I think SecureBoot is a good thing as long as it can be disabled. However, what would be even better is if the user could sign the software rather than the hardware manufacturer.
I technically agree. We shouldn't need to disable SecureBoot to run Linux - however, to do this you'd want to be able to add your own key. I don't have a problem with dual booting as a stop-gap, but only until you get the Linux (Or BSD) system working. Treat Windows like you do Internet Explorer (the browser only used to download a different browser).
Reuel T Because those aren't exactly available in stores, particularly outside the US. That means having to order online, which in the case of laptops is iffy (a lot can happen on the road). I for one would rather just buy any laptop from a local store, drive it home myself so I know nothing's going to happen to it, and chuck Linux on the sucker. And we're not complaining that Windows comes preloaded, it's piss-easy to install Linux as long as the GRUB version on your distro is signed or you disable SecureBoot. PS. If you don't want people to be able to boot off a USB into Linux, just goddamned disable USB and CD booting and put a password on your UEFI. That'll do a lot more in that regard than SecureBoot, particularly because Ubuntu already paid Microsoft to sign the bootloader (the idiots), so Ubuntu usually works on SecureBooted hardware.
Reuel T At this point you're pretty much rambling. "Linux is a failure" because of less than 2% desktop market share? What about mobile? Android is going great and it's Linux. And most of the Internet is made possible by Linux, from your router to the colossal data centers that host the web pages. Also Microsoft's ARM lockdown is pretty much irrelevant - can you put Linux on an iPad? Nope. They're just copying Apple, no surprises there. PS. The reason they're allowing SecureBoot to be disabled on X86(-64) hardware is they'd be facing outrage from pretty much everyone if they didn't (i think it might even be a violation of anti-monopoly laws, since Macs are ARM-based).
Reuel T You can just change the settings in your bios so that it'll only boot from that one drive and set a password for your bios so nobody can change it.
Reuel T Except that economy of scale would still exist if Windows never existed, because other OSes existed even way back when (almost all Unix-like). If Windows never existed, one of those would fill the void. Probably Mac OS, granted, but still. You're sounding more and more like a strawman, by the way, especially for arguing anti-Linux in the comments for an interview by Linus Torvalds himself.
@@AicyDC i think that's what he was saying, but really the ones who kicked off modern 'unix' are Stallman and the GNU project. Linux came as a result of their efforts
Disabling unsigned code is okay only if it is optional, or if the owner of the device can sign unsigned code themselves. Secure boot is only ok because it can be disabled.
Why do you need a trusted Third Party to sign my kernel. The problem "having a secure boot" just doesn't ask for it. It is perfectly save if the End User signs whatever kernel he trusts. This is a perfect example where initial trust (like GPG/PGP/SSH) is safer than TTP as the TTP is a popular target to compromise, because there are millions of devices behind to break.
Any level of additional security lowers efficiency. We've gotten a bit past having to physically pull hardware to get operating systems to assign a more correct IRQ and parameters. Only to put the hardware back in after those other defaults have been set. And yet with EUFI, we're attempting to return to those old days, where hardware manipulation (bios) is the solution to all that ails you. It's just another row of barbed wire on a trench that will be crossed in-spite of that wire.
I know you posted this 6months ago but did anyone point out to you that signing an app doesn't necessarily mean that it from a truly trustworthy source BUT you know for sure that your application is exactly as they wanted it(not modified by an external source) so if it turns out shady, it was their intention.
i have just setup two dual boot computers in the last week, one a uefi laptop the other a bios desktop. both were absolutely simple to do (aside from finding all the missing windows drivers afterwards). So basically, I had 0 linux issues at all and all of my issues were directly related to proprietary binaries for the windows OS. weird, huh?
Same, not having my computer locked out preventing me from installing what I want to use such as linux has saved me several times. Like one time my windows os got a virus so I used linux to get my uninfected data off that computer. And then another time my windows os broke so I saved my data with linux, and then another time and another time and another time all saved thanks to my system not being locked down by a company who's only intent is to create a monopoly and fuck over their users.
