SecureBoot was meant to be a feature to avoid malware and insecurities to run in a computer, but leaving this nonsense stupidly-made concept for the end, let's first see what is happening:
- Please, don't until the end, the explosion will be bigger -
First important point:
Most people have choose open-source software (Hurd, Linux, BSD, etc) because they are allowed to modify the source code and change it for their needs, it allows them to HAVE FREEDOM.
So let's say I want to recompile the default kernel provided by debian, this is easy:
$ apt-get source linux
- then you append a patch, change settings, whatever...
- then you recompile the package, perfect! you have a package of the kernel ready and working, just in the same way is built on debian, and that's the idea by having apt sources after all
But then, your package is named -unsigned, its ok, you can install it and having your extra modules added and working, but since it is not signed, you cannot use it with secureboot-(limited) computers
No problem, you do the same for the signed package:
apt-get source linux-signed-amd64
This one is meant to contain the signatures (.sig files) that proofs the integrity (so, not modified) of the compiled modules and kernel, so, if every .sig file matches the compiled binary module in its checksum, and builds a kernel package without the "unsigned" name-extension
This means, this new signed package can boot in a secureboot system, but if you compile an extra module that is not signed, you cannot load it (example: you cannot use the virtualbox or nvidia module if is not signed, nor reiser4 or aufs modules too)
Simple to understand, right? SecureBoot only allows your machine to boot from a trusted source
More specifically, it only allows to boot from what "someone with authority" decided to confirm (by signing) that is this executable is trustable does this makes sense? well, a bit
Now, who is "that authority"? Originally only microsoft (only we own the keyyys!!), and if you wanted to be able to sign anything, you must pay microsoft a large amount for that. Actually seems like there's more keys and linux developers and debian developers can sign the executables too, not bad...
But wait, let's come back at the original problem: we have "apt-get source" the linux-signed-amd64 package, in order to do the same thing (modify it to your needs), and what we have inside? a lot of .sig files that references to the exact checksum of the compiled kernel modules. Where are the .sig files for the new extra modules that you included in your modified kernel? there's not... we should add it then... ?
Wait! there's no code! these are unmodifiable binary files! (did i already say "apt-get SOURCE"?). You can generate a new one for your module but not! you don't own the keys! wtf i feel confused!
Let me say again: you download it as "apt-get source package" to modify the source code to satisfy your needs, that what all this opensource freedom is about, and you can't!
Have we lost our FREEDOM!?
Have we lost our FREEDOM!?
Have we lost our FREEDOM!?
Now, let's think one moment, this is what this supadupa-in-drugs-invention-by-microsoft concept has about "security"?
- computer turns ON
- bootloader needs to be signed in order to run
- kernel loaded by bootloader needs to be signed in order to run
- you cannot load "untrusted" modules of kernel if they are not signed, your computer is limited, LIMITED
This reminds me of one time when Windows extorted manufacturers requesting a fee in order to include their hardware drivers to be accepted in windows, otherwise you had a message saying "this driver is not trustable, do not use it! it's dangerous!", what a fuckers...
But then what? your system has booted, and you are using it, even if you are a simple user (with root access) or an admin of datacenters, you can INSTALL any software in the computer, this software runs as ADMIN (root), for example just adding it as a daemon in the boot process, and since has full privileges, it can do anything in your computer, so you are fsck'ed no security cookies for you today
Ok let's imagine, in a supposed future, you cannot install any application (or run it) in the system level if is not signed (trusted), so again: you are not allowed to run the software you wish to have, your computer is limited, LIMITED
But you can still install software from user, right? you can download a tarball and compile it yourself, install it in your home, and run it, right? so where is this FUCKING security? -that- code can do anything with your user-data, destroy, corrupt, steal your passwords, etc, so where is the security, mr. stinky microshit? the security is on the system layer? we don't care about the system layer! it is just an OS that can be reinstalled in minutes, there's no important data on it (but we want it to work in a secure and trusted way, that's true), so again, where is the security?...
Oh, are we supposing an ideal future where EVERY exectuable cannot run if is not signed? even in the user-level layer? well, on such case, sounds secure, but then you are allowed to do almost nothing, only use the software provided by the OS
Then you cannot even create a bash script? they have to be signed in order to run your code?
Then your shells will not work anymore because you cannot run things that are not signed?
Is this the end of the software world? not yet...
The end of the world:
So we are living now in a world where you can only run software provided by the OS and you cannot open a terminal, nor write any script, you are happily living in a 1984 world, what's next?
One day the master keys is believed to be insecure
Micro$haft has the master keys of the control of all the computers of the world
One day, the master key doesn't allow other OS's to be signed anymore, and then only windows is allowed to boot
All 100% of the computers runs windows now
The secureboot virus has been procreated everywhere so much that you cannot buy a computer without the hardware / bios strict secureboot limitation (becase we accepted today to use it!)
I will let your imagination fly...
Let me say it clear: I would like to make elive to run on computers that requires secureboot to be able to use elive, but i don't want to support this macroscopical-catastrophical shit, which I think it is very dangerous the day of tomorrow. I think that the entire free-software/opensource community should simply boicot secureshit by not supporting it (not against security but against shit), and claiming the users to return their limited computers to the sellers since they are broken by design, this megalomaniac idea should be not be accepted, it should be illegal!
"This isn't security, it's user harassment" - @triantares
Some interesting links: