When technology serves its owners, it is liberating. When it is designed to serve others, over the owner's objection, it is oppressive. There's a battle raging on your computer right now -- one that pits you against worms and viruses, Trojans, spyware, automatic update features and digital rights management technologies. It's the battle to determine who owns your computer. Bruce Schneier May 04, 2006
Bruce Schneier has long argued that proprietary code is a bad thing for end-users: fixing broken code doesn't generate much revenue and most of the big software houses only patch vulnerabilities when they can no longer be ignored. Now, Microsoft has introduced a new wheeze; make someone else responsible for its shoddy code.
With the forthcoming release of Windows 8, manufacturers will be required to install something called Secure Boot if they want their equipment to be certified as Windows compatible. This is a potential problem for anyone who wants to install a different operating system (like Linux) on their computer: if the software isn't approved by the UEFI interface, it won't load and you'll be locked out of your system. In essence, Microsoft has found a way to shackle your hardware to its software and all in the name of security.
Let's not pretend, Windows is ubiquitous and most (probably all) OEMs will comply with Redmond's fiat. So it's not surprising that Mark Shuttleworth has discussed the possibility of Canonical generating its own encryption key to pass the Secure Boot test. This is probably just pragmatism at work, but the reality is that you will no longer own your pc, you'll effectively lease it from those software providers that can get their keys incorporated in the UEFI. I can't help wondering if the tail is still wagging the dog.
Sources & References:
- Schneier on Security: Everyone Wants to 'Own' Your PC
- Canonical Blog: An update on Ubuntu and Secure Boot
- The Register: Shuttleworth: Why Windows 8 made us ditch GPL Linux Loader
- Wikipedia: United Extensible Firmware Interface