These articles cover the latest news on both the Linux and Windows operating systems.
One reason many people are moving from Windows to Linux is security. People are tired of getting their Windows computers hacked every time they go online. The problem is that the Windows operating system has a Call Home function that is basically an open back door for hackers. But what is the point of having a secure Linux operating system on your computer if it has another program – the BIOS - that still has a Call Home function? In this article, we will explain why BIOS is important and describe the past, present and future of our fight for a secure Linux BIOS.
Note: This article is an update of my previous 2013 book Free Yourself from Microsoft and the NSA which explains the history of the relationship between Microsoft and the NSA and includes the early history of the UEFI BIOS. You can download for free at the following link: https://freeyourselffrommicrosoftandthensa.org/
This report is divided into the following ten sections:
1. Introduction… What is real computer security?
2. Who Am I and Why I am Concerned
3. Past BIOS Options
4. Design Flaws of UEFI
5. Legacy BIOS 2006 to 2012
6. Present UEFI BIOS Monopoly
7. History of UEFI Advanced Persistent Threats
8. Linux BIOS Options
9. Recent Intel Myths
10. Conclusion… How do we get a secure Linux BIOS?
You can also view a video presentation of this article at the following link:
1. Introduction… What is real computer security?
This is what many (and perhaps most) people think that this is all they need to do to have a secure computer:
In this article, we will go beyond the bandaid approach and look at what real security requires.
What is BIOS?
BIOS or Basic Input Output System is the program that starts your computer before handing it over to your operating system.
NSA Pre-Test… How much do you know about the power of the Dark Side?
Q1: Do you think that the NSA can hack the Windows operating system?
Q2: Do you think the NSA can hack applications like Microsoft Office?
Q3: Do you think the NSA can hack the Intel Management Engine?
Q4: Do you think the NSA places hidden partitions on your hard drive?
Q5: Do you think the NSA has hidden “call home” back doors in the UEFI BIOS?
What is UEFI BIOS?
For more than 20 years, BIOS consisted of a small program that was independent of the operating system. Then, in May 2006, Bill Gates gave a speech announcing a “better” replacement for BIOS called the Unified Extensible Firmware Interface (aka UEFI) – a secret closed source program that was 10 times bigger than the prior BIOS.
UEFI is now a near monopoly BIOS found on all Windows and Apple computers and nearly all Linux computers. Thankfully, in 2007, Google began supporting Coreboot - a free open source alternative to UEFI. Coreboot eventually became the BIOS program for all Chromebooks. Recently, a Linux computer maker called Purism also started using Coreboot BIOS on their computers.
Is UEFI BIOS Secure?
We know from the Snowden and Vault 7 documents that the NSA has several back doors into the Windows Operating System since at least 1998. We also know that NSA the has a backdoor into the Intel Management Engine (ME) since 2007 – thanks to an August 2017 Report from PT Security. In this article, we will look at evidence that the NSA has placed back doors in the UEFI BIOS firmware program since 2007.
Why is a Secure BIOS Important?
If a hacker takes over your BIOS, they can control your operating system, applications and all of your documents stored on your computer hard drive.
2. Who Am I and Why I am Concerned
I have written many articles over the last 8 years explaining why the open back door in UEFI was a security risk. I have repeatedly urged Linux users to seek out computers that use Coreboot or some other open source BIOS program. https://learnlinuxandlibreoffice.org/1-why-switch-to-linux/1-4-uefi-the-microsoft-kill-switch
In what may be the largest software company purchase in history, IBM has purchased Redhat for $34 billion. Redhat is the world’s biggest and most technically advanced Linux Server Management company. This transaction comes on the heels of two other major purchases of Linux-based companies. In June, Microsoft purchased Github, the largest Linux project center in the world, for $7.5 billion. In July, SUSE, a Linux Server Management company, was sold to an investment firm for a mere $2.5 billion. The total for 3 companies most people have never heard of is $44 billion. Now some folks are saying that IBM paid too much and Redhat is not worth $34 billion. These are people who do not know how important Redhat is to the functioning of the Internet and in fact to the functioning of the world’s economy. The purpose of this article is to explain why Redhat is already worth much more than $34 billion – and now that Redhat has access to the huge IBM sales force and customer base, Redhat will soon be going on a massive growth spurt.
First, let’s start with a bit of history. I vividly recalled a morning in March 1986 when I purchased Microsoft stock the first day it was available to the public. I taught at Bellevue College just a couple of miles from Microsoft. I had students from Microsoft. I knew Microsoft would be big. Microsoft is now netting $40 billion per year on sales of more than $100 billion per year and has an estimated worth of about one trillion dollars. In 1986, Microsoft was a leader in the “new technology” of personal computers.
Today, Redhat is a leader in the “new technology” of cloud computing. Cloud computing is made possible by about 100 million servers connecting several billion people around the world. Nearly all of these servers are now running Linux.
