Bad Windows

THE fight against TomTom gave considerable force to Microsoft’s extortion-esque attacks on Linux. Unlike the Novell deal, this court case was about resistance to Microsoft, whereas Novell was the one that came to Microsoft, asking for the deal. Here we are in 2012, merely 3 years after the TomTom case and nearly 6 years since Novell came to Microsoft.

“Microsoft [is running scared from Germany because of #swpats”, writes Alan Lord, noting that just after the FAT decision and involvement from Linus Torvalds the Motorola case is weakened even further. We wrote about FAT recently because Microsoft is losing its patent teeth, which are rooted in lousy patent gums. One report on this subject comes from Reuters:

Read more at TechRights

What a difference a week makes. It was just the other day that Linux bloggers were celebrating the news from researcher Net Applications that desktop Linux had surged in popularity in recent months. Now, the mood in the blogosphere has plummeted once again as a result of the latest developments on the Windows 8 front. Secure Boot, that is — a topic astute readers may remember from last fall but that lately seems to have taken a turn for the worse.

Read more at LinuxInsider

As Linux becomes more firmly entrenched in businesses, and as cloud computing advances in general, Linux and the cloud are set to converge faster than ever. In fact, some are looking at 2012 as the year that Linux begins to dominate in the cloud. That’s why a new post out from Mary Jo Foley is significant. Foley reports (based on input from contacts who ask not to be identified) that “Microsoft is preparing to launch a new persistent virtual machine feature on its Azure cloud platform, enabling customers to host Linux, SharePoint and SQL Server there.”

Read more at OSTATIC

Secunia has reported that an unpatched security vulnerability in the 64-bit version of Windows 7 may be able to be exploited to inject and execute malicious code; currently, the only known exploit causes the system to crash.

It is possible to trigger a memory error in the system file win32k.sys by accessing a crafted HTML file in Safari. webDEViL, who discovered the vulnerability, has published a proof of concept on Twitter. His demo simply consists of an IFrame with a specific height which when displayed in Safari results in a blue screen of death.

Read more at H-online

Please sign our statement to show your support!

Microsoft has announced that if computer makers wish to distribute machines with the Windows 8 compatibility logo, they will have to implement a measure called “Secure Boot.” However, it is currently up for grabs whether this technology will live up to its name, or will instead earn the name Restricted Boot.

When done correctly, “Secure Boot” is designed to protect against malware by preventing computers from loading unauthorized binary programs when booting. In practice, this means that computers implementing it won’t boot unauthorized operating systems — including initially authorized systems that have been modified without being re-approved.

This could be a feature deserving of the name, as long as the user is able to authorize the programs she wants to use, so she can run free software written and modified by herself or people she trusts. However, we are concerned that Microsoft and hardware manufacturers will implement these boot restrictions in a way that will prevent users from booting anything other than Windows. In this case, a better name for the technology might be Restricted Boot, since such a requirement would be a disastrous restriction on computer users and not a security feature at all.

The potential Restricted Boot requirement comes as part of a specification called the Unified Extensible Firmware Interface (UEFI), which defines an interface between computer hardware and the software it runs. It is software that allows your computer to boot, and it is intended to replace the traditional BIOS. Most Lenovo, HP, and Dell computers ship with UEFI, and other manufacturers are not far behind. All Apple computers ship with EFI and components from UEFI. When booting, this software starts a chain which, using a public key cryptography-based authentication protocol, can check your operating system’s kernel and other components to make sure they have not been modified in unauthorized ways. If the components fail the check, then the computer won’t boot.

The threat is not the UEFI specification itself, but in how computer manufacturers choose to implement the boot restrictions. Depending on a manufacturer’s implementation, they could lock users out of their own computers, preventing them from ever booting into or installing a free software operating system.

It is essential that manufacturers get their implementation of UEFI right. To respect user freedom and truly protect user security, they must either provide users a way of disabling the boot restrictions, or provide a sure-fire way that allows the computer owner to install a free software operating system of her choice. Computer owners must not be required to seek external authorization to exercise their freedoms.

The alternative is frightening and unacceptable: users would have to go through complicated and risky measures to circumvent the restrictions; the popular trend of reviving old hardware with GNU/Linux would come to an end, causing more hardware to be tossed in landfills; and proprietary operating system companies would gain a giant advantage over the free software movement, because of their connections with manufacturers.

