We already have “secure boot” BS. For now it’s easy to turn off but it’s only a matter of time before getting locked and forced everywhere.
That’s the whole intention of requiring TPM for Windows 11. It’s coming soon.
They also banned Kaspersky in the states because they weren’t whitelisting state malware.
Now? Doesn’t M$ still release the “S” mode version of Windows that only allow downloads via their “official App Store”?
My girlfriends laptop came with S mode and holy shit, I just about threw it out the window. I knew Windows 11 would be dogshit but when I couldn’t run firefoxinstaller.exe I got so annoyed. I then spent ~30 minutes troubleshooting how to allow running fucking exes as the guides were all out of date, including the one that were a month old.
I’ve been using Linux and XP for a few years now and god damn does it feel gross to use Win11. Not having control over your own PC is disgusting.
Windows machines make great Linux devices. Hope your gf likes her new Ubuntu laptop :)
You can convert to the home edition for free (for now at least)
Also you can disable secure boot and just install linux.
And just like that I’m all about Ubuntu phones now
Which devices are you planning to get at right now?
Either buy pine or try out userland for current but I haven’t completed the research yet
I kind of expect this to happen with Apple’s rumored $600 macbook. Since they just updated ipadOS to run like a locked down version of macOS. I bet they will offer this cheap mac with the same locked down OS since it will have a “phone” processor in it.
They will say this was a compromise needed, but the majority of people will not care. After a few years, the macs that are open will get more and more expensive.
I’m guessing Windows will slowly start to move in thie direction, but I think they will try to push their remote computers thing to accomplish this.
I’m not sure about bootloaders being locked, I am guessing there will always be something that is unlocked and able to run linux though. It is needed for servers and stuff like that. In the worst case, someone will likely sell arm or risc-v powered boards that can be used to run linux.
Didn’t MS already try this with Windows S editions?
This is already happening, but it’s on an organisational level by policy. These policies can be applied to systems that follow trusted computing rules, which is most Windows 10 systems and pretty much all windows 11 systems. Google has laid the groundwork for this since the pixel 3 was released in 2018.
Since then, we have seen Google put the Titan security module in all phones and I’m certain Chromebooks are requiring TPM modules that serve the same function.
Apple has been doing the same since God knows when. Their systems have had unique chips that ensure that when MacOS is installed, it is only installed in Apple computers. There are ways around this, just as there are ways around the TPM requirement for Windows 11.
The trusted computing model, when fully imposed, can basically stop any applications from running that have not been given the blessing of the security team.
As far as I’m aware, the only people taking advantage of the technology are government institutions.
The fact that this can be wielded to enforce control over private individuals by our corporate masters is becoming a very real possibility, but the fact that it hasn’t happened yet, by any vendor, is, in my opinion, good evidence to say that it’s unlikely, but not impossible. Maybe that’s wishful thinking on my part.
In any case, the only truly free operating system left is GNU/Linux, with few other exceptions.
They’re waiting until all the products in the wild can be locked down.
Right now, they’re struggling to get people.to jump to Windows 11, and people are hoarding their old computers. They want all the products that don’t have TPM or its equivalent to be outmoded before they remove the mask.
Maybe. In my experience business isn’t that patient.
A TPM is otherwise a good thing. It can extend cryptographic capabilities and the overall security stance of the system.
But I digress. I will reserve judgement for now. Time will tell either way, and I don’t think anyone will feel like gloating if they start to lock it down like you believe they will.
Gnu Hurd ftw ! (I’ll see myself out)
It’s not going to happen.
Motherboard manufacturers are not going to start making Windows only BIOS.
Microsofts target audience isn’t the private user. It’s companies. The money they make selling their OS to private persons are table scraps compared to their enterprise licenses. Any such initiative would fuck over every single enterprise customer.
It’s been attempted in two ways.
First is secure boot. There were a handful of computers sold that did not allow disabling of secure boot, or changing the loaded keys. So it was basically essentially a Windows only computer.
More recently is there was Microsoft Windows S. This was a cheap version of Windows Home that ran on low end computers and was locked to only allow installing apps from the Microsoft store. It was possible to unlock it but as I recall it required an additional fee.Enterprises almost all run Windows anyway so they DGAF.
Enterprises use a lot, and I do mean A LOT of custom software. Either developed in house or by others. They absolutely care.
What Microsoft does within their own OS, as the “S” version you’re talking about. That’s a non issue given you can just flash the drive and install whatever OS you want.
As for the concern that you’d somehow be unable to install another OS. Due to Secure Boot. I personally have never come across a computer that I’ve had full BIOS access to that didn’t allow disabling secure boot. Though some have been more cooperative than others. But maybe I’m just lucky.
