In the wake of Truecrypt’s sudden implosion, someone sent me a link to this curious blog post. I can see why many people might find the timing interesting, but there are a number of details this particular blog post doesn’t get correct, and it actually spends most of its time talking about stuff that has little or nothing to do with Truecrypt.
What’s unclear to me is whether he’s trying to say the industry is deliberately sabotaging Truecrypt, or if he’s simply trying to make a list of things that are making life difficult for Truecrypt. His post bothers me a lot less if it’s just a laundry list of challenges, but either way, the inaccuracies remain.
UEFI. UEFI’s purpose isn’t to marry a computer to a particular operating system till death do they part. UEFI is the modern replacement for the antiquated BIOS, the piece of software in ROM that once ran the computer but in recent years does little more than initialize the machine and load an operating system. The BIOS was designed in 1980 and is many years past its usefulness.
UEFI will effectively block older operating systems from running on current hardware, at least unless you do some gymnastics. But it does absolutely nothing to keep you from upgrading to new versions of the operating system. If you buy a Windows 8.1 computer today, Windows 9 will run fine on it. If you run Linux, next year’s Linux distributions will run just as easily on it as this year’s distributions do. Microsoft absolutely doesn’t want to keep you from going forward–OS upgrades used to be a cash cow and Microsoft absolutely wants to return to those days if they possibly can.
In fact, this practice of setting a baseline operating system and blocking earlier versions is no different from what Apple has been doing since the 1990s, and I may be the only one who ever raised any objection to that.
For that matter, if you buy a computer with Windows and want to dual-boot Linux or BSD, or switch to Linux or BSD entirely, UEFI isn’t designed to prevent that ether. Which leads us to the controverial…
Secure Boot. Secure Boot isn’t designed to lock out non-Microsoft operating systems. Some implementations of it effectively do that, but it’s possible to implement it in a Linux-friendly manner. Secure Boot’s reason for living is to block boot sector viruses and, hopefully, some rootkits. Modern operating systems are reasonably secure, but the old, traditional BIOS and boot sector provide several ways to march right around those defenses.
I would object to the Microsoft-centric implementations more if this were 1994 than I do today. Many computer makers are shipping computers running Chrome or even Android, and they no longer do Microsoft’s bidding at every turn. I expect the Microsoft-centric Secure Boot implementations to whither away with time. If this were 1999 when Microsoft’s market share was around 97 percent, I’d be yelling louder than anyone else. But these days, it’s the PC makers getting concessions from Microsoft instead of the other way around.
Besides, many Linux enthusiasts build their own PCs, so they can simply choose a motherboard with a friendly implementation of Secure Boot. If they want a laptop, they can buy an Intel-based Chromebook and install Linux on it if they can’t find any other option, but that seems unlikely.
GPT. I have no idea why Truecrypt never supported GPT drives, but GPT is more progress. The old traditional MBR method was yet another piece of 1980s technology that was making life difficult for us today. It made sense in 1980 with the hardware IBM had to work with when developing the first IBM PC.
I won’t shed any tears for the MBR going away. It’s rather fragile, and even though modern filesystems will recover gracefully if you pull the plug on the system, the MBR may not, so you can lose your partition table even though the filesystem would recover gracefully. You can rebuild the MBR and get your data back, but you shouldn’t have to. This is 2014, not 1984.
That said, new operating systems are going to support booting off MBR for some time to come, so lack of GPT support in Truecrypt isn’t a showstopper. We’ve been living with MBR’s frailties for 33 years now, after all.
Always-on PCs. This was another curious thing to bring up. Ever since the ATX architecture arrived in the mid 1990s, PCs haven’t truly powered off unless you pulled the plug from the wall. Just how deeply the computer powers down has been in flux, partly because people want their computers to boot or unhibernate as quickly as possible. If you’re concerned about the electrical draw or what the computer might be doing while it’s sleeping, you can swap in an ATX power supply that has a physical power switch on it and switch it off that way, or plug the PC into an old-school power station with switched outlets on it.
Given Karl Denninger’s background of having run ISPs, I’m surprised he’s not aware of these things–or in regular communication with people who can quickly explain them–and I don’t understand why he tried to tie them to Truecrypt. They aren’t an industry conspiracy against Truecrypt; they’re technologies that have been in the works for many years to solve longstanding problems, and the biggest thing holding them back was probably Windows XP because it predated GPT, UEFI and Secure Boot.
Are these technologies perfect? No. Are they better than what we have now? Definitely. The technologies they replaced were designed to support a machine whose specifications are laughable by today’s standards: 4.77 megahertz clock speed, a 16-bit memory bus, support for as little as 16 kilobytes of RAM from the factory, and storage on 160 kilobyte floppy disks and a 10 megabyte hard drive (both optional). When that’s what you have to work with, you’re not thinking about security. You’re happy to get the machine to boot and have any resources left for the user to do something with. These technologies that Karl Denninger sees as a threat to his security and privacy are actually designed partly to improve security and privacy. Deliberate security threats are relatively rare.
Like I alluded to earlier, modern operating systems have a lot of impressive security baked into them, but for decades we’ve been placing blind trust in what happens between the time you hit the power button and the time you get a logon prompt. If you can slip yourself into the boot process, you have ample opportunity to completely sidestep all of the basic security controls that we take for granted. In 2014, we can do better than we have been doing, and I’m glad that we’re finally starting to try.