ARM tablets using W8 already lock out alternative operating systems. It is only a small step to locking up desktops as well. The reason MS refused to do that, is that the anti-trust lawsuits would nail them bad. But the tablet-notebook hybrids are a good candidate for this lockout method. I do not see (most) BSD's taking this step, but Apple would most certainly go this route.
I agree with Torvalds here, we should implement some sort of open source secure boot standard for Linux, and other kernels that would like to use it. It's rather unfortunate that Microsoft's implementation of secure boot has left the OSS community closed to the idea/notion.
The sad thing is that for arm PC's with Windows 8, secure boot has to be enabled and you cannot remove it. It was one of the terms for the Manufacturers
Rapid boor is not because of it being secure. It is because it is not the old legacy bios. I can boot like lightning using an ssd right now, right from GPT disks.
It's overhyped as different and evil, but it's the same windows experience after a day of using it and learning it. Also about a ten second boot up time with a 5400 rpm hard drive, pretty epic actually. Good luck with your three distros though! Slitaz is pretty cool for the size.
It's just that BIOS "boot's" any bootsector there is, would be nice to control it via bios and then secure bios with passwd.. but still, bootsector can be same, it boot's the kernel, but what if there is different conf after that. BIOS cannot keep up.
Thats not it's only function, as Linus points out at the beginning of the video. Locking users out is one use case which is what everyone is getting all worried about microsoft doing. What he's proposing is using secure boot you can now have the OS hardened right down to the core software/hardware layer.
On the contrary, it is a false sense of security. Instead of being vigilant and careful with "hygiene" of your systems, are forced to go blindly, on trust. The more than ten million types of malware, are a strong proof that proprietary software is a failure, the only solution is access to sources. Explain, please, how can you verify that the signature was not compromised? Corporation in which you trust will prefer to deny the existence of security breaches to protect their profits.
Ultimately, the point of a digital signature is to provide a way for a consumer to verify that a document (in this case an OS kernel) has not been modified since it was published by a known and trusted publisher. Digital signatures use public key cryptography, where there are two keys: a public key known to all consumers (in this case, SecureBoot machines) and a private key strictly known only to the publisher (the person/company who compiles and then signs the kernel).
I don't understand how the first sentence from the second paragraph follows from the first paragraph. Should it be that developers should evaluate the tools and must not evaluate (all possible) uses? Also I _can_ think of a very big use, the reason _fore_ making the tool. Being able to prevent rootkits injected from a remote location from happening for instance.
@mike200017 Flame "application" is signed with Microsoft key. Should I trust? Why should we have more confidence in a corporate than in the users? Do you want to talk about Microsoft spying history on those who made the mistake of buying/using their products?
The only acceptable way for me is if Secure Boot can be disabled until told otherwise. In other words, it's unacceptable to have to be "at the machine" every time it boots. I want one of the POST parameters (stored in nonvolatile storage somewhere) to be "enable Secure Boot" which I can turn off. But I agree, it CAN be a handy tool.
I wonder if anyone will market a motherboard that doesn't have the secure boot technology to serve the free OS market? I doubt it, in any event this may be unwarranted hang wringing or maybe it is. Only time will tell
I think it's funny when they show a picture of Balmer when it's actually Apple that puts DRM on everything and abuses this far worse. Even going so far as to sue open source developers for creating a clone of itunes.
if the kernel and everything about Linux is open, and it is signed (basicly that signature is a piece of code, right?), would it be that hard for some1 to take that piece of code and use it however he wants, rendering secure boot useless?
Secure boot technology is still advancing. 4D signatures (dynamic, time & pressure being measured in real-time) is here. It's not open source yet, but eventually it might be. Sorry - no URLs to support my readings on this subject; too busy handling the info explosions.
