Linus Torvalds speaks out with a Secure Boot plan

'Instead of pleasing Microsoft, try to see how we can add real security," the Linux creator urged.

By Katherine Noyes, PC World |  Operating Systems, linus torvalds, secure boot

The ongoing "Secure Boot" saga has already caused no end of controversy in the Linux community over the past eighteen months or so, but the vitriol that's been made apparent so far pales in comparison with that evident in a recent debate on the Linux kernel developer mailing list.

It all started last Thursday, when Red Hat developer David Howells submitted a request for changes to be made to Linux kernel 3.9 to extend Linux support for Secure Boot.

"Guys, this is not a d**k-sucking contest," was the response from Linux creator Linus Torvalds. "If Red Hat wants to deep-throat Microsoft, that's *your* issue. That has nothing what-so-ever to do with the kernel I maintain."

'Stop the fear mongering'

Fedora's solution to the Secure Boot problem--by which technology enabled in the Unified Extensible Firmware Interface (UEFI) on Windows 8 hardware requires an appropriate digital signature before an operating system is allowed to boot--has been to get its first stage boot loader, or "shim," signed with a Microsoft key.

Though it did receive a nod of at least partial support from the Free Software Foundation, that solution has been controversial.

It was when it came to including modifications in the kernel itself, however, that Torvalds drew the line.

Responding to Red Hat developer Michael Garrett's suggestion that Microsoft could otherwise choose to "blacklist" a distribution's bootloader, leaving the user unable to boot Linux, Torvalds wrote, "Stop the fear mongering already.

"Instead of pleasing Microsoft, try to see how we can add real security," he added.

'Let the user be in control'

Torvalds' own plan calls for Linux distributions to sign their own modules by default, but nothing else.

Users should be asked for permission, meanwhile, before any third-party module is loaded, he wrote. "Not using keys," he added. "Nothing like that. Keys will be compromised. Try to limit the damage, but more importantly, let the user be in control."

Per-host random keys should be encouraged, Torvalds advised, even with the "stupid" UEFI checks disabled entirely if required. "They are almost certainly going to be *more* secure than depending on some crazy root of trust based on a big company, with key signing authorities that trust anybody with a credit card."

'It shouldn't be about MS'

UEFI, in fact, is more about control than it is security, he added.

All in all, "it really shouldn't be about MS blessings, it should be about the *user* blessing kernel modules," Torvalds concluded.

There's been plenty more discussion since Torvalds outlined his view, of course, including his own, more detailed implementation plan later that same day.

The bottom line, however, is that as long as Torvalds is in charge, accommodation for Secure Boot won't be found in the heart of Linux itself.

Don't miss...

25 crazy and scary things the TSA has found on travelers

Truth in IT job postings: What those want ads really mean

The 6 biggest tech companies you (probably ) never heard of

  Sign me up for ITworld's FREE daily newsletter!

Originally published on PC World |  Click here to read the original story.
Join us:






Operating SystemsWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question