Saturday, October 29th 2011

Windows 8 Secure Boot: Handy Malware Backdoor for Nosy Governments?

We’ve written before how Microsoft's new secure boot feature in Windows 8 could likely be used to shut out competition and create the ultimate in walled garden consumer lock-ins – something that is very undesirable from a competition, price and consumer choice viewpoint. However, it now appears that governments could lean on Microsoft in order to install secret snooping malware on user's PCs.

Ross Anderson, professor of Security Engineering at the University of Cambridge Computer Laboratory, has written in the Light Blue Touchpaper blog, about this issue. He starts off by explaining how secure boot could limit the purchase Metro apps to only the official Microsoft app store, saying. "Even if users can opt out, most of them won't. That's a lot of firms suddenly finding Steve Ballmer's boot on their jugular." That sounds very well put and really doesn't paint a pretty picture, does it? It's exactly the same tactic as all these firms that require you to opt out of receiving their junk mail, toolbars etc when installing software, knowing full well that the majority won't.

However, this control can turn from monopolistic to sinister, because governments could potentially lean on Microsoft to give them an official key in order to install malware on user's PC's, which could be next to impossible to remove. The particular example he gives is that of Tubitak, the Scientific and Technological Research Council of Turkey, saying that he has removed their key from his web browser, but how would he identify all foreign governments' keys?
We’ve also been starting to think about the issues of law enforcement access that arose during the crypto wars and that came to light again with CAs. These issues are even more wicked with trusted boot. If the Turkish government compelled Microsoft to include the Tubitak key in Windows so their intelligence services could do man-in-the-middle attacks on Kurdish MPs' gmail, then I expect they'll also tell Microsoft to issue them a UEFI key to authenticate their keylogger malware. Hey, I removed the Tubitak key from my browser, but how do I identify and block all foreign governments' UEFI keys?
Sounds nasty, doesn't it? This isn’t something that anyone should want on their computer.

Anderson has also written an 8-page paper (PDF) entitled "Can We Fix the Security Economics of Federated Authentication?" which covers this problem in great detail.

The Free Software Foundation has also also started a petition against secure boot, which people are encouraged to sign.
Add your own comment

84 Comments on Windows 8 Secure Boot: Handy Malware Backdoor for Nosy Governments?

#1
Easy Rhino
Linux Advocate
also, bringing up vPro is purely silliness. vPro is excellent for businesses that want to leverage agility over a large workforce. where i work, we have very similiar software that makes it much easier on the tech support guys to fix issues and control desktops. vpro is simply a creation of the marketplace, not some tin foil douche bags. of course, anyone who actually worked in the industry would know that.
Posted on Reply
#2
Fx
well, concerning sinister governments- it appears that the vast majority of people would still prefer to cover their eyes and ears than question evidence to find truth. it doesnt take much research through readily available un-edited video to see that things arent as rosy as you would like to believe... to each their own

back to the topic...

I hope secure boot doesnt gain traction because it never turns out as well for consumers when companies impose restraints to the products that we use. for example: open source development has spread like wild-fire in recent years and has become a boon to innovation as we continue to collaborate- not limit ourselves...
Posted on Reply
#3
Liquid Cool
Ubuntu doesn't have this problem?

:)

I just love to say the word - Free.

I don't know if I'm a 40 year old hippie, but I'm just loving 'stickin' it to the man' as of late.

Screw Mafiasoft. I can play my Crysis2 in Steam under Ubuntu and I'm happy with it. The last tie to this company is now severed.

Free-dom. Try some...

Best Regards,

Liquid Cool
Posted on Reply
#4
Frick
Fishfaced Nincompoop
Liquid Cool said:
Ubuntu doesn't have this problem?

:)

I just love to say the word - Free.

I don't know if I'm a 40 year old hippie, but I'm just loving 'stickin' it to the man' as of late.

Screw Mafiasoft. I can play my Crysis2 in Steam under Ubuntu and I'm happy with it. The last tie to this company is now severed.

Free-dom. Try some...

Best Regards,

Liquid Cool
It's fine for some people but the majority of people will not be on Linux for some time.
Posted on Reply
#5
qubit
Overclocked quantum bit
newtekie1 said:
I like how every article that Qubit has posted about Secure Boot has had a negative tone to it, and he constantly calls it "Windows 8 secure boot feature". It isn't even a feature of Windows 8, it isn't like Microsoft just say "implement this" and it gets done. Microsoft is pushing for the technology to become mandatory, but it is up to the Unified EFI Forum to decide if it becomes mandatory as part of UEFI, not Windows 8. It is UEFI's Secure Boot feature, not Windows 8's.

