Again…read what the guy is saying. You can’t do something like this without BOTH the OSS community AND a company to back it up. It’s just not possible for legal reasons, financial reasons, and so on. The aim is to replace the existing bullshit Microsoft created, and make an open standard that is backed by a presence that keeps it there. Not something you can just fund and keep moving in a git repo alone.

🤣

There’s zero corporate about it. You’re actually in denial and possibly crazy. My God.

How do you address mail to your bunker? Is there e like…a sublevel addition or something?

1. How is systemd somehow taking away freedoms at the behest of corporations who asked such a thing?
2. UEFI is an open standard, buddy. Microsoft is the only player fucking that up
3. “Trusted Computing” has existed in the very hardware you own and run for almost 30 years now. Literally nobody but cellphone makers use it in the way you describe. Seems you’re still using it though, so nobody seems to have made the apocalyptic decisions that bring your fearful future to bear.
4. A “Trusted Computing” framework - and this is how I know you don’t understand any of this - is only present. It takes software to interact with it to “take your freedoms away” as you put it. It’s just sitting there otherwise. Nobody even needs to interact with it. You’re so out of touch with this that you’re angry at the wrong side of it, and you don’t even know it.
5. “…we just provide the tools…”. MY GOD. Where do I even start with this? I can name about a hundred different FOSS tools that break encryption. You mad at the people who made the FOSS encryption tools, or the ones who the FOSS tools to decrypt it?
6. The only people who want this are people make and produce hardware platforms that ship out into the world so they can ensure they are T2B secure. It seems you don’t know much about security, so I’ll let you in a little secret…(If it claims to be secure, it means there are hardware controls in place)

Uhhhh…it’s open. Didn’t know anyone needed precautionary blocks in place or permission.

What in the actual hell is happening in here. Who made you so fearful of everyone? Did somebody hurt you? WHO DID IT???

First, yes, he’s correct in talking about the SOFTWARE side of that, so if your anger is with this dude, you better just outlaw software, because anyone can choose to NOT do these things. That’s the entire point of open source. Make stupid decisions, and you have zero following.

Second, let me finish his thought for you:

But we will never enforce using any of these features in systemd itself. It will always be up to the distro to enable and configure the system to become an immutable monolith. And I certainly don’t think distributions like Fedora or Debian will ever go in that direction.

We don’t really have any control over what Microsoft decides to do with Secure Boot. If they decide at one point to make Secure Boot reject any Linux distribution and hardware vendors prevent enrolling user owned keys, we’re in just as much trouble as everyone else running Linux will be.

He’s very CLEARLY illustrating his intent to prevent the very thing you’re shitting your pants about. You’re literally inventing a scenario you’ve thought of yourself, and getting upset about it.

I bet you’re super fun to be around.

Again, nobody here complaining even read the damn article, and has no idea what they’re up in arms about.

I hope you’re so committed to this anger that you’re destroying your motherboard RIGHT NOW 🤣

Right, so because of your limited knowledge and understanding of what the actual needs of an entire industry are, it’s all snake oil. Cool.

Meanwhile I’d just love a way to box up a custom machine, use something what he’s building, ship it to site, and have it run without issue and have some piece of mind a competitor didn’t try to gank the data over USB, or bypass the identity of the motherboard that SHOULD have boot blocks in place, or maybe someone just rips the SSD right out of it and tries to boot it elsewhere.

Fuck the rest of ALL that and the practical needs of security experts and system builders because YOU are worried that it somehow magically it’s used for all kinds of other nefarious things.

Cool. Cool.

Not even how that works FFS. You’re not the target audience here.

Y’all really need to start reading more about things before jumping to ridiculously uninformed conclusions and making comments. My gosh.

Bruh…that’s not even the point of the company or what he’s talking about. You’re being paranoid, first off.

Second, you want secure devices? You can’t have that right now with Linux very easily. There is no chain of trust coming from the hardware aside from TPM, which is kind of a joke. This guy wants to make a standard way of certifying a chain of trust which would allow an ecosystem of devices to maintain some semblance of trust amongst itself and other devices. This would make things like networks, edge devices, forward deployed hardware, and running sensitive data in less than secure locations more secure.

Last, if you’re going to be paranoid, at least educate yourself on the subject. Not a single person who is even vaguely familiar with what this entails is thinking “Oh they’re going to lock all our devices rawrawrawr”. That’s just ridiculous. That could happen now, but…you seeing that out in the components world anywhere? Absolutely not. Because it’s no desirable, and that’s NOT WHAT HES EVEN TALKING ABOUT.

🤦

That would be beneficial to users as well. I’m not understanding the downside here.

Uhhhh…wha?

This would be a big deal for hardware manufacturers or product manufacturers in securing their devices. Only a tiny, tiny fraction of Linux users are just desktop jockeys.

Oh no…anyway