|
||
be treated as an adversary. By preventing uses of the device which the
|
||
manufacturer does not intend, they can control and limit what a general purpose
|
||
IT machine (e.g. a PC, laptop, netbook) may be used for. In case of IT devices
|
||
with internet access, they can alter these usage restrictions at any time
|
||
without even informing the device owner. As a result, IT manufacturers can take away common rights owners of products usually receive at will.</p>
|
||
|
||
<h2>"Secure Boot": Gatekeeper before the operating system</h2>
|
||
|
||
<p>When powered on, IT devices execute a startup process called booting. In
|
||
case of computers this startup process is comprised of executing firmware. This
|
||
firmware, in turn, starts another program called a boot loader, which then
|
||
launches the actual operating system, on top of which applications can be
|
||
executed. In 2012 the industry-wide transition of PCs, notebooks, servers, and
|
||
other computers' firmware from conventional BIOS to <a
|
||
href="http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface">UEFI</a> will be mostly
|
||
complete. Compared to conventional BIOS, UEFI has several advantages, such as
|
||
faster boot time, operating system independent drivers, and the promise of
|
||
extended security.</p>
|
||
|
||
<p>The security aspect is handled by a function called "Secure Boot". Since
|
||
UEFI 2.3.1 (released April 8, 2011) "Secure Boot" ensures that during the boot
|
||
process only software will execute, which complies with one of predeployed
|
||
cryptographic signatures. This is done to prevent unwanted software from being
|
||
executed during the startup of the computer, by cryptographically verifying a
|
||
signature of each software component (various stages of the UEFI firmware, the
|
||
boot loader, the operating system kernel, etc.) before starting it. Therefore
|
||
the cryptographic signatures to be utilised have to be deployed in the UEFI
|
||
signature database of each IT device equipped with UEFI "Secure Boot",
|
||
<strong>before</strong> a cryptographically signed software component can be
|
||
started on that specific machine.</p>
|
||
|
||
<p>FSFE expects that the vast majority of the computer manufacturers will
|
||
implement "Secure Boot", as Microsoft <a
|
||
href="http://msdn.microsoft.com/en-us/library/windows/hardware/hh748200.aspx">has
|
||
announced</a> that computer manufacturers must implement UEFI "Secure Boot",
|
||
if they want to acquire a Windows 8 certification for devices they build, e.g.
|
||
for putting the "Compatible with Windows 8" logo on them. </p>
|
||
|
||
<aside>
|
||
<h2>The computer: a general purpose machine</h2>
|
||
|
||
<p>Evolving the computer as a general purpose machine over the past decades,
|
||
our society has created a powerful tool to perform all kinds of tasks with a
|
||
single machine. Now IT manufacturers have discovered that they may have an
|
||
economic interest to arbitrarily limit what these machines can achieve. With
|
||
"Secure Boot" the owners of IT devices will not be able to independently
|
||
determine the usage of their machines, as they cannot decide which software to
|
||
run.</p>
|
||
|
||
<p>The entity who eventually controls which software can be executed on a
|
||
device and thus determines the specific functions the device performs,
|
||
ultimately can control any data processed and stored by the device. In result,
|
||
the owner of an IT device may not be in sole control of their own data any
|
||
more.</p>
|
||
</aside>
|
||
|
||
<h2>For which devices does this apply?</h2>
|
||
|
||
<p>Currently many people base their analysis of the UEFI situation on the
|
||
"Windows 8 Hardware Certification Requirements", published by Microsoft in
|
||
December 2011. It is understood that Microsoft did not and still does not have
|
||
to make any versions of these hardware-certification requirements public, as
|
||
they are the base of an individual contract between Microsoft and each hardware
|
||
manufacturer seeking to obtain Microsoft's Windows 8 Certification for their
|
||
computer-products. Hence the "Windows 8 Hardware Certification Requirements"
|
||
can change anytime without public notice, or specific details of the
|
||
logo-requirements may differ between manufacturers: Everything happens at
|
||
Microsoft's will and mostly behind closed doors. Thus nobody can rely on the
|
||
published version of the "Windows 8 Hardware Certification Requirements" being
|
||
static, but realise the details devised for "Secure Boot" as a "moving
|
||
target".</p>
|
||
|
||
<p>So the problem of "Secure Boot" is not necessarily limited to "Connected
|
||
Stand-By Systems" (probably a large share of the future market of notebooks,
|
||
netbooks and PCs) and computers based on ARM microprocessors (mainly tablets
|
||
and mobile phones), but can be expanded to any other type of devices by
|
||
Microsoft anytime. Equally, hardware manufacturers not producing Windows 8
|
||
devices may deploy UEFI "Secure Boot" or other boot processes restricted by the
|
||
help of cryptographic signatures. TiVo has been doing this for a decade, and
|
||
various gaming consoles from Sony to Microsoft are using cryptographically
|
||
restricted boot processes as well. Other device manufacturers may employ
|
||
specifications or requirements similar to the "Windows 8 Hardware Certification
|
||
Requirements", in order to artificially restrict the capabilities of IT
|
||
devices.</p>
|
||
|
||
<h2>Restrictions to be extended to applications?</h2>
|
||
|
||
<p>While the UEFI "Secure Boot" specification (as well as the specifications of
|
||
the Trusted Computing Group defining "Trusted Boot") covers the primary boot
|
||
process up to the operating system's kernel, the infrastructure to extend
|
||
signature-checking to all software running on a computer is mature and working
|
||
in various operating systems. But beside Windows 8 it is currently only
|
||
enforced for Windows device drivers.</p>
|
||
|
||
<h2>Threat to general purpose computing</h2>
|
||
|
||
<p>If all these measures would be solely under control of device owners, these
|
||
could be in their best interest, helping them to enhance security of the boot
|
||
process, which today is mostly unsecured. This would be the case
|
||
<strong>if</strong> the security subsystems specified by the UEFI forum and the
|
||
Trusted Computing Group (TCG) would <strong>technically</strong> <!-- they can
|
||
guarantee a lot, but they have to do it technically --> guarantee the owner's
|
||
permanent, full and sole control over configuration and management of these
|
||
security subsystems, which includes the creation, storage, use and deletion of
|
||
cryptographic keys, certificates and signatures. But as soon as other entities
|
||
beside the device owner can utilise these security subsystems, this enables
|
||
them to preclude unintended or simply unforeseen usages of these IT
|
||
devices.</p>
|
||
|
||
<p>Hence, with the implementation of "Secure Boot", the availability of true
|
||
general purpose computers under full owner control may be greatly reduced.