Also, even if it is implemented, it isn't up to Microsoft to decide what OS gets allowed on the machine. The option to disable the feature entirely is supposed to be included. However, the OEM manufacturer of the computer has the option to omit this option if they choose, but Microsoft has no real say in the matter. I can see where this might happen, because OEMs hate supporting hardware that isn't running the original OS.
Of course it's a "Windows 8 secure boot feature" - Microsoft is the driving force behind getting it implemented in UEFI - you've just said it yourself. And do you really think that the UEFI Forum are gonna turn this down? That would be extremely naive to think so. Remember who's got the dollars here...

And OEMs not supporting an off switch for it is mighty handy for Microsoft isn't it? They get that lock-in they so desire and can then claim it wasn't them. This really doesn't take much to see through the smokescreen.

So yeah, you're damn right I'm negative about this technology and I'm going to keep writing news articles about it. Remember, governments and big corporations like nothing better than to restrict and control the population for their own gain and profits. The one thing they want is for developments like this to remain in the dark until it's all ready to go and too late to do anything about it. Therefore, the only way to beat it, or at least hold it back some, is to bring it out into the light and shout about it, so that everyone knows what's going on and the force of public pressure prevents it from happening. It doesn't always work unfortunately, but it's better than just sitting idle and taking whatever crap they spoonfeed you. In all aspects of life, public outcry/pressure does hold restrictive practices back and we'd have a much more autocratic and repressed world without it.

As Thomas Jefferson himself said, "The condition upon which God hath given liberty to man is eternal vigilance". So true, one must never forget it.
Posted on Reply
#6
CyberDruid
qubit said:


So yeah, you're damn right I'm negative about this technology and I'm going to keep writing editorials about it.
There. I fixed it.:cry:
Posted on Reply
#7
qubit
Overclocked quantum bit
CyberDruid said:
There. I fixed it.:cry:
You made an error. That's ok, there's no need for you to cry about it. :laugh:
Posted on Reply
#8
newtekie1
Semi-Retired Folder
qubit said:
Microsoft is the driving force behind getting it implemented in UEFI - you've just said it yourself
No, I said they are pushing for it. The industry is the main driving force behind it, to help close some of the security concerns caused by UEFI's network features. Secure boot was being talked about in the industry a long time before Microsoft picked it up and started pushing for it. Intel and IBM have been the big driving force behind secure boot up until recently when Microsoft stepped in too.

qubit said:
And do you really think that the UEFI Forum are gonna turn this down? That would be extremely naive to think so. Remember who's got the dollars here...
Well when you consist of big players like Intel, AMD, Apple, HP, Dell, IBM, Lenovo... Yeah, Microsoft's money doesn't mean shit to them. I guess if you really remember who's got the dollars it is actually Apple, they are the biggest company currently sitting on the board of directors with the UEFI Forum...

Also, the money argument doesn't really make sense when you are basically giving the power to shape the Industry at this point. UEFI is essential at this point moving forward in the industry. PCs are going to have to have UEFI, so Microsoft to say they want it all they want, the UEFI Forum has the power to do whatever they want, and we all just have to sit back and take it.

Do I think they will turn this down? No, I never said they would. They would be stupid to as it addresses security holes that industry leaders have been complaining about in UEFI for a while now. But they aren't just going to pass it because Microsoft says so.

qubit said:
And OEMs not supporting an off switch for it is mighty handy for Microsoft isn't it? They get that lock-in they so desire and can then claim it wasn't them. This really doesn't take much to see through the smokescreen.
Take the tin-foil hat off. I'm guessing your conspiracy doesn't really hold water once you realize the people making the decisions are bigger players than Microsoft. When is the last time you saw Apple just step down and accept what Microsoft wants?:rolleyes:

See the problem seems to be that you haven't done proper research, because I'm guessing if you had you would have realized that the UEFI Forum is loaded with huge players in the industry, and not some small little broke individuals that will bend to Microsoft's will. You also would have realized that IBM and Intel were the big promoter of Secure Boot, not Microsoft.

