Dual Boot Not Trusted, Rejected By Vista SP1 525
Alsee writes "Welcome to our first real taste of Trusted Computing: With Vista Enterprise and Vista Ultimate, Service Pack 1 refuses to install on dual boot systems. Trusted Computing is one of the many things that got cut from Vista, but traces of it remain in BitLocker, and that is the problem. The Service Pack patch to your system will invalidate your Trust chain if you are not running the Microsoft-approved Microsoft-trusted boot loader, or if you make other similar unapproved modifications to your system.
The Trust chip (the TPM) will then refuse to give you your key to unlock your own hard drive. If you are not running BitLocker then a workaround is available: Switch back to Microsoft's Vista-only boot mode, install the Service Pack, then reapply your dual boot loader. If you are running BitLocker, or if Microsoft resumes implementing Trusted Computing, then you are S.O.L."
But what if... (Score:5, Interesting)
What happens on systems without a TPM?
Affects crack? (Score:4, Interesting)
Does one of the more popular Vista cracks not rely on booting Grub4Dos to load a bit of code to patch the kernel after boot?
I am thinking this will be affect the crack.
Before anyone says it, no, I am not running a pirate version of Vista, so I cannot check. In fact... not running any version of Vista, joy!
Vista and Mac OS? (Score:5, Interesting)
Has anyone tried this with Boot Camp? I had no problems with Mac OS X and FileVault dual-booting with either XP SP2 or Vista base.
Not trusted for a reason (Score:5, Interesting)
If you are using BitLocker then you want your data to be secure. There are probably ways that a compromised boot loader can allow an attacker access to your data. Vista closes this security hole by requiring the boot loader to be a cryptographically signed binary that it trusts. If it didn't, this story would instead be "Vista BitLocker encryption not secure on dual boot systems".
That being said, there should be a way to register other trusted signature keys in Vista to allow 3rd party boot loaders. I don't know if there is or not, but there should be.
Comment removed (Score:5, Interesting)
Re:Who cares? (Score:2, Interesting)
Is there really any need to choose between operating systems at boot time on a single box any more?
Let me rephrase that question:
If there wasn't a need for multi-boot systems, why do so many of us have that arrangement? My answer might be special hardware not supported by virtualization, like TV capture cards... In addition, there IS a performance hit using virtualization; loading each OS on their lonesome allows for maximum resource availability.
That, of course, is my humble opinion.
Re:You can use the Vista boot loader (Score:3, Interesting)
I'm confuse why anyone would dual-boot Vista. Dual booting Windows to have a game machine is simply practical, but Vista sucks vs XP as a game platform - it's slower and takes far more resources to run at all (and if you didn't have resource limits, you'd just have 2 boxes). Why would you do this?
And what if another Quicken fiasco? (Score:4, Interesting)
Does anyone else remember when Quicken a few years ago would overwrite the MBR or something like that, and break dual-boot systems?
What would that do in this case? Brick windows until reinstall?
I thought it was bad of Microsoft to intentionally not read Mac floppy disks. I feel the dual-boot issues (minus BitLocker security issues in this specific case) with windows and linux (or any other OS) are just another example of that same mentality: Make it difficult to work with other systems, to try and keep people locked into the MS trash can for as long as possible.
Re:Who cares? (Score:3, Interesting)
Native hardware support. You can't use specialized hardware (like tuner cards, but there are others). In particular, you can't use 3D acceleration at all unless you fork over for VMWare, and at that it's nowhere near perfect.
Re:Only a problem if you have TPM? (Score:5, Interesting)
(I, however, use the Windows boot loader.)
Re:You can use the Vista boot loader (Score:1, Interesting)
All of that was all arbitrary "fuck-you" coding style anyways, and it should have been written flexibly from the start, like Grub.
Why would a company that makes it's bread and butter off it's operating system take time to code support for alternative operating system's in their boot loader??? The fact of the matter is as a prior post pointed out simply use the windows boot loader can make things much easier. Boot.ini [morpheus.net] is right there a C:\
Re:How is this news? (Score:4, Interesting)
Exactly. I see nothing wrong with third-party boot loaders not being trusted by Vista/TPM by default. If nothing else, the system has no way of knowing if you installed them yourself or if they're part of some sort of root kit. What I don't like is that there isn't a way for the person who owns the computer to override this. As several other posters have commented, this just shows that "trusted" means "trusted by Microsoft not to let users do anything except what Microsoft wants them to."
I thought I was missing something because on my... (Score:3, Interesting)
...dual boot Vista Ultimate 32-bit/OpenSUSE dev box at the office, I've got SP1 installed and haven't had to touch my bootloader (which works just fine by the way) and Vista works fine as well (in other words it works the same as before ;)...) I thought I was missing something so I read the actual article and it claims (unless I did miss something) that the problem occurs whether you use Bitlocker or not.
Re:You can use the Vista boot loader (Score:5, Interesting)
The problem with your argument... (Score:3, Interesting)
Is that the whole security premise of "trusted bootchain" is wrong.