We will be monitoring developments in this area closely, and actively campaigning to make sure this important freedom is protected. Our first step is to demonstrate that people value this freedom, and will not purchase or recommend computers that attempt to restrict it.

Please sign our statement to show your support!

You can also stay up-to-date on this issue by:

• Subscribing to the monthly Free Software Supporter
• Following us on identi.ca @fsf
• Reading our blogs or subscribing to our RSS feeds

Learn more about Windows 8, UEFI, and boot restrictions

Resources

• English Wikipedia UEFI overview
• UEFI Specifications
• White Paper: Secure Boot impact on Linux, a joint publication between Red Hat & Canonical.

News and Blogs

• UEFI secure booting, by Matthew Garrett; in addition to providing a brief overview of Restricted Boot, this article explains specifically why dual-booting an operating system may be difficult, or at times virtually impossible, for systems implementing and using Restricted Boot.
• Trusted Computing 2.0, by Ross Anderson of the Security Research, Computer Laboratory, University of Cambridge.
• Protecting the pre-OS environment with UEFI,Tony Mangefeste of Microsoft — a response to Garrett, et al.
• UEFI secure booting (part 2), by Matthew Garrett — a follow-up to Microsoft’s blog post.
• ArsTechnica article
• Supporting UEFI secure boot on Linux: the details, by Matthew Garrett
• On November 2, 2011, ZDNet blogger, Ed Bott, reports:
  • A Dell spokesperson stated that, “Dell has plans to make SecureBoot an enable/disable option in BIOS setup.”
  • HP has only stated that, “HP will continue to offer its customers a choice of operating systems. We are working with industry partners to evaluate the options that will best serve our customers.”

Last week, we took note of the fact that two of Microsoft’s lawyers, Brad Smith and Horacio Gutierrez, have a post up regarding Microsoft’s announcement of its tenth license agreement providing coverage under its patent portfolio for Android mobile phones and tablets. They also note that Microsoft has inked nine Android agreements in recent months, and that “companies accounting for over half of all Android devices have now entered into patent license agreements with Microsoft.” While it sometimes seems non-obvious, Microsoft gains as Android gains. Now, Gutierrez is defending the situation as perfectly normal in a new interview.

Read more at OSTATIC

WE STRONGLY encourage everyone who is sceptical to read our past posts about Meego and the mole which took over Nokia to pass patents for the cause of attacking Android [1, 2] (an antitrust concern) while also lobbying for software patents in Europe, advertising Windows, and burying/undermining some vital Linux projects including three car projects:

Read more at Techrights

Microsoft has signed a patent agreement with $28 billion Taiwanese original device manufacturer (ODM) Compal Electronics. With this tenth Android agreement, over half of all Android devices are now being made by companies that have signed Android-related licensing pacts with Microsoft, claims the company.

Compal Electronics has a $28 billion business, and represents 16 percent of the Android ODM market, according to Microsoft, which already signed up the other two major Taiwanese ODMs in previous patent deals with Wistron and Quanta Computer. The latter is the manufacturer of Amazon.com’s Kindle Fire Android tablet, while Compal manufactures the Motorola Xoom tablet, among other devices.

Read more at LinuxDevices.com

A couple of new examples of Microsoft breaking rules to break Linux or break apart Linux contracts

Antitrust complaints have already been filed against Microsoft in response to blocking of Linux through UEFI [1, 2, 3, 4], so ZDNet’s Microsoft’s bloggers start disinformation campaigns (two of them so far). It is like a coverup attempt.

Over in Tamil-Nadu [1, 2, 3] there are some interesting developments going on and Glyn Moody, having read an article we helped research, compared this to Newham’s Microsoft fiasco. Another thing he said in his blog post about Microsoft’s response to GNU/Linux adoption:

Read more at Techrights

Microsoft has announced that it is developing an SQL Server ODBC driver for Linux. The news was announced by Microsoft’s Corporate Vice President of Database Systems, Quentin Clark, at this year’s PASS Summit 2011, and follows the recent news that Microsoft is planning to port Apache Hadoop MapReduce to SQL Server and its Azura Cloud platform. The driver is designed to give Linux and Unix operating systems access to Microsoft’s SQL database platform.

Read more at H-online