It's a bit ironic that the open-source community, largely composed of software developers, would be against a tool because it can be misused. Wouldn't every single programming language fall under that category? We cannot evaluate the tools, we must evaluate the uses. But I disagree with Torvalds because I don't see any legitimate use of a secure boot. Its only application seems to be vendor lock-in, it doesn't appear to have any legitimate security-related uses.
Is there any way for scientists to get access the hardware to improve the speed... easily? All these layers of securities and things make the experiment slower and slower and harder to access pins and so on. Is there any OS that allows PCI pins for GPIO for high speed? No. I'm not saying these blocks are unnecessary. I'm just complaining the complete lack of support for scientific community by companies.... which is in fact so natural...... Whatever...
I tried to run Ubuntu dual boot Windows 8. It took more than 6 month to get it to work. The problem was not MS, it was that most of the help I got was wrong. Frankly the OS community couldn't react fast enough (over 1 year reaction time) and blamed big bad MS when the problem lay with their lack of support/expertise.
Of course this comment got ridiculously upvoted by gnu footsoldiers. You use te bad name: MS; and attach some false accusations to it. But you miss the point that the future of security is a marketplace in which you subscribe to trusted sources. This is the future of DNSSec, Web certificates and IP sec. It is a balance between usability and security and the authorities can be Companies, EvilCompanies and other types of organisations (E.g. opendns, mozilla). As proposed by Whitfield Diffie et al
Security erodes freedom. It's as simple as that. Now that doesn't mean that we don't rightfully/logically trade much of our natural freedoms for general security. Basically that is what "the State" is. A tradeoff. Now... when it comes to electronic freedom, the stakes are a bit different. Freedom should weigh heavier than security in that world, for the simple reason that the ability to look at the actual code that runs on your computer underlies any claim to security in the first place. It;'s a catch 22. You can't be free or secure if you're not secure to the core.
This group of Linux users that have nothing better to do than to come bash Windows users...you're making Linux look bad. I prefer Windows 8, but also like lubuntu and such. Get some tolerance. A little open mindedness can show us that every major OS is good and worth using for the right type of people. Unity ;)
Thumbnail looks like Linus is being interviewed in some kind of interrogation room
LOL!
I think SecureBoot is a good thing as long as it can be disabled. However, what would be even better is if the user could sign the software rather than the hardware manufacturer.
I technically agree. We shouldn't need to disable SecureBoot to run Linux - however, to do this you'd want to be able to add your own key.
I don't have a problem with dual booting as a stop-gap, but only until you get the Linux (Or BSD) system working. Treat Windows like you do Internet Explorer (the browser only used to download a different browser).
Reuel T
Because those aren't exactly available in stores, particularly outside the US. That means having to order online, which in the case of laptops is iffy (a lot can happen on the road). I for one would rather just buy any laptop from a local store, drive it home myself so I know nothing's going to happen to it, and chuck Linux on the sucker.
And we're not complaining that Windows comes preloaded, it's piss-easy to install Linux as long as the GRUB version on your distro is signed or you disable SecureBoot.
PS. If you don't want people to be able to boot off a USB into Linux, just goddamned disable USB and CD booting and put a password on your UEFI. That'll do a lot more in that regard than SecureBoot, particularly because Ubuntu already paid Microsoft to sign the bootloader (the idiots), so Ubuntu usually works on SecureBooted hardware.
Reuel T
At this point you're pretty much rambling. "Linux is a failure" because of less than 2% desktop market share?
What about mobile? Android is going great and it's Linux. And most of the Internet is made possible by Linux, from your router to the colossal data centers that host the web pages.
Also Microsoft's ARM lockdown is pretty much irrelevant - can you put Linux on an iPad? Nope. They're just copying Apple, no surprises there.
