this post was submitted on 21 Jul 2023
912 points (100.0% liked)

Technology

37705 readers
70 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

The much maligned "Trusted Computing" idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google's ad profits no matter the consequences, this would put heavy surveillance in Google's hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 1 year ago (3 children)

you need a Microsoft signed stub to boot anything other than Windows on a PC

False. Every PC I've had has allowed Secure Boot to be turned off, and some of them allow me to add another trusted certificate as well.

you need Apple’s blessing to boot anything on a Mac

False. The Mac boot process is completely unlocked, at least on Intel Macs.

your smartphone manufacturer decides whether you can unlock it and lose attestation

My Pixel 6 allows me to unlock the boot loader at any time.

Attestation exists, unfortunately, but it's not nearly as pervasive as you seem to think.

This is the next logical step, to add “web app” attestation, since the previous ones had barely any pushback

Uh, there was huge pushback. That's why even a Microsoft Surface won't stop you from installing Linux.

[–] [email protected] 10 points 1 year ago (1 children)

your smartphone manufacturer decides whether you can unlock it and lose attestation

My Pixel 6 allows me

GOTO 10

[–] [email protected] 4 points 1 year ago

My point is that at least some smartphone manufacturers make phones with unlocked boot loaders. As long as there's at least one such manufacturer, does that not disprove your argument?

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

The Mac boot process is completely unlocked, at least on Intel Macs.

On Modern Macs, the process is somewhat convoluted, but you are able to boot into a custom compiled boot loader / operating system while secure boot is enabled. It just needs a few minor hoops to sign the boot loader - steps that would be difficult to social engineer around but perfectly reasonable to do them intentionally if installing an alternate operating system is your thing.

iPhone is, of course, a different story. Hopefully that changes some day. The CPU and boot process is the same as a Mac, so there's no reason it couldn't be unlocked. Might require government intervention though.

[–] [email protected] 1 points 1 year ago (1 children)

It just needs a few minor hoops to sign the boot loader - steps that would be difficult to social engineer around but perfectly reasonable to do them intentionally if installing an alternate operating system is your thing.

Does that not create a barrier for entry for non-technical people looking to use an alternative operating system?

[–] [email protected] 1 points 1 year ago

non-technical people looking to use an alternative operating system

Umm, you don't see the oxymoron there?

[–] [email protected] 1 points 1 year ago

My Pixel 6 allows me to unlock the boot loader at any time.

By doing that, you no longer pass SafetyNet, and some apps refuse to work without it. If unlocking your device removes features, then you aren't really allowed to do so.