|
||
Devices significantly restricted by measures as "Secure Boot" under company
|
||
control are usually called appliances or special purpose computers (e.g. media
|
||
centres, telephones, book readers). Thus at least some Windows 8 devices will
|
||
rather constitute a Windows appliance than a customary computer. While there
|
||
may be a market for such computing appliances, the FSFE strongly calls for
|
||
clearly labelling such IT devices as restricted to use models foreseen by a
|
||
company, in order to duly inform a potential buyer.</p>
|
||
|
||
<h2>Is circumventing these restrictions an option?</h2>
|
||
|
||
<p>IT savvy people may think that they have seen such measures before, and most
|
||
of them were cracked. This was the case in various models of the PlayStation
|
||
and Xbox gaming consoles, as well as many newer mobile phones. But the quality
|
||
and breadth is wider this time:</p>
|
||
|
||
<ul>
|
||
|
||
<li>UEFI "Secure Boot" is primarily aimed at traditional PCs.</li>
|
||
|
||
<li>It is backed by large parts of the IT industry, see e.g. <a
|
||
href="http://www.uefi.org/about/">the members of the UEFI Forum.</a></li>
|
||
|
||
<li>Its design and specification are the result of a collective effort of IT
|
||
engineers from various companies. It draws on a decade of experience with
|
||
signature based boot processes and hence avoids many classical pitfalls, e.g.
|
||
the lack of a properly specified and cryptographically secured firmware
|
||
(UEFI) update process.</li>
|
||
|
||
<li>It utilises hardware based security subsystems, e.g. as specified by the
|
||
TCG (TPM or MTM, and accompanying specifications): While the UEFI
|
||
specification does not mandate a specific implementation of "protected
|
||
storage" for cryptographic keys, certificates and signatures, the recent TCG
|
||
specifications (since 2011) fit well.</li>
|
||
|
||
<li>Security flaws in "Secure Boot" implementations are expected (as in all
|
||
software), but as there will be commercial competition between UEFI vendors,
|
||
it is in their best interest to resolve these security flaws. In contrast, in
|
||
the past only individual manufacturers implemented cryptographically
|
||
restricted boot processes for their own, specific devices: TiVo Inc. for
|
||
their TIVOs, Microsoft for various generations of their Xbox, as well as Sony
|
||
for their Playstations. </li>
|
||
|
||
</ul>
|
||
|
||
<p>Furthermore, even though many of similar usage restrictions have been cracked
|
||
in the past, this only shows that their technical implementations were flawed
|
||
and open to malware, hence not providing the "security" they were designed for.
|
||
Although this is likely to apply to some "Secure Boot" implementations as well,
|
||
breaking such mechanisms can never be a solution for freedom issues or the lack
|
||
of controllability by the device owner.</p>
|
||
|
||
<h2>FSFE's demands</h2>
|
||
|
||
<p>For maintaining sustained growth in the development and use of software, the
|
||
broad availability of general purpose computers is crucial.</p>
|
||
|
||
<p>FSFE demands that before purchasing a device, buyers must be informed
|
||
concisely about the technical measures implemented in this device, as well as
|
||
the specific usage restrictions and their consequences for the owner.</p>
|
||
|
||
<p>Furthermore, FSFE strongly recommends to exclusively purchase IT devices
|
||
which grant their owners full, sole and permanent control over security
|
||
subsystems (e. g. signature-based usage restrictions), in order to maintain the
|
||
ability to install arbitrary software and lastly to retain exclusive control
|
||
over one's own data.</p>
|
||
</div>
|
||
<!--/e-content-->
|
||
|
||
</body>
|
||
|
||
<sidebar promo="our-work" />
|
||
|
||
<author id="kirschner" />
|
||
<date>
|
||
<original content="2012-06-01" />
|
||
</date>
|
||
</html>
|