German govt comes out against Trusted Computing and Secure Boot

Trusted Computing and Secure Boot, especially Secure Boot, are supposed to boost the security of devices that you own. Yes, devices that you own! However, judging from the manner that Secure Boot has been implemented, it sure feels like you do not own that device you bought with your money. Hence the phrase Restricted Boot is more apt.

And since corporations now run the government, a corporation with enough power (and money… the power comes from the money) can dictate what you can do on and with that device that you own. Microsoft’s ability to dictate to hardware vendors, and by proxy, dictate to you, how secure boot can be implemented, is a very good example.

So far, who has challenged Microsoft? Other than dissenting voices from the Free Software and Open Source community, nobody.

But the German government has made an official statement on Secure Boot (and Trusted Computing). Since it’s just a position statement, it does not count as a legal challenge to Microsoft, but it’s s start. The Free Software Foundation Europe was the first to report on this German government statement.

Here are key points that they made:

3. Complete control by device owners
Device owners must be in complete control of (able to manage and monitor) all the trusted computing security systems of their devices. As part of exercising control over their devices, device owners must be able to decide how much of this control to delegate to their users or administrators. Delegating this control to third parties (to the device manufacturer or to hard- or software components of the device) requires conscious and informed consent by the device owner (i.e., also with full awareness of possible limits on availability due to measures taken by the third party to whom control options were delegated).

With Restricted Boot, you are no longer in charge of your device, especially a computer preloaded with a Microsoft Windows 8 operating system.

4. Freedom to decide
When devices are delivered, trusted computing security systems must be deactivated (opt-in principle). Based on the necessary transparency with regard to technical features and content of trusted computing solutions, device owners must be able to make responsible decisions when it comes to product selection, start-up, configuration, operation and shut-down. Deactivation must also be possible later (opt- out function) and must not have any negative impact on the functioning of hard- and software that does not use trusted computing functions.

I agree. Give me all the fancy security features, but let me decide whether I want to turn any on or not. Even when enabled by default, make it easy for me to disable them.

6. Private use
The Federal Government explicitly calls on makers of trusted computing devices and components (both hard- and software) to offer devices and components also to private users which allow owners complete control over the trusted computing security system at all times.

Nice statement, but the German government needs to do more than “call on makers.” They have an obligation to protect consumers from mega-monopolies. For starters, an anti-trust investigation of the license agreement between Microsoft and hardware vendors will be a step in the right direction.

While we await a more meaningful action from the German government, what has the government over here in our America done or said about this?

You may read the complete German government statement in a PDF file available here.

Related Posts

How to install Oracle JRE and make it the default JRE on Ubuntu 14.04 A few hours ago I had to install DataStax OpsCenter from the DataStax (community) repository on a new installation of Ubuntu 14.04. DataStax OpsCenter...
What’s new in Kate Kate is a professional text editor for the K Desktop Environment (KDE). It is one of the most feature-rich and advanced text editors available on any ...
Govt must stop breaking procurement rules and move to open source The Portuguese Association for Free Software (Ansol) is urging the government to stop buying proprietary software licences without a public tender, an...
Google Reader axed. Is FeedBurner next? Google has announced that the Google Reader service will not be available after July 1 of this year (2013). The service, which provided a "cloud" port...
Samsung Chromebook 2 will be powered by the Exynos 5 Octa processor The Samsung Chromebook 2 11.6-inch and Chromebook 2 13.3-inch models are the company's latest additions to its line of Chromebook computers. And they ...
New System Makes Household Communication Networks More Versatile Household network communications is developing so quickly that it is necessary to adapt and change in order to take advantage of the new services and ...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


One Comment

  1. Geez, I feel like my computer is turning into a tablet or smartphone, where I’ll have to jailbreak it before I can even load the software I want, onto it. 🙁

    Actually, this is one of the reasons I have yet to purchase a tablet. Once I can dual boot GNU/Linux with KDE touch screen plasma desktop, then I’ll buy a tablet. Until then, I’m sticking with laptops… so long as I can keep installing the OS of my choice on them…

Leave a Comment

Your email address will not be published. Required fields are marked *

*