Microsoft has announced a relaxation of its “Secure Boot” guidelines for OEMs, allowing companies to sell computers pre-loaded with Windows 10 that will refuse to boot any non-Microsoft OS.
At issue is UEFI, a security toolkit that allows computer users to verify operating systems before they are loaded. Like many security measures, the devil is in the details: if you get to tell your computer which OSes you trust, this is a powerful defense against malware. If someone else gets to decide whom to trust, you are totally at that entity’s mercy. If, for example, they capitulate to state requests to install back doors (as Microsoft did with Skype), you can’t protect yourself by finding a vendor with more integrity.
This kind of lockout magnifies existing power imbalances. Take Microsoft’s relationship to China: the company has already cooperated with the Chinese government’s online censorship and surveillance efforts. If China mandates that Microsoft OEMs must ship PCs that will only boot surveillance-backdoored versions of Windows, it will be that much harder to push back against the state — by dramatically lowering the cost of spying by an autocratic regime, Microsoft would enable much more surveillance at the same price.
China isn’t the only state anxious to backdoor its national IT infrastructure: UK Prime Minister David Cameron has vowed to backdoor all crypto used in the UK if he’s re-elected.
It’s an instance of Doctorow’s first law: “any time someone puts a lock on something that belongs to you, and won’t give you the key, that lock isn’t for your benefit.” It’s a predictable and dismal salvo in the war on general purpose computers.
The policy is not yet finalized, which is a ray of hope. The last time Microsoft announced a similar policy, it backed down after public disapproval and rumblings from anti-trust regulators. With luck, the same dynamic will play out this time.
At its WinHEC hardware conference in Shenzhen, China, Microsoft talked about the hardware requirements for Windows 10. The precise final specs are not available yet, so all this is somewhat subject to change, but right now, Microsoft says that the switch to allow Secure Boot to be turned off is now optional. Hardware can be Designed for Windows 10 and can offer no way to opt out of the Secure Boot lock down.
The presentation is silent on whether OEMS can or should provide support for adding custom certificates.
Should this stand, we can envisage OEMs building machines that will offer no easy way to boot self-built operating systems, or indeed, any operating system that doesn’t have appropriate digital signatures. This doesn’t cut out Linux entirely—there have been some collaborations to provide Linux boot software with the “right” set of signatures, and these should continue to work—but it will make it a lot less easy.
Windows 10 to make the Secure Boot alt-OS lock out a reality [Peter Bright/Ars Technica]