Granted, that's one way of infecting a machine. But we haven't seen BIOS bootsector-type viruses since the 80's. Why would you write a bootsector virus when you can just crack the host OS?
Vista is huge, and having a secure bootchain won't change the fact that it's probably riddled with security holes anyway. Someone able to reverse engineer the checksumming code can simply modify the checksummer so that the bootchain always passes validation. What is to stop virus running with administrative user priveledges from modifying this key system binary (probably a DLL, at that!) under the auspices of a "system update"?
So what you get is an OS which can be modified to report that it is secure, when in fact it is not. This is the whole problem with the "trusted computing" initiative - others - presumably media companies - are trusting your machine to tell them that it is secure. It's a broken security model from the outset - who's to say you aren't running Windows in a virtual machine? - and only inconveniences the users.
Re:But what if... (Score:5, Interesting)
Not at all true. Security isn't binary. Bitlocker alone will stop 99% of attackers who try to get at your data through physical access. The rest probably won't bother with a trojan bootloader--they'll either use rubber hose cryptanalysis or a hardware keylogger, depending upon how stealthy they want to be.
I don't see a problem with Bitlocker using TPM in this way at all. But it should allow me to disable the bootloader check if I so choose.
Re:But what if... (Score:2, Interesting)
I would agree FDE needs to protect itself, but every story about bitlocker raises alarms for me because its original name was secure startup and its original purpose had little to do with protecting users, that was an added bonus that made it easier to sell to users as a "feature".
Re:Not trusted for a reason (Score:3, Interesting)
Ho-Hum
When has "what the market wants" been a primary concern for Microsoft?
Not for the past ten years. No siree.
Perfect data protection can be achieved by FREE disk/partition and file encryption.
The kind of protection this thing says it provides (supposedly, it would prevent hw based attacks), means nothing since anything you want to do on hw, you can do on javascript, againsta outlook, against IE, against the taskbar, against silverlight, against a really really big stack of software that is as vulnerable (probably way more), as any other stack that size (size==HUGE).
Trusted Computing my ass. One could hook up against some usb buffer here or there that they dont check, against a printer, for example, or that shiny bluetooth special dongle you have.
Its just idiotic and will do NOTHING to prevent any kind of the scams we are seeing today.
How about working and ironing out your bugs and vulnerabilities?
Well, apparently, thats not the way to do it in redmond.
Re:You can use the Vista boot loader (Score:5, Interesting)
Because their customers want them to.
Using the Windows boot loader to chainload code off another partition is, AFAIK, impossible.
Besides, in Vista the nice, easy-to-modify boot.ini file is gone. It is replaced by yet another binary registry-like database. Typical Microsoft.
Re:Only a problem if you have TPM? (Score:5, Interesting)
Re:Except that... (Score:5, Interesting)
Our lab technicians were upgrading vISTA PC's to use the department's standard linux build. For whatever reason, the BIOS wouldn't allow the LINUX install DVD to BOOT. So they had to remove the hard disk drives out of the PC's with built-in TRUSTED SECURITY BIOS'S, pop them into an older untrusted XP system, and then install the linux build and put the hard disk drive pack in again. IT's a pain, but if OS vendors are going to install security measures without consulting their users, this is what is going to happen. Everyone is going to think of ways of getting around these "security measures".
Re:How is this news? (Score:3, Interesting)
"as the hardware want to trust a specific bit of code (e.g. the linux boot loader) then I should be able to manually sign it somehow"
Correct me if I'm wrong but I think if Microsoft is implementing trusted computing in order to implement DRM, to prevent pirating, then it would be by design to prevent users from signing or trusting any software on their own. If they allow to sign arbitrary software and run it on a trusted computer the whole point of the DRM part of trusted computing is defeated and the BSA, MPAA and RIAA get mad. There is a big difference between the motivations Stallman has in signing things and Microsoft and its corporate partners have in signing things.
Re:You can use the Vista boot loader (Score:3, Interesting)
Re:Affects crack? (Score:2, Interesting)
I've had positive experiences with Acer support once I actually figured out how to get a hold of their support department (dealt with someone from Texas once and California a few times, not India).
Fast turn around times, prompt service, not much paperwork involved with either Software replacement CDs or hardware warranty work. And my service requests were for machines worth less than $500 so you know I wasn't "worth" much to them.
I used to have a very very different opinion of their machines and support until I actually had to use more than 20 of their machines for a corporate setup (purchased individually and not registered with them as a corporate customer).
Your mileage may vary of course.
- Toast
Indeed.... (Score:2, Interesting)
Re:But what if... (Score:5, Interesting)
Or it could just be a subtle, intentional way of censoring what somebody considers a really sensitive topic. The way it works is that first page of the posts are basically offtopic throwaway posts that get modded up by the gatekeepers to force any ontopic comments (if any) into the second page. Thus, any noobs or stray readers will not even find out why anyone would care about the topic, will be distracted by what seems a stupid, nonsensical discussion and go read something else. Thus, the extent of any negative public reaction is effectively controlled.
