Secure boot and patents ( was Re: Random comments on LinuxBIOS)

Adam Agnew agnew at cs.umd.edu
Thu Apr 17 09:59:00 CEST 2003 

[The content of this email was forwarded on request from Bill
Arbaugh]


All,

Adam Agnew asked me to respond to the issues involving UPenn's patent
based on my dissertation work.

If you've done any technical work at University here in the US, then
you know that the University where you are going to school (or working)
owns your IP in most circumstances (not all fortunately). As a result,
the patent on my dissertation research is owned by UPenn and not myself.

When we started the secure boot work at Maryland, I had assurances from
UPenn that we could release the code to the open source community. I've
been working with the lawyers at UPenn for two years now to make that
happen. A slow and painful process. I'm told that the paperwork to do
that is now awaiting approval. I have not seen the final paperwork, nor
even an initial draft. So I have no idea, what it looks like. Once it
is possible to release the secure boot code, we will.

The ADLO work (minus the security hooks) is a different matter
completely. While it came out of the secure boot work, it is not
encumbered by the UPenn patent and can be released.

Bill






On 17 Apr 2003, Eric W. Biederman wrote:

> Adam Agnew <agnew at cs.umd.edu> writes:
>
> > The one in question is  6,185,678
> > http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=/netahtml/search-adv.htm&r=1&f=G&l=50&d=PTXT&p=1&p=1&S1=(William+AND+Arbaugh)&OS=William+AND+Arbaugh&RS=(William+AND+Arbaugh)
>
> That was an interesting read.  At least I now have an idea of what
> Bill was thinking of.  Most interesting is that there is not a mechanism
> for the trust to go both ways.   In particular how is the loaded
> code to know it is running on a trusted system.
>
> In addition there are some fundamental things in his description
> that I would simply not implement as described.  Nastily extending
> DHCP and TFTP when IPsec could be used.  And in general I don't think
> any trust is needed at all of the Network Packets.  Just the loaded
> image needs to carry a signature that can be verified.
>
> And the description does not address when the system has exploitable
> bugs.  In particular systems like the X-box can be compromised with buffer
> overflows and other security standard security holes.  Allowing an untrusted
> application to gain special privileges on the machine.
>
> This is not to say that strong/trusted integrity checks of the components
> of the system are a bad idea.  But rather to show that simply loading
> trusted components does not give a secure system.  That requires only
> trusting bug free software which as an engineering assumption is impossible.
>
> > And from my understanding, it's owned by the U of Penn and comes down to
> > their decision when an open source implementation can be released.
>
> The universities playing with ``IP'' and stifling innovation...
> Sigh.
>
> _______________________________________________
> Linuxbios mailing list
> Linuxbios at clustermatic.org
> http://www.clustermatic.org/mailman/listinfo/linuxbios
>

More information about the coreboot mailing list