qubit said:
So yeah, you're damn right I'm negative about this technology and I'm going to keep writing news articles about it. Remember, governments and big corporations like nothing better than to restrict and control the population for their own gain and profits. The one thing they want is for developments like this to remain in the dark until it's all ready to go and too late to do anything about it. Therefore, the only way to beat it, or at least hold it back some, is to bring it out into the light and shout about it, so that everyone knows what's going on and the force of public pressure prevents it from happening. It doesn't always work unfortunately, but it's better than just sitting idle and taking whatever crap they spoonfeed you. In all aspects of life, public outcry/pressure does hold restrictive practices back and we'd have a much more autocratic and repressed world without it.
That is fine, but news, presented by a proper news reporter, should be presented without bias. And the reporter should be doing proper research before posting news articles, especially if they are going to be adding their own information to the article, they better make sure the information is actually correct. Calling Secure Boot a Microsoft invention is complete wrong information, and you should be ashamed for even suggesting it in a serious news article. If you are going to report on it, present the correct facts, not just BS that you pulled out of you ass because you think Microsoft is evil and want to bash them.
Posted on Reply
#9
Marv
I have to say I'm starting to lose faith in TPU with these articles. I have come here for ~3 years for unbiased reviews and news, often with a bit of cynicism thrown in to stay the tide of marketing dribble. Wizzard and btanrar both produce some of the best articles (news related) around, and this is dragging it down.

I'd have to ask qubit, have you written articles for the Daily Mail? The tone very much feels like it, and the articles are far too opinionated to belong as news articles.

Many reasoned arguments have already been posted combating this, but as you love the "big bad company" image so much you ignore those comments.

Besides which, if someone is buying a bog-standard Windows 8 PC from Dell/HP et al, do you really think they're going to want to run Linux? Plus, I somehow doubt that the OS will be effectively locked to the hardware, as it does prevent Microsoft's upgrade path to an extent (have to buy a whole new PC for Windows 9, rather than upgrade).

Also:
qubit said:
...shut out competition and create the ultimate in walled garden consumer lock-ins...
I thought Apple have beaten them to that already?
Posted on Reply
#10
qubit
Overclocked quantum bit
Marv said:
I have to say I'm starting to lose faith in TPU with these articles. I have come here for ~3 years for unbiased reviews and news, often with a bit of cynicism thrown in to stay the tide of marketing dribble. Wizzard and btanrar both produce some of the best articles (news related) around, and this is dragging it down.

I'd have to ask qubit, have you written articles for the Daily Mail? The tone very much feels like it, and the articles are far too opinionated to belong as news articles.

Many reasoned arguments have already been posted combating this, but as you love the "big bad company" image so much you ignore those comments.

Besides which, if someone is buying a bog-standard Windows 8 PC from Dell/HP et al, do you really think they're going to want to run Linux? Plus, I somehow doubt that the OS will be effectively locked to the hardware, as it does prevent Microsoft's upgrade path to an extent (have to buy a whole new PC for Windows 9, rather than upgrade).

Also:


I thought Apple have beaten them to that already?
So, I bring news with some healthy commentary on the weekend for you to read and you complain that you're "losing faith"? :rolleyes:

Let's see you contribute something useful to TPU instead of whinging in my news threads. :slap:
Posted on Reply
#11
Wile E
Power User
qubit said:
Of course it's a "Windows 8 secure boot feature" - Microsoft is the driving force behind getting it implemented in UEFI - you've just said it yourself. And do you really think that the UEFI Forum are gonna turn this down? That would be extremely naive to think so. Remember who's got the dollars here...

And OEMs not supporting an off switch for it is mighty handy for Microsoft isn't it? They get that lock-in they so desire and can then claim it wasn't them. This really doesn't take much to see through the smokescreen.

So yeah, you're damn right I'm negative about this technology and I'm going to keep writing news articles about it. Remember, governments and big corporations like nothing better than to restrict and control the population for their own gain and profits. The one thing they want is for developments like this to remain in the dark until it's all ready to go and too late to do anything about it. Therefore, the only way to beat it, or at least hold it back some, is to bring it out into the light and shout about it, so that everyone knows what's going on and the force of public pressure prevents it from happening. It doesn't always work unfortunately, but it's better than just sitting idle and taking whatever crap they spoonfeed you. In all aspects of life, public outcry/pressure does hold restrictive practices back and we'd have a much more autocratic and repressed world without it.

As Thomas Jefferson himself said, "The condition upon which God hath given liberty to man is eternal vigilance". So true, one must never forget it.
Ummm, any OS can use the feature. It's part of UEFI. Anything capable of using UEFI is capable of using this. How is this locking it to anything?

MS backing the technology does not automatically make this a conspiracy.

Yet again, mountain out of a molehill.
Posted on Reply
#12
newtekie1
Semi-Retired Folder
qubit said:
so, i bring news editorials with some healthy commentary on the weekend for you to read and you complain that you're "losing faith"? :rolleyes:

Let's see you contribute something useful to tpu instead of whinging in my news editorial threads. :slap:
ftfy

Wile E said:
Ummm, any OS can use the feature. It's part of UEFI. Anything capable of using UEFI is capable of using this. How is this locking it to anything?