But I’m also pretty sure there are linux distributions that support Secure Boot.
Secure Boot for what it’s intended to do, is a pretty good feature. Which is to stop unauthorized software from running before initiating your OS
Fedora supports secure boot out of the box
So does Ubuntu, but there is a catch. Secure boot relies on signature checking, so you can manually add the signature of your OS manually to the UEFI db, but can’t do that on locked UEFI. Major Linux providers went another route, they paid Microsoft to sign a
shimbinary, which in turn can verify and boot the matching Linux kernels. Microsoft refusing to sign shims would be a rather crippling move, but they would get a massive backlash from that.
Isn’t secure boot signed by Microsoft anyway IIRC? I know Lenovo had their own signing too. From my knowledge, installing a secure-boot supported linux version requires a ‘shim’ to allow it, and there was an issue that came up as the keys are due to expire for older OS versions.
Of course, Secure Boot can be switched off as well. (for now)
Fear of this is why I have been hoarding any computer that runs for a long time now
Thinkcentre club stand uup !
I think I have 5 😐 or 6 IDK
I don’t know how useful 32 bit old computers are, if they run cryptography software they aren’t completely useless
Mine are all “modern” ones, I think even the old E8300 was 64 bits and that one I left a loong time ago. Do you keep all your computers?
All the ones that run and a couple that don’t. Some are in my mom’s basement though
Any idea what you want to use them for, or is it “just in case”?
At minimum they can be crypto terminals or distraction free writing/eBook reading machines. But mostly just in case it’s all we have left to use.
IIRC, I had a PC (since sold) that had secure boot permanently enabled from the factory. That is, in spirit, a PC with a “locked bootloader”, but you might not even notice because many Linux distros have that Microsoft-blessed Linux loading shim… but it is still Microsoft inserting themselves between you and your hardware; they could decide in the next few years they no longer “support” Linux, hypothetically.
To all those people saying this will never happen because people wouldn’t accept or tolerate it ree living in a different reality, sorry to burst your bubble and faith in your fellow himans but…most people will just whinge whine cuss and then go do something else, people today have no guts in them to fight back and to lazy too, they expect others to do all the work for them, but wont lift a finger except to moan and whine about shit.
Long story short we are fucked, absolutely fucked, we…those that would/will do something are few and far between now, people aka the masses are used to being beaten down and being told to put up and shut up, just get on with it, so we few just have to look after ourselves, our families and friends, get through life best way we can, we be a small pocket of resistance but thats all sadly 🥺
This is a very American mindset
Not the consumers so much as a ton of businesses that would have their whole IT broken.
Microsoft has really really wanted this to happen, but their attempts have failed to get traction, because it breaks just so many applications. The only reason people use windows is compatibility with all their apps, a move that breaks all the apps just doesn’t work.
Different with Android and iPhone where they managed to define the default position as app store and didn’t have to contend with “legacy”.
Microsoft is already starting to lay the groundwork with their CPU, SecureBoot, and TPM 2.0 requirements.
Apple has been doing this for a long time, though there are ways to get around it on MacOS, for now.
On PC, the answer is Linux. For mobile devices, things are looking more bleak.
Linux won’t be an option if the boot loader is locked. I think Linux is just about popular enough that options should remain but they might become reduced unless it becomes more popular than it currently is.
I’d imagine not every mobo manufacturer will play ball with whoever mandates a locked bootloader.
Right now, we have google and apple with a duopoly on mobile devices.
The grand majority of all laptops and desktop devices are using motherboards manufactured specifically for those devices (or device series). It’s not much of a stretch to imagine them adding restrictions to their already mature supply chain.
Sure, but there’s Tuxedo Computers, Framework, the PopOS guys selling PCs and many more. Those won’t go away.
Linux is heavily used on servers. Losing server sector means a huge chunk of revenue.
Linux is servers.
Hell, VMware migrated to a Linux base a while back, and with their new exorbitant pricing, large environments are switching to things like Proxmox.
The next ten years, VMware will be second string virtualization, even in data centers.
I’m not sure what’s going to happen, but there was a “BIOS War” in the 80’s,when IBM wouldn’t release their BIOS code, so other devs reverse engineered it. No reason why that couldn’t happen again.
If the private key were to leak, we’d be home free
The situation is actually quite awful. I remember when TPM was palladium and there were apocalyptic talks in tech conferences about it being the end of general purpose computers. The idea that your computer could veto what it was used for.
The backlash only set them back a few decades apparently. Everyone forgot and now it’s a literal requirement for the latest Windows and in two months they’ll stop supporting the old Windows…
Next phone I get I’ll get fairphone and check the market for an alternative OS at that time. This might be the push that the Linux phone community needs to make it proper and good.
