OSDev.org

We all know that a OS is one of, if not the hardest thing to code.
Also that we are chasing a very moving target.
But thats part of the life of a OSDev.
But the UEFI protocol as changed all that, from my reading any Windows 8 certified systems will make it very hard or impossible to install alternative operating systems (that will include linux).
See here for more info: http://mjg59.livejournal.com/

All my OSDev work will be on a processor i control, so the OS will come with the processor, its the only way for the hobby OSDev'er can go.

I'm sure this is the wet dream for Microsoft but I think it would be impossible to sell a locked down PC today. What will all those people who build their own PCs do?

This already exists in mobile phones where they try to protect operator lock down. However, they get hacked and can be unlocked. Current trend is rather that you can flash anything on your cell phone today and more and more manufacturers allow this.

I see no real purpose of having a secure boot on a PC.

Hi,

OSwhatever wrote:I see no real purpose of having a secure boot on a PC.

A secure boot (that allows the end user to disable it if they want) can be a very good thing to improve security (for the benefit of the end user). If it allows people to add/remove/manage their own keys (and therefore allows OSs like Linux to also take advantage of it) then it'd be a very nice feature that Linux/FreeBSD/whatever users could also use to improve their own security.

The problem is that nobody is too sure how OEMs will implement it; or how many systems will be "locked down" so that the end user can't disable it *or* add keys for other OSs. I can imagine that normal desktop/server systems will be fine and will allow secure boot to be disabled (and/or will allow end users to manage their own keys); but some smaller systems (e.g. smart-phones, tablets, notebooks) will be turned into "sealed black boxes" where you can only use the OS that the manufacturer intended.

Don't forget that everyone will be in the same boat - Linux, Open/Net/FreeBSD, Solaris/Oracle, Android, etc will all be worried about the same thing (and will all be working on viable alternatives in case). Also, if Microsoft (in conjunction with OEMs) do use "UEFI secure boot" to prevent competition then there may be anti-trust issues (conspiring to use a monopoly to gain an unfair competitive advantage). In some countries "locked down" hardware may be illegal and/or banned; and in other countries the threat of legal action may actually help to prevent or limit the amount of locked down hardware.

In general, it's too early to abandon 80x86 (people could be worried about nothing). Also don't forget that other architectures have other problems. For example, a significant number of ARM systems (smart-phones, etc) are already "locked down" so they aren't any better than what I'm expecting 80x86 will become. Itanium uses UEFI too, so that's not an alternative. That only leaves much less common architectures (like MIPS and PowerPC) and dead/dying/obsolete stuff.

For hobbyist 80x86 OS developers there's 3 important things to consider:

• Now that both Microsoft and Intel are pushing UEFI hard, the life expectancy of BIOS is severely reduced. BIOS (including "BIOS emulation on UEFI firmware") may quickly become a thing of the past. We all need to start adopting UEFI in our boot loaders (or for those using multi-boot, switch to whatever the heck "multi-boot 2" might look like whenever they get around to finalising the newest multi-boot draft).
• We need to be prepared to be locked out of some 80x86 machines. This means being careful (as consumers) that we don't purchase unusable 80x86 hardware. I really do wish that someone like the FSF or Redhat would start a "designed for open source" program, so that consumers can easily identify which computers are suitable for alternative OSs like Linux (in the same way the "Windows 8 logo program" makes it easy for consumers to identify which computers are suitable for Windows 8 ).
• Eventually, it may be very worthwhile to support "secure boot" in our OSs. The UEFI stuff only protects the boot loader. The boot loader is meant to verify that later stages (kernel, etc) are correct (haven't been tampered with, haven't had malicious code injected into them, etc). Nothing prevents an OS's boot loader from verifying those later stages on PC BIOS systems and UEFI systems that don't have "UEFI secure boot", and we can account for this in our OS designs and implement support for it now (so that we're not screwed if we decide to implement support for "UEFI secure boot" in our OSs later).

Cheers,

Brendan

Brendan wrote:In general, it's too early to abandon 80x86 (people could be worried about nothing). Also don't forget that other architectures have other problems. For example, a significant number of ARM systems (smart-phones, etc) are already "locked down" so they aren't any better than what I'm expecting 80x86 will become. Itanium uses UEFI too, so that's not an alternative. That only leaves much less common architectures (like MIPS and PowerPC) and dead/dying/obsolete stuff.

As you said, the reasons for secure boot loaders on embedded system has almost always been there to protect against tampering with the software. In mobile phones this was an issue since the SIM requirements (the SIM card in your phone) forced manufacturers to protect their software against tampering. This was in the early days when the radio signalling part and the usual application part was one and the same system. However, in later years the radio signalling part and the application part has become two independent systems, therefore you see less locked down phones where the radio signalling part is still locked down but you can do what you want with the application part. I cannot see this being an issue for PCs other than locking it down. The security for the end user is something that is much lower in the priority list of the manufacturers.

Brendan wrote: [*]We need to be prepared to be locked out of some 80x86 machines. This means being careful (as consumers) that we don't purchase unusable 80x86 hardware. I really do wish that someone like the FSF or Redhat would start a "designed for open source" program, so that consumers can easily identify which computers are suitable for alternative OSs like Linux (in the same way the "Windows 8 logo program" makes it easy for consumers to identify which computers are suitable for Windows 8 ).
[*]Eventually, it may be very worthwhile to support "secure boot" in our OSs. The UEFI stuff only protects the boot loader. The boot loader is meant to verify that later stages (kernel, etc) are correct (haven't been tampered with, haven't had malicious code injected into them, etc). Nothing prevents an OS's boot loader from verifying those later stages on PC BIOS systems and UEFI systems that don't have "UEFI secure boot", and we can account for this in our OS designs and implement support for it now (so that we're not screwed if we decide to implement support for "UEFI secure boot" in our OSs later).[/list]

From what I understand, we won't be absolutely locked out of *any* machines (or at least the vast majority) for the forseeable future. We *will* however, be locked out of taking advantage of secure boot on *most* machines, and will have to toggle a firmware option every time we switch between Windows and another OS.

The way most manufacturers seem to be implementing things (both from what I've seen on my Dad's UEFI laptop and from a Microsoft "you don't need to worry about secure boot being used to preserve our monopoly" propaganda piece) is a setup where there is no end-user ability to whitelist or blacklist signing keys, but where there is a firmware option to turn secure boot on and off. Windows 8+ won't boot with the option turned off, and nothing else will boot with it turned on.

Many hobby OS are target for old machine (ie. stationary target).

If you aim to chase the moving target of modern computers, UEFI is one of the least thing to worry, compared to other "locked down" by graphic and other specifications.