MS coming up with the technology does not automatically make this a conspiracy.

Yet again, mountain out of a molehill.
Microsoft didn't even come up with the technology. Intel and IBM pioneered it.

So far, the only thing MS has really done is require that any PC sold with a Designed for Windows 8 Logo have the Secure Boot feature in the UEFI enabled by default, but they don't say it can't be disabled by the end user, that part will be up to the OEMs.
Posted on Reply
#13
Wile E
Power User
newtekie1 said:
ftfy



Microsoft didn't even come up with the technology. Intel and IBM pioneered it.
Good point. Editing it to backing.
Posted on Reply
#14
qubit
Overclocked quantum bit
newtekie1 said:
ftfy
A grubby personal attack? That's a bit low coming from you, no? :slap:

And what's with you idiotically messing up my quotes? :rolleyes:

Wile E said:
Good point. Editing it to backing.
Life getting a little hard, perhaps? ;)

---------------

How about a little less of the personal attacks people, ffs. :rolleyes:
Posted on Reply
#15
Wile E
Power User
Disagreeing with you is not a personal attack.
Posted on Reply
#16
qubit
Overclocked quantum bit
Wile E said:
Disagreeing with you is not a personal attack.
There's disagreeing and there's disagreeing. Agreeing with someone who is making a personal attack on me, is also making a personal attack.

Give me some coherent arguments why you think I'm wrong and you're right and I'll debate it with you.
Posted on Reply
#17
Kreij
Senior Monkey Moderator
Keep it civil people.
Posted on Reply
#18
Wile E
Power User
qubit said:
There's disagreeing and there's disagreeing. Agreeing with someone who is making a personal attack on me, is also making a personal attack.

Give me some coherent arguments why you think I'm wrong and you're right and I'll debate it with you.
I did.

Recap:

secure boot = UEFI feature

Available for use by ANY OS.

MS being involved =|= automatic conspiracy.

Then capped off with my opinion on the matter:

Mountain out of a molehill.

That is not an attack.

Neither is agreeing with some points another member made, even if they were attacking you. I agreed with the points, which are still valid. I didn't respond or add to any personal attacks.
Posted on Reply
#19
qubit
Overclocked quantum bit
Wile E said:
Ummm, any OS can use the feature. It's part of UEFI. Anything capable of using UEFI is capable of using this. How is this locking it to anything?

MS backing the technology does not automatically make this a conspiracy.

Yet again, mountain out of a molehill.
Wile E said:
I did.

Recap:

secure boot = UEFI feature

Available for use by ANY OS.

MS being involved =|= automatic conspiracy.

Then capped off with my opinion on the matter:

Mountain out of a molehill.

That is not an attack.

Neither is agreeing with some points another member made, even if they were attacking you. I agreed with the points, which are still valid. I didn't respond or add to any personal attacks.
Yeah, so you did. :toast:

Yes, it might have been set up by the UEFI Forum, but that doesn't mean it won't get abused to shut out the competition, especially considering the big names that are on it (thanks NT :)). Saying anyone can use it sounds fine in practice, but you know how these things are structured: there will be a big fat payment to make to obtain a signature, shutting out smaller players.

I'm wondering, how will this affect even basic tasks like disc partitioning, adding removing discs etc? I suspect that it will make no difference, but I don't know.
Posted on Reply
#20
Easy Rhino
Linux Advocate
qubit said:
Yeah, so you did. :toast:

Yes, it might have been set up by the UEFI Forum, but that doesn't mean it won't get abused to shut out the competition, especially considering the big names that are on it (thanks NT :)). Saying anyone can use it sounds fine in practice, but you know how these things are structured: there will be a big fat payment to make to obtain a signature, shutting out smaller players.

I'm wondering, how will this affect even basic tasks like disc partitioning, adding removing discs etc? I suspect that it will make no difference, but I don't know.
see, you say that you don't know, yet in your "news" article you throw out a bunch of ideas that are in your head about the whole topic that lack any factual backing.

if you don't know about a topic then you shouldn't interject your opinions into a news article or draw conspiratorial conclusions about the issue.
Posted on Reply
#21
Wile E
Power User
qubit said:
Yeah, so you did. :toast:

Yes, it might have been set up by the UEFI Forum, but that doesn't mean it won't get abused to shut out the competition, especially considering the big names that are on it (thanks NT :)). Saying anyone can use it sounds fine in practice, but you know how these things are structured: there will be a big fat payment to make to obtain a signature, shutting out smaller players.