PS. The reason they're allowing SecureBoot to be disabled on X86(-64) hardware is they'd be facing outrage from pretty much everyone if they didn't (i think it might even be a violation of anti-monopoly laws, since Macs are ARM-based).
Reuel T You can just change the settings in your bios so that it'll only boot from that one drive and set a password for your bios so nobody can change it.
Reuel T
Except that economy of scale would still exist if Windows never existed, because other OSes existed even way back when (almost all Unix-like). If Windows never existed, one of those would fill the void. Probably Mac OS, granted, but still.
You're sounding more and more like a strawman, by the way, especially for arguing anti-Linux in the comments for an interview by Linus Torvalds himself.
What a humble man. I mean, this guy kicked off modern UNIX, and practically the modern world of mobile technology.
Linux, not Unix. He copied Unix.
@@AicyDC i think that's what he was saying, but really the ones who kicked off modern 'unix' are Stallman and the GNU project. Linux came as a result of their efforts
@@AicyDC He copied Minix.
@@shallex5744 Wait, just ignoring Darwin. Okay then.
@@Stopinvadingmyhardware darwin came out long after GNU and Linux
1:43. Steve Ballmer's hand is going to misuse Secure Boot.
Richard stallman also agrees using secure boot as long as you are able to disable it to install another system
Everyone should have the freedom to decide whether freedom or security is more important by himself, so I think Secure Boot should be easy to disable.
Disabling unsigned code is okay only if it is optional, or if the owner of the device can sign unsigned code themselves. Secure boot is only ok because it can be disabled.
Why do you need a trusted Third Party to sign my kernel. The problem "having a secure boot" just doesn't ask for it.
It is perfectly save if the End User signs whatever kernel he trusts.
This is a perfect example where initial trust (like GPG/PGP/SSH) is safer than TTP as the TTP is a popular target to compromise, because there are millions of devices behind to break.
Any level of additional security lowers efficiency. We've gotten a bit past having to physically pull hardware to get operating systems to assign a more correct IRQ and parameters. Only to put the hardware back in after those other defaults have been set. And yet with EUFI, we're attempting to return to those old days, where hardware manipulation (bios) is the solution to all that ails you. It's just another row of barbed wire on a trench that will be crossed in-spite of that wire.
I know you posted this 6months ago but did anyone point out to you that signing an app doesn't necessarily mean that it from a truly trustworthy source BUT you know for sure that your application is exactly as they wanted it(not modified by an external source) so if it turns out shady, it was their intention.
i have just setup two dual boot computers in the last week, one a uefi laptop the other a bios desktop. both were absolutely simple to do (aside from finding all the missing windows drivers afterwards). So basically, I had 0 linux issues at all and all of my issues were directly related to proprietary binaries for the windows OS.
weird, huh?
Same, not having my computer locked out preventing me from installing what I want to use such as linux has saved me several times. Like one time my windows os got a virus so I used linux to get my uninfected data off that computer. And then another time my windows os broke so I saved my data with linux, and then another time and another time and another time all saved thanks to my system not being locked down by a company who's only intent is to create a monopoly and fuck over their users.
unsecure boot is a lifesaver for me
Exactly. Microsoft can't help but make everything broken in their favor.
ARM tablets using W8 already lock out alternative operating systems.
It is only a small step to locking up desktops as well. The reason MS refused to do that, is that the anti-trust lawsuits would nail them bad. But the tablet-notebook hybrids are a good candidate for this lockout method.
I do not see (most) BSD's taking this step, but Apple would most certainly go this route.
I agree with Torvalds here, we should implement some sort of open source secure boot standard for Linux, and other kernels that would like to use it.
It's rather unfortunate that Microsoft's implementation of secure boot has left the OSS community closed to the idea/notion.
If anything can be misused it will be misused.
Even Linus says secure boot can be use to do nasty things. Microsoft been involved, this becomes a certitude.
I know Razer sets up their Bios to prevent you from changing the secure book keys and you have to hack it open to change them.