Re:But what if... (Score:3, Interesting)
You don't care (4 digit uid), I don't care (5 digit uid), a very cursory glance appears to show that those who do (in this thread at least) have 6 and 7 digit uids... maybe it's a "length of time on the site" thing?
Hard Hack Solution (Score:3, Interesting)
I once soldered together a system using a (keyed) switch with enough contacts to allow me to effectively swap the master and slave jumpers on two hard drives. (The key part helps because you'd only want to do it when the system was powered off!) But the end result is dual booting between two dedicated hard disks, that aught to stump vista!
The big deal is GRUB (Score:2, Interesting)
It is time to take note that Red Hat, SuSe and Ubuntu are still using legacy GRUB since the new GRUB 2 does not seem to be ready for prime time.
Legacy GRUB is not being developed any longer, even patches are not accepted. The project had no developers working on it for the past 3-4 years. The major distros have just forked it without saying so. And it is a company fork, each distro has its own conconction.
QUOTE: GRUB Legacy has become unmaintainable, due to messy code and design failures. :UNQUOTE
Who said that? Not Microsoft, check here: http://www.gnu.org/software/grub/grub-2-faq.en.html [gnu.org]
Re:But what if... (Score:0, Interesting)
Re:How is this news? (Score:3, Interesting)
Correct me if I'm wrong but I think if Microsoft is implementing trusted computing in order to implement DRM, to prevent pirating, then it would be by design to prevent users from signing or trusting any software on their own.
I'd say their trusted computing scheme puts bit locker and encryption are far higher up on their list than preventing piracy.
If they allow to sign arbitrary software and run it on a trusted computer the whole point of the DRM part of trusted computing is defeated and the BSA, MPAA and RIAA get mad.
Ah... no. Not at all. The two aren't actually in conflict. Suppose the MPAA demands a 'trusted path' and requires all drivers to be approved by them before they'll show their precious HD movie. Microsoft with their trusted computing systems has enabled that.
But if I were able to self-sign a driver, so that my copy of vista would accept it as ok to run while driver signing was enabled, what would that do to defeat the MPAA's 'DRM'? Nothing at all!! Because the MPAA doesn't trust my signature, so even though the code is signed by me, its not signed by THEM, so as long as I'm running 'vux984's video driver', the system won't play their content, and its safe from my 'untrusted' (by them) driver.
There is no conflict here!!
1) I can run anything I trust on my computer.
2) If I want to play -their- content, I'd to provide a system -they- trust.
We are already seeing the beginning of this outside of the 'trusted computing' systems...for example already some games won't run if they detect certain other programs running -- like debuggers, virtual CD rom systems, known cheat programs, etc.
And its been a fairly peaceful co-existence... its not like they don't allow us to run debuggers and whatnot... just not at the same time as their software. The same sort of situation could arise with drivers... especially if we get to the point where we can reliably load and unload more of them on the fly.
There is a big difference between the motivations Stallman has in signing things and Microsoft and its corporate partners have in signing things.
Microsoft is certainly aiming to accomodate its corporate partners, but there's actually no conflict to including accomodating the stallman's of the world too.
Re:People seem to be missing the point (Score:3, Interesting)
Well, you say that, but it's a jolly sweeping statement. I want exactly that, and this system is not built to permit it. I develop for Solaris, but use corporate tools on Windows.
Takes me back to the old days when you couldn't install Windows without it dumbly overwriting the MBR and screwing your Linux boot process. Anyone would think that MS don't want you dual booting, and write their software not necessarily to make it harder, but certainly with no interest in making it easier!
Now, remind me, who is trusting and what is trusted? Clearly I am not trusted to decide to if I want to dual boot, whether I am a network admin or not.
Justin.
Some old guy once told me.... (Score:2, Interesting)
Re:People seem to be missing the point (Score:3, Interesting)
Perhaps you are missing part of the picture too.
As a network admin administrating machines for a non-technical user base, then yes as the nominal 'owner' (as in person responsible for) of the machines , you want to be able to prevent non-technical users from doing nasty things like altering the boot sector or installing untrusted (as in not trusted by you) software.
However, this system changes that. Even though you are the nominated owner (as in person who is responsible for the machines), you no longer have control over what is or is not trusted.
So if in a couple of years time, you decided that you wanted to change the software or OS running on the machines you are responsible for .... you can't.
The choice is no longer yours.
This isn't a question about what users can do, it is about what owners can do.
For many of the people on SlashDot, owner and user are the same person. I own, and am responsible for, my desktop machine.
In a business environment, owner and user may be different people, but the issue is the same.
The person who is responsible for the machine should have full control of the machine, not the 3rd party that supplied the OS.
As the owner (as in person who is responsible for the machines), you may choose to accept the default settings supplied by OS, but you should have that choice.
Otherwise, you are not the owner any more, you just become another user, albeit one step up in the food chain.