I'm wondering, how will this affect even basic tasks like disc partitioning, adding removing discs etc? I suspect that it will make no difference, but I don't know.
There are no licensing fees mentioned anywhere in the UEFI Forum's website and documentation that I can see. Just guidelines to follow to be able to use the UEFI logo and claim compliance. It's a non-profit.
Posted on Reply
#22
qubit
Overclocked quantum bit
Easy Rhino said:
see, you say that you don't know, yet in your "news" article you throw out a bunch of ideas that are in your head about the whole topic that lack any factual backing.

if you don't know about a topic then you shouldn't interject your opinions into a news article or draw conspiratorial conclusions about the issue.
I don't lack factual backing, I based my story on what professor Anderson said.

The fact that I don't know about how it will affect disc partitioning doesn't invalidate everything else I've said, either. I have no idea how you reached that conclusion. :confused:

Wile E said:
There are no licensing fees mentioned anywhere in the UEFI Forum's website and documentation that I can see. Just guidelines to follow to be able to use the UEFI logo and claim compliance. It's a non-profit.
Well, they need money from somewhere to stay afloat, so we'll see what happens when it goes live. Perhaps the various companies that form this entity will just pay, but it seems reasonable to me that they would charge companies that use its services, one way or another.

Think about it this way: the initiative claims to be about increasing security, right? Therefore, they need some kind of vetting process to check each application to make sure it's not malware or something else unsavoury. That costs money to do.

Finally, back to the core point of Anderson's blog, that of dodgy governments. We've already seen how the SSL certificate authorities have been corrupted in certain countries (sorry, I don't have a handy link to any article at the moment) to mint a genuine cert for bad websites at the behest of those governments. So, what's to stop those same governments from leaning on the UEFI Forum and getting their dodgy snooping programs on people's computers?
Posted on Reply
#23
Easy Rhino
Linux Advocate
qubit, you draw the conclusion, based on one guys worst case scenerio opinion, that microsoft is evil and uefi is going to take down entire nations. stick to the news, and stop with the opinions.
Posted on Reply
#24
newtekie1
Semi-Retired Folder
qubit said:
A grubby personal attack? That's a bit low coming from you, no? :slap:

And what's with you idiotically messing up my quotes? :rolleyes:
No, you see when an article has accurate non-bias information it is a news article. When an article has wrong information and is filled with bias and opinion from the reporter it is an editorial. Look up the definitions. What you wrote is an editorial not a news piece. If it has your opinion in it, which this does, it is an editorial. This isn't a personal attack, just the facts. But adding your own opinion to the article you made it an editorial. I'm sorry you can't take correction of your mis-information without viewing it as a personal attack.

qubit said:
Yes, it might have been set up by the UEFI Forum, but that doesn't mean it won't get abused to shut out the competition, especially considering the big names that are on it (thanks NT :)). Saying anyone can use it sounds fine in practice, but you know how these things are structured: there will be a big fat payment to make to obtain a signature, shutting out smaller players.
Correct, but the only people that can possibly abuse it would be hardware OEMs, but not including the option to disable Secure Boot in their UEFI setup, not Microsoft, and the hardware OEMs abusing it will not be to lock out competition. Microsoft has no say in it.

qubit said:
I don't lack factual backing, I based my story on what professor Anderson said.
Sure you did. You put opinions in the article based on the assumption that it was Microsoft the created and pushed this technology. You obviously had no clue that in fact it was huge industry leaders that developed it and are pushing for it long before Microsoft came into the picture.

You also assumed that Microsoft was just throwing around their wallet to get their way, again not knowing the fact that the UEFI Forum is comprised of companies as big or bigger than Microsoft.


qubit said:
Well, they need money from somewhere to stay afloat, so we'll see what happens when it goes live. Perhaps the various companies that form this entity will just pay, but it seems reasonable to me that they would charge companies that use its services, one way or another.
I'm pretty sure the multi-billion dollar companies that make up the UEFI Forum can handle it being a non-profit and front the little bit of money it takes to maintain the standard.

qubit said:
Think about it this way: the initiative claims to be about increasing security, right? Therefore, they need some kind of vetting process to check each application to make sure it's not malware or something else unsavoury. That costs money to do.
A relatively small amount for the Multi-Billion dollar companies that run it.
Posted on Reply
#25
OneMoar
There is Always Moar
easy rhino said:
qubit, you draw the conclusion, based on one guys worst case scenerio opinion, that microsoft is evil and uefi is going to take down entire nations. Stick to the news, and stop with the opinions.
+1
Posted on Reply
Add your own comment