The sad thing is that for arm PC's with Windows 8, secure boot has to be enabled and you cannot remove it. It was one of the terms for the Manufacturers
Well. We want linus to share with us the source code of secure boot. At least so as we know how that thing works and what it does.
Rapid boor is not because of it being secure. It is because it is not the old legacy bios.
I can boot like lightning using an ssd right now, right from GPT disks.
It's overhyped as different and evil, but it's the same windows experience after a day of using it and learning it. Also about a ten second boot up time with a 5400 rpm hard drive, pretty epic actually. Good luck with your three distros though! Slitaz is pretty cool for the size.
Love FOSS and love GNU/Linux :)
It's just that BIOS "boot's" any bootsector there is, would be nice to control it via bios and then secure bios with passwd.. but still, bootsector can be same, it boot's the kernel, but what if there is different conf after that. BIOS cannot keep up.
Thats not it's only function, as Linus points out at the beginning of the video. Locking users out is one use case which is what everyone is getting all worried about microsoft doing.
What he's proposing is using secure boot you can now have the OS hardened right down to the core software/hardware layer.
doobiest420 oh gosh. Back to the ROM era...
There goes my hero, he’s ordinary
Agree. "good" or "bad", all depends on how it is used.
On the contrary, it is a false sense of security. Instead of being vigilant and careful with "hygiene" of your systems, are forced to go blindly, on trust. The more than ten million types of malware, are a strong proof that proprietary software is a failure, the only solution is access to sources.
Explain, please, how can you verify that the signature was not compromised? Corporation in which you trust will prefer to deny the existence of security breaches to protect their profits.
Yes, because that way you don't have to think if there's malware or not in your computer and let them do their evil work.
Ultimately, the point of a digital signature is to provide a way for a consumer to verify that a document (in this case an OS kernel) has not been modified since it was published by a known and trusted publisher. Digital signatures use public key cryptography, where there are two keys: a public key known to all consumers (in this case, SecureBoot machines) and a private key strictly known only to the publisher (the person/company who compiles and then signs the kernel).
I don't understand how the first sentence from the second paragraph follows from the first paragraph. Should it be that developers should evaluate the tools and must not evaluate (all possible) uses? Also I _can_ think of a very big use, the reason _fore_ making the tool. Being able to prevent rootkits injected from a remote location from happening for instance.
Like MS giving away your info to the NSA, and certainly for a reasonable amount of money.
@mike200017 Flame "application" is signed with Microsoft key. Should I trust? Why should we have more confidence in a corporate than in the users? Do you want to talk about Microsoft spying history on those who made the mistake of buying/using their products?
What that guy is doing there?.....
The only acceptable way for me is if Secure Boot can be disabled until told otherwise. In other words, it's unacceptable to have to be "at the machine" every time it boots. I want one of the POST parameters (stored in nonvolatile storage somewhere) to be "enable Secure Boot" which I can turn off. But I agree, it CAN be a handy tool.
If only the world had a million of Linus´ .......
if the amount of damage it can make exceeds the amount of usefulness it can provide then no thanks
I wonder if anyone will market a motherboard that doesn't have the secure boot technology to serve the free OS market? I doubt it, in any event this may be unwarranted hang wringing or maybe it is. Only time will tell
2:35 LOL
It would be a good thing if Microsoft will let other trusted vendors to give boot certification.
Signatures are great! DRM is to restrict the user…
I think it's funny when they show a picture of Balmer when it's actually Apple that puts DRM on everything and abuses this far worse. Even going so far as to sue open source developers for creating a clone of itunes.
I disagree with Linus on this subject
Blind trust is a "more productive" choice?
(?) You don't need to use his kernel.
A person can buy a machine with Linux on it. That is what I would do if ti turns out to be a problem.
if the kernel and everything about Linux is open, and it is signed (basicly that signature is a piece of code, right?), would it be that hard for some1 to take that piece of code and use it however he wants, rendering secure boot useless?