This includes one million Microsoft Azure servers – nearly all of which were secretly switched to Linux in the summer of 2017. Redhat is the company that maintains and protects more of these servers than anyone else in the world. As one analyst put it, "Everything always runs on any cloud with Red Hat.” It is almost certain that Redhat all by itself keeps more than one billion people connected. So IBM purchased Redhat for less than $34 per person.
Up until the IBM purchase, most analysts predicted just three dominate cloud companies – Amazon, Google and Microsoft. However, with this purchase of Redhat, IBM has suddenly moved up from the bottom of the pack to the top.
How will IBM move past the big three in the Cloud business? Just look at this from the IBM press release: “For IBM, the acquisition is about growing IBM's business in the cloud—private, public, and hybrid—based on the position of the company as the open source and open standards player versus the "proprietary" models of Microsoft, Amazon, and other major cloud players.”
Clearly the IBM plan is to call their cloud an “open source” cloud. Buying Redhat, the leader of the Open Source Cloud movement – makes this more than a marketing slogan – it will be the truth. IBM suddenly becomes one of the good guys instead of one of the bad guys.
For Red Hat, the deal is about scaling up the company's reach. "We can scale at greater speed.... We can only reach a certain number of customers right now." Put another way, IBM already has a huge sales force and accounts with almost every business in the world. Redhat now has access to this huge sales force and account structure. This move is going to be huge for Redhat.
Let’s assume for the sake of argument that Facebook, Amazon, Google and Microsoft are all worth about one trillion dollars each. They are all now using Linux on there servers as their primary operating system. That is four trillion in market value running Linux in just four companies. Amazon Cloud and MS Azure Cloud both had revenue of 27 billion in the past year. Some have estimated that eventually, the cloud market will be worth more than one trillion dollars per year. So the cloud market is there. The day is coming when Redhat will also be worth one trillion dollars. Folks will look back on IBM buying them for a mere $34 billion as the steal of the century.
Introduction… Why the Windows 2018 October Update will be the End of the Line for Inexpensive Windows Laptops
For more than 8 years, I have been writing articles warning consumers about the fatal flaws of the Windows operating system. The October 2018 Update is no exception. There are at least a dozen major problems with the Windows 10 2018 October Update. For example, it can disable the Edge browser (I would call this a feature but whatever). Also, you cannot install the update if you are using a Virtual Private Network (VPN). Of course, if you are using Windows in the first place, there is no point to using a VPN because there is no privacy with Windows. Then there is the File Deletion problem where the update deletes all your documents, images and videos on some computers. On October 9, 2018, Microsoft announced that they fixed this problem. But in fact, they may have made the real problem even worse.
In this article, I will explain why this file deletion problem is not a temporary problem - but instead is the final nail in the coffin of a defective operating system – the result of years of poor decisions by Microsoft upper management– decisions that have boxed Microsoft programmers into a corner and will eventually lead to the death of the Windows operating system and an end to the Microsoft monopoly.
We will begin by explaining to users of less expensive laptops with 32 GB eMMC drives why this update will render their laptops unusable. Second, we will then review some of the design problems with the Windows Update System. Third, we will explain why Microsoft failed to address this file deletion problem even though they were warned about it more than three months ago. We will then go deeper into why the file deletion code was put in the update to begin with - and why I was able to predict more than 10 years ago that the Windows operating system would eventually grow into the 30 Gigabyte monster it is today. Finally, we will look at why this 30 Gigabyte monster will kill millions of computers – a problem Microsoft will not be able to solve with any update.
If you have a 32 GB eMMC laptop, you need to backup all of your documents onto a USB stick and then replace Windows with Linux Mint as soon as possible. Linux Mint is one third of the size and three times faster than the Windows operating system . Please share this important article with anyone you know who is still using the Windows operating system. This is your final warning.
I. Some Simple Math… Why Windows Will Not Work on a 32GB eMMC drive
I have long urged readers to avoid buying any laptop with a 32 GB eMMC drive. Not only is the drive way too small – but it is soldered into the laptop and cannot be replaced or upgraded. It is like buying a car that will not go over 45 miles an hour and has a ticking time bomb in the engine. No one would buy a car where the tires were permanently attached to the car. Yet because many people know nothing about computers, millions of people have bought Windows laptops with 32 GB eMMC drives in the past two years. Here is the math of why such laptops are simply defective and certain to stop working over time:
First, a 32 GB eMMC drive is actually only a 29 GB drive. This is because eMMC drives like nearly all other drives have about 10 percent less actual storage capacity than their advertised capacity. So a 32 GB eMMC drive actually only has 29 GB of usable capacity. Remember this number 29 GB as it is a crucial limit we will get back to in a moment.
