FSFE welcomes German Government’s White Paper on “Secure Boot”

The Free Software Foundation Europe (FSFE) reports that the German Ministry of the Interior published a white paper (English version here) about “Trusted Computing” and “Secure Boot” yesterday. The white paper says that “device owners must be in complete control of (that is to say able to manage and monitor) all the trusted computing security systems of their devices.” This has long been one of FSFE’s key demands. The white paper continues by saying that “delegating this control to third parties requires conscious and informed consent by the device owner”.

Another demand by the FSFE is addressed by this white paper, namely that before purchasing a device, buyers must be informed concisely about the technical measures implemented in this device, as well as the specific usage restrictions and their consequences for the owner: “Trusted computing security systems must be deactivated (opt-in principle)” when devices are delivered. “Based on the necessary transparency with regard to technical features and content of trusted computing solutions, device owners must be able to make responsible decisions when it comes to product selection, start-up, configuration, operation and shut-down.” In addition, “Deactivation must also be possible later (opt-out function) and must not have any negative impact on the functioning of hard- and software that does not use trusted computing functions.”

“It is an important step, that a government now takes a firm stand on “Secure Boot”, too. We as a society have to make sure, that we are in control of our computers, so everyone can install arbitrary software and is able to retain exclusive control over his own data. Full, sole and permanent control over security subsystems is necessary for this.”, says Matthias Kirschner, FSFE’s German Co-ordinator. “Now the Government has to implement their position when buying new hardware.”