Secure boot technology is still advancing. 4D signatures (dynamic, time & pressure being measured in real-time) is here. It's not open source yet, but eventually it might be. Sorry - no URLs to support my readings on this subject; too busy handling the info explosions.
It's a bit ironic that the open-source community, largely composed of software developers, would be against a tool because it can be misused. Wouldn't every single programming language fall under that category?
We cannot evaluate the tools, we must evaluate the uses. But I disagree with Torvalds because I don't see any legitimate use of a secure boot. Its only application seems to be vendor lock-in, it doesn't appear to have any legitimate security-related uses.
Is there any way for scientists to get access the hardware to improve the speed... easily? All these layers of securities and things make the experiment slower and slower and harder to access pins and so on. Is there any OS that allows PCI pins for GPIO for high speed? No.
I'm not saying these blocks are unnecessary. I'm just complaining the complete lack of support for scientific community by companies.... which is in fact so natural...... Whatever...
Sigh. If it can be turned off, it's not really secure now is it? And btw, do you use any Apple products? *grin*.
Or it will be implemented and everyone will just turn it off...For higher end security it probably is a good thing.
reasonable guy, can't take that from him
It's a bit of a double edged sword. I would much rather have control of it myself. If it's a feature that can be disabled, sure.
thanks for spoiling the video :-)
Don't jump me with your open source baseball bats just yet, I still use OS software :p
Windows-locked Baytrail tablets....
can you explain me what is a secure boot
are you still awaiting an explanation, or died
So Linus is officially naive...
I tried to run Ubuntu dual boot Windows 8. It took more than 6 month to get it to work. The problem was not MS, it was that most of the help I got was wrong. Frankly the OS community couldn't react fast enough (over 1 year reaction time) and blamed big bad MS when the problem lay with their lack of support/expertise.
What ?! You're not happy with yourself ???
I don't understand why you'd want such a thing. Of course, Torvalds is big on signing, which explains git.
This sounds terrible! Support freedom not "security".
We should stop wasting so much energy on security, and start using it to help one another to do what needs to be done.
Of course this comment got ridiculously upvoted by gnu footsoldiers. You use te bad name: MS; and attach some false accusations to it. But you miss the point that the future of security is a marketplace in which you subscribe to trusted sources. This is the future of DNSSec, Web certificates and IP sec. It is a balance between usability and security and the authorities can be Companies, EvilCompanies and other types of organisations (E.g. opendns, mozilla). As proposed by Whitfield Diffie et al
blaaa blaa bllaaa
We need choice like to chose not to use his kernel
Security erodes freedom. It's as simple as that.
Now that doesn't mean that we don't rightfully/logically trade much of our natural freedoms for general security.
Basically that is what "the State" is. A tradeoff.
Now... when it comes to electronic freedom, the stakes are a bit different. Freedom should weigh heavier than security in that world, for the simple reason that the ability to look at the actual code that runs on your computer underlies any claim to security in the first place.
It;'s a catch 22. You can't be free or secure if you're not secure to the core.
You clearly don't understand what security entails. Secure code can be free, freedom does not require a lack of security, that's just stupid.
This group of Linux users that have nothing better to do than to come bash Windows users...you're making Linux look bad. I prefer Windows 8, but also like lubuntu and such.
Get some tolerance. A little open mindedness can show us that every major OS is good and worth using for the right type of people. Unity ;)
its NOT good its bad im ripping my hair out here very VERY pissed off with it
Tell me about it...
IT IS AS GOOD AS SYSTEMD 💩💩💩
secure boot = useless
Microsoft Windows 10 Professional is a good desktop OS. Linux is not a good desktop OS. But Linux is the best server OS.
Microsoft® Operating System Version 10.034
©All rights reserved
Windows 8 made me quit Linux.
This. Linux users are starting to remind me of r/atheism...