Second, the Windows 10 operating system is huge (also known as bloated). It is more than 20 GB even before adding the essential updates. This is many times bigger than the free Linux operating system used on Chromebooks. Note that while Microsoft claims the Windows 10 operating system is only 10 GB, there are hundreds of complaints on Amazon from users noting that the Windows 10 operating system, with the April 2018 update took up their entire eMMC drive – even on a new computer with no documents or other programs installed. My own analysis is that the Windows 10 operating system takes up at least 20 GB on the hard drive which is why it creates such problems for 32 GB drives. Here is a Microsoft image stating that 20 GB is required for a 2017 Windows update:
Here is one of the hundreds of adverse comments on Amazon complaining that the 32 GB eMMC drives on their new laptops are not big enough and that the Windows operating system is taking up their entire drive. (I have put 50 more of these comments at the end of this article):
“This Acer uses a multimedia card in place of a drive. Now, the problem with this is that 28g of space is necessary for the operating system. There is only 4g left for anything else. It is not only slow, but hasn't enough storage space to update even the operating system. It is not able to update anything for lack of space to do the work. I can't imagine what this machine could possibly be good for.”
Third, the hard drive is also where one normally installs applications and programs such as MS Office which are also updated each month. MS Office alone is 3 GB. Add in common programs like the Chrome or Firefox web browser and an Anti-Virus program and suddenly you have 2 more GB. So let’s add this all up. 20 + 3 + 2 = 25 GB. This leaves only 4 GB for your documents, images and videos.
Fourth, the Windows operating system gets even bigger each and every month due to monthly updates. Twice a year, Microsoft issues even bigger updates. The April 2018 update was 4 GB. In order to make room for this huge update, Microsoft and laptop makers urged owners of 32 GB eMMC laptops to move all of their documents off of the normal hard drive, called the C Drive in Windows, onto some other drive, such as a MicroSD card or USB stick, naming these new drives some other letter such as the D drive. So back in April, 2018, you moved your documents off the hard drive and installed the 4 GB Update. Thus, as of September 2018, your 32 GB Windows laptop was already at its maximum capacity of 29 GB. Here is a link to an article from May 2018 describing all of the problems with just doing the April 2018 Update on a 32 GB eMMC laptop. https://www.reddit.com/r/Windows10/comments/8mky5y/dont_buy_a_windows_10_pc_with_32gb_of_storage/
Fifth, the October Update is another 5 GB which will crash millions of 32 GB eMMC laptops. Now for the problem. The October 2018 Update adds another 5 GB onto your laptop that is already maxed out at 29 GB!!! Now can you see why I have urged people to avoid buying a Windows laptop with only a 32 GB eMMC drive? A 32 GB drive is simply not big enough for the Windows operating system. Over time, Windows Updates are certain to exceed the capacity of the drive. Any Windows laptop with a 32 GB eMMC is simply a defective laptop.
Sixth, the proposed cures for this problem are worse than the disease. Microsoft and laptop makers such as Acer and Dell have proposed all kinds of solutions for this problem. First, they want you to buy another drive and put your programs and documents on some other drive. These other drives, especially MicroSD drives, are also often low quality and known to fail and know to be very slow. So it is out of the frying pan and into the fire.
Seventh, the so-called “fixes” for the Windows Operating System have serious negative consequences. Ever wonder what caused the October Update File Deletion problem in the first place? One of the new features of the Windows 10 October Update is the new automatic cleanup program called Windows Storage Sense – a program that makes no sense at all. This new tool will determine without any help from you when to delete files from your computer whenever the operating system needs more space: "It's important to note that we design Storage Sense to be a silent assistant that works on your behalf without the need to configure it… Storage sense runs automatically when you are low on disk space." https://blogs.technet.microsoft.com/filecab/2018/08/30/9205/
Gee, I wonder who might be running low on disk space? How about those 32 GB eMMC laptops! So don’t worry. Windows Storage Sense will only delete your Downloads folder and all of your documents if it is really needed – and it will not only be to make room for the October Update – but for every other update for every month from here until you have finally decided you have had enough of the bloated Windows operating system and finally switch to Linux – or buy a better laptop with 64 GB of storage.
Why the File Deletion Problem is Not Really Fixed
On Friday, October 5, 2018 Microsoft announced they were temporarily pausing the October 2018 Update for their Windows operating system while they attempted to determine why this update was deleting all the personal files (document, images and videos) some users had on their Windows computers. Here is an image of this very short announcement:
The last sentence of the announcement mis-leads customers into assuming this problem is just a temporary glitch and once solved, Microsoft will “resume rolling out the Windows October 2018 Update.” Three days later on Tuesday October 9, 2018, Microsoft announced that they had found the problem and solved it. Here is their explanation of the problem and the cure:
The problem only affected those who had ran out of space in their normal C drive and moved their documents to a different drive. But depending on how this was done, some duplicate folders were still left on the C Drive. Windows was trying to get rid of duplicate and empty folders. But some folders were not duplicates and were not empty – but were deleted any way. Supposedly, the October Update has been improved so it does not delete so many files.
But this new solution still does not address the underlying problem – that there is not enough room for the Windows operating system on 32 GB eMMC drives. In fact, leaving more files simply makes the available space even less.