The Free Software Foundation (FSF) is furious with Canonical for the approach the company has taken in order to deal with the UEFI Secure Boot.
According to Muktware, the problem is known as the “Ubuntu solution” and it requires the heresy of putting a Microsoft key on a Linux machine. Machines sold as “Ubuntu Certified,” preinstalled with Ubuntu, will have an Ubuntu-specific key, generated by Canonical. They will be required by the certification guidelines to have the Microsoft key installed.
Any Ubuntu CDs, distributed separately from hardware, will also depend on the presence of Microsoft’s key in the machine’s firmware to boot when Secure Boot is active.
In a whitepaper, FSF’s John Sullivan writes that their main concern with Ubuntu is the dropping of Grub 2, which is licenced under GNU GPLv3, in favour of another bootloader with a different license that lacks GPLv3’s protections.
He wrote that Canonical is worried someone might ship an Ubuntu Certified machine with Restricted Boot. To comply with GPLv3, Ubuntu thinks it would then have to divulge its private key so that users could sign and install modified software on the restricted system.
However, Sullivan said that argument doesn’t hold up and is based on a misunderstanding of GPLv3. He slammed Canonical for not getting on the blower to ask the FSF about these problems before pressing ahead with the changes.
Sullivan said that addressing the threat of Restricted Boot by weakening the license of the bootloader makes no sense.
He said that with a weaker licence, companies will now have a form of advance permission to obstruct the user’s ability to run modified software. Ubuntu has chosen a path which allows a Restricted Boot and is self defeating.
Sullivan called on Ubuntu and Canonical to reverse its decision, and promised to help it with any licensing concerns.
He wants Ubuntu to support users generating and using their own signing keys to run and share any versions of the software – not requiring users to install a key from Canonical to get the full use of their operating system.