[vox] Linux booting in doubt [Was: Linux systems back at Dell]

timriley at appahost.com timriley at appahost.com
Sat Mar 24 16:05:53 PDT 2012 

> -------- Original Message --------
> Subject: Re: [vox] Linux systems back at Dell
> From: Bob Scofield <scofield at omsoft.com>
> Date: Fri, March 23, 2012 10:51 pm
> To: LUGOD's general discussion mailing list <vox at lists.lugod.org>
> 
> 
> On 03/23/2012 01:11 PM, Brian Lavender wrote:
> > Dell started selling preinstalled GNU/Linux systems again.
> >
> >
> 
> I'm glad to see it from my quasi-paranoid perspective.  As Alex and I 
> suggested in the thread on the Windows 8 secure boot, it may turn out 
> that it is up to the OEM's whether Linux will be booted on future 
> computers.

Hummm.

>  While the discussion on this topic has been vague

It started with the hypothesis that Linux may
soon not be able to dual-boot with Windows.

> and 
> inconclusive,

We learned that Apple tried to get its BIOS to
exclusively boot its proprietary user interface,
which runs BSD UNIX. But they couldn't keep the
interface a secret and were foiled. Linux boots on
Apple's firmware interface. 

> the worst case scenario may be  that in the future whether 
> or not Linux will run (other than on VMWare type programs) might depend 
> on the availability of computers built to run Linux.

Completely excluding Linux would require Microsoft to sign an exclusive
contract with Dell, again. When they colluded in the 1990s to fold
Netscape, Janet Reno, President Clinton's Attorney General,
almost got Microsoft declared a monopoly. But Microsoft dodged
a bullet when George W. Bush got elected.

I'm sure the Microsoft Board of Directors has voted to
form a vision for when Linux is gone. And many Microsoft
decisions progress towards this goal. But could they
really prevent the interface of the BIOS from booting
Linux? I think the Microsoft Board of Directors also
has voted to form a strategy to prevent their software
from being pirated. Their strategy includes a Windows
interface to the BIOS's security chip. The implementation
is called Secured Boot.

Usually, a new computer arrives already booting
Windows, and then you don't touch Windows. Instead, you
boot a live version of Linux and have it self-install.

The install overwrites the first 512 bytes of drive C:.
These bytes are reserved as the boot loader. An operating
system developer has 512 bytes to get the BIOS to
skip down to the desired disk block and start loading
the developer's operating system.

The boot loader you're probably running is GRUB.
The authors of GRUB have made it easy to couple many
different BIOSs with many different operating systems,
including Windows.

So, even with GRUB programmed to start loading Linux,
and start placing it at memory address zero,
could Microsoft interrupt this process? Google returned
an article proclaiming "This [Microsoft 8] could pose
a problem for Linux users ..."

The Windows 8 Secure Boot is executing instructions
of the Unified Extensible Firmware Interface (UEFI).
The UEFI is a specification of algorithms that form
a layer between the BIOS and the operating system.
These algorithms ensure that software installed
are not Trojan Horses and the like. These algorithms
generate a public/private key exchange with the
security chip. Could Microsoft force the firmware
interface to authenticate only with Microsoft?

The owner of the UEFI is a not-for-profit organization
of many corporations, including AMD. It's called the
Trusted Computing Group (TCG). The TCG licenses
the UEFI to hardware manufacturing companies for free.
The license requires that devices have a Trusted
Platform Module (TPM) security chip installed. The chip
authenticates software as its being loaded.

Microsoft is an operating system company. They would
have to collude with Dell, a manufacturing company,
to violate the UEFI license. Instead, Microsoft uses
the UEFI to have Windows 8 reject non-licensed
software before being loaded from the disk drive into
memory.

Keep in mind, it's the boot-loader that's in
complete control of what happens at time=zero. GRUB
can always load Linux. Linux is free to use the
Unified Extensible Firmware Interface (UEFI)
instructions.

> 
> Bob
> _______________________________________________
> vox mailing list
> vox at lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox

More information about the vox mailing list