We currently need a KDE phone that they sell where I can buy a KDE phone and support them that way.
The pieces are coming together for Linux notably:
- SPA support instead of apps.
- Waydroid
- Core components such as calling, sim card actions, recording, speakers can be provided by fairphone via drivers.
I’m getting pretty sick of Google and other corpos locking down Android so fuck them, third best phone OS will have to do and I’ll do banking in the mobile browser page.
I just bought the cheapest fairphone I could get to replace my old pixel. Now it’s time to try proper linux on mobile for the first time. I’m excited!
Almost 15 years on Android finally coming to an end! My first Android phone came with Android 2.1 and now 14 shall be the last version I’ll ever use.
For phones Google gets to decide, as an os maker. For PCs, there are multiple OSses so hardware manufacturers get to decide.
I personally don’t see AMD or Intel doing that anytime soon, and if they do, at least Arm and Risc-V are making some good progress in the desktop space
Microsoft tried to get things going that way with “s”, but it didn’t take
I bought my wife a cheap Lenovo laptop when she needed something that supported the “Lockdown” browser (no Linux support). Didn’t realize when I bought it what “S” meant (and I’ve been an IT guy for over 20 years). Got it home and realized what was up, it couldn’t even run that browser because it had to be the preconfigured browser from her school and not one from the MS store. An evening of fiddling and a $3 grey market key and she was back onto a normal Windows install.
On the plus side the laptop was only like $299 or $399 and really isn’t too bad on the hardware side.
With Linux being the standard for server systems there is no way to force locked bootloaders everywhere without making the whole web and a lot of companies collapse. But I expect more limitations regarding desktop systems. It’s hard to tell at this point because it’s a complex issue, not only from an economical but also political point of view (Mass surveillance).
Don’t I own this hardware? Can I not do what I want with it?
No, because fuck you. Ownership is for pussies, do you really want to own what you buy? Just buy a new one if you have problems. my hope is that we eventually get to a point where you cant even build your own PC. Gaming PCs all built by Nvidia woth the latest Geforce built in to the motherboard. With a subscription fee to use it, im talking cheap like only $20/month. and then in a year it can sleep gently in a landfill. Oh and a feature that sets your house on fire and mangles your genitals. and if you try to turn that off, you get sued. it was in the TOS, just dont use a computer if that bothers you, shithead. the future is bright.
Case in point:
Find a recently-ish manufactured used Chromebook/chromebox, and try to unlock the BIOS so you can slap a different OS on it
Source: it me 🫠
You own the hardware but not the software.
And that includes the firmware required for you to load your software.
You’ll shoot your eye out, kid.
/s
Without software access it is useless until you are able to jailbreak it.
Which is technically a breach of contract at the very least and could be deemed IP theft by a brain dead USian judge.
So you can’t even commercialize your solution because capitalism works 1 way.
Your account is marked as a bot by the way, you can fix that in your user settings
I already did, but thanks nonethless.
Oh sorry about that, it’s still showing up as a bot for me but it’s fine on your instance. I think the information just hasn’t federated over to lemmy.ca yet
Interesting. Maybe it helps if I log off?
Maybe try touching a little grass too
Thanks, I already did. Plenty of grass where I am.
must be nice
It might, but I think it might be a federation bug between our instances. I haven’t seen one like this before, but I’ll keep an eye out to see if it happens again / there’s a pattern.
You could also try setting yourself as a bot, saving, and then reversing it again. That might prompt your instance to send out the information again.
Thanks, I will try to switch it on and off again.
If it helps, you don’t show up as a bot from my instance
Beep-boop!
Companion (2025)
It’s been tried a bit before, but didn’t get through. The current situation with secure boot is worrying, because we’re one manufacturer playing ball away from it to become a reality.
I’d like to say there’s strong incentive to not do that, but it seems that logic alone would not stop this kind of push. And weirdly enough, even financial risk might not be enough, as we’ve seen baffling decisions made these last few months.
The main saving graces is that there are more than two manufacturer for motherboard, and as far as I know, patent lockdown and secrecy isn’t as big on PC hardware than on mobile boards, so it might be easier to escape such lockdown. But fully locked down systems under external control is clearly where some people wants us to go.
Users are getting dumber by the day. The people arguing back to me about “this is a you problem” when I mention reasons why device ownership is important is way too fucking high.
This is why you gatekeep hobbies. Keep the dipshits out so they don’t become the masses that ruin what you enjoy.
Exactly, if I like something I try to keep it on the down low, or only spread it in circles where I know it will be similarly appreciated, the moment a majority of the people are into something, that thing will now get subjected to external influences that require it to be liked by everyone and most people are mediocre so the thing moves towards mediocrity
