Torvalds' Windows 8 Secure Boot Tantrum Leads Back to MIcrosoft's Moves

by Ostatic Staff - Feb. 26, 2013

The saga surrounding UEFI Secure Boot seemingly has no end. Last year, in the post "Will Windows 8 Lock Linux Out of PCs?," I discussed the origins of the problems with Windows 8 locking out Linux, and many OStatic readers have been locked out. In the wake of the problems, which surrounded the fact that a Secure Boot scheme allows hardware makers to lock Linux out of their Windows machines if they choose to, it became clear that the easiest methods for getting Linux to run on Secure Boot systems involve getting Microsoft-signed keys. The Linux Foundation has delivered such a solution, as have others.

None other than Linus Torvalds, though, has thrown an online fit over suggestions that such keys should be built into the Linux kernel.  

ZDNet has a good summary of how Linus came to react to these suggestions:

"Red Hat software engineer David Howells asked Linus Torvalds, Linux's founder, to move on code that would let Microsoft-signed binary keys be added dynamically to a kernel while running in secure-boot mode on the Linux Kernel Mailing List (LKML). Torvalds wasn't having it. "Quite frankly, this is f*cking moronic."

In the same post, Steven J. Vaughan-Nichols notes: "As anyone who follows Linux closely knows, Linux developers have no love for programs that have no source code and are only available as binaries." And yes, that does make Torvalds' umbrage at suggestions that he should work with Windows 8 Secure Boot keys understandable.

But the fact that Torvalds does bristle at the suggestion is just a microcosm of the real issue, here. In a post from last year called "Microsoft Responds to Linux Lockout Claims," I covered posts from Microsoft which essentially laid the Secure Boot issues on hardware makers' doorsteps. Basically, Microsoft took the position that Secure Boot was a methodology for controlling what boots and what doesn't that hardware makers can implement as they see fit.

Microsoft officials noted that many rootkit malware attacks take control of boot routines, but that such routines can be circumvented by schemes such as Secure Boot. Nobody protested when Microsoft simply claimed that hardware makers could implement Secure Boot however they wanted.

As it turned out, almost all of the Windows 8 machines that first appeared had Secure Boot implemented in such a way that Linux was locked out. Workarounds have appeared, but they are based on Microsoft-signed keys.

As the maker of the dominant Windows operating system, Microsoft has a responsibility to protect fair play in a way that it didn't here. In this day of virtualization and usage of multiple operating systems, it's unfair to build an operating system around a methodology that allows for complete and utter lockout of other platforms.

Torvalds' reactions are only protests at the end of the chain reaction that all of this represented. The fact is that if Microsoft wants to be accepted as playing more fairly with open source these days than it ever has, it has carry that concept through to how it deals with everything it builds and how it deals with hardware makers.