|
|
Log in / Subscribe / Register

German government issues white paper on secure boot

[Posted November 27, 2012 by mkerrisk]

A press release from FSF Europe (issued November 20) welcomes a white paper from the German federal government on trusted computing and secure boot. "Another demand by the FSFE is addressed by the government's white paper. That before purchasing a device, buyers must be informed concisely about the technical measures implemented in this device, as well as the specific usage restrictions and their consequences for the owner: 'Trusted computing security systems must be deactivated (opt-in principle)' when devices are delivered… And 'Deactivation must also be possible later (opt- out function) and must not have any negative impact on the functioning of hard- and software that does not use trusted computing functions.'" The white paper is in essence a non-binding call to manufacturers, but is significant as a statement from a major national government against restrictions imposed via secure boot that may foreshadow more significant government action. The white paper is available in both English and German.

to post comments

German government issues white paper on secure boot

Posted Nov 27, 2012 16:37 UTC (Tue) by Aissen (guest, #59976) [Link]

So, does this apply to iOS and WinRT devices ? How about any other device capable of running a full OS? (phone, TV, set-top-box,etc.)

Addendum: unfortunately, it only applies to UEFI and other TCG-based devices, as explained in the paper:
http://www.bmi.bund.de/SharedDocs/Downloads/DE/Themen/OED...

German government issues white paper on secure boot

Posted Nov 28, 2012 3:34 UTC (Wed) by pjones (subscriber, #31722) [Link] (1 responses)

Eh, not really. They stuck a bit in the introductory paragraph saying that the white paper is also about Secure Boot, but everything else seems to be entirely tailored to TCG/TPM implementations.

Seems like mentioning SB was really last minute and not particularly well thought out.

German government issues white paper on secure boot

Posted Nov 28, 2012 12:21 UTC (Wed) by jejb (subscriber, #6654) [Link]

It's an update of their original paper on trusted computing

https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Siche...

The main changes are actually adding reference to secure boot, the section on complete control by device owners, the section on Freedom to Decide and a couple of other things.

Overall, I think it's quite considered. It has been brewing for quite a long period of time (it was hoped that this would be published over a year ago when the Secure Boot problems were just beginning)

Get the Greens agains secure boot

Posted Nov 28, 2012 6:59 UTC (Wed) by eru (subscriber, #2753) [Link]

I have long wondered if one political lever against "secure boot" with no user control would be environmental and economic considerations. Linux is often used to prolong the usable lifetime of older hardware. By contrast, a device where the OS cannot be replaced or updated after Microsoft or Apple declares end-of-life becomes e-waste (or at least unsafe to use when connected to the Internet), even if it were otherwise in perfect working order.


Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds