is this true
russellmcormond at gmail.com
Tue Oct 4 19:37:05 UTC 2011
On Mon, Oct 3, 2011 at 10:14 AM, Stephen M. Webb <stephen at ubuntu.com> wrote:
> Well, first off, don't expect hardware vendors to supply any way to
> update their silicon (ie. burn new keys into the UEFI boot ROMs). At
> least, not without some kind of private keys from the silicon vendor
> for which you will have to sign umpteen NDAs and pay through the
> nose. These guys leaned from the BIOS fandango of the past.
I doubt we are talking about ROM hardware, but something that is
writeable that has a write-protect. You discuss this below, but feel
the above discussion of ROM was misleading.
> Second, if just anyone can put their keys into the boot ROM, it
> defeats the purpose of having keys in the boot ROM. It would be like
> having an iron front door with a big combination lock on it and a
> nice, convenient way for anyone to set that combination from the
> outside, including the thieves who want to break in.
While I disagree with the above, that isn't why I'm replying.
Having code from the BIOS downward needing to be signed is valuable
even if keys could be changed in the same way that a BIOS could be in
the past. Part of why BIOS became insecure was because the rest of
the software down the stack wasn't secure, and a break-in to the
kernel allowed a BIOS manipulation that would come into effect the
> The only way to provide people with the ability to put their own OS on
> secure boot devices would be to provide a physical disable switch that
> can not be accessed through software. This limits the vulnerability
> to social engineering approaches, and even those are reduced because
> the target population is less likely to open a case and flip a DIP
> switch on a circuit board because a dialog box told them to.
> The chance of an ODM spending money on the extra traces and hardware
> to add such a switch, and of them getting the firmware right and even
> tested, are as large as their margins. In other word pretty close to
This is why I don't think this is a technical problem, but a social
sciences (economics, etc) problem that needs a social sciences (law)
solution. We need to solve what I consider digital exceptionalism, or
the treatment of digital hardware property very different than how we
treat any other tangible property.
The longer version of my answer to this problem is here:
Will governments protect all property rights from all threats?
The point-form policy proposals are:
- That the owner be protected in their right to change the locks on
any hardware that they own. This would be similar to our rights for
our homes where we can hire a locksmith to change any locks and
provide new keys.
- That hardware manufacturers, or other previous owners, must provide
any keys to the new owners as part of the sale.
- The manufacturer/previous owner should be prohibited from denying
the owners the ability to manage keys. This would include disallowing
the sale in the province of hardware where the owner is denied the
ability to manage their own keys.
In this specific case we are talking about digital signatures, so it
isn't the owner being given "the keys" that is the issue but the
ability of the owner to be the one to determine what signing keys are
installed. What I am suggesting is that it be mandatory and enforced
by provincial governments that such a mechanism exist (IE: that the
OEMs have to spend the money on the extra traces/etc discussed above)
in order for the hardware to be lawful for *sale* in the province.
Sure, you can *rent* hardware where the one possessing doesn't
manage the keys, but for something to be considered a *sale* then the
owner must be able to manage keys. In the case of rental agreements,
there are other laws that regulate those agreements that are very
different than relationships involving the transfer of property
Russell McOrmond, Internet Consultant: <http://www.flora.ca/>
Please help us tell the Canadian Parliament to protect our property
rights as owners of Information Technology. Sign the petition!
"The government, lobbied by legacy copyright holders and hardware
manufacturers, can pry my camcorder, computer, home theatre, or
portable media player from my cold dead hands!"
More information about the ubuntu-ca