Immutable images provide many benefits that are unrelated to DRM. The main one being that the entire fleet of Steam Decks/Machines are all in a known state. Updates are a matter of pushing a new OS image, you don't have to worry about migrating files, conflicting configurations, strange user changes. And if an update fails, the bootloader shows a screen where you can boot a previous OS image that worked.

It's like docker images for the whole OS. As far as I can tell, the Steam Deck does not have secure boot or any kind of attestation enabled. They have been very forward in marketing it as an open and free system you can do anything on. The hardware does have a TPM that is seemingly unused currently, not sure if it supports some form of secure boot.

> They have been very forward in marketing it as an open and free system you can do anything on.

Attested sealed images and Open and Free systems have no conflict with each other. Mod it all you want; sure, it’ll generate a different attestation than the shipping sealed image, or if your customizations turn off attestations and/or secure boot, none at all. You do you! Source code releases will never include the private key used to sign them, just as with all open source today, so either the OS’s attestation will be signed by Valve or by you or by someone else. It takes me about sixty seconds to add my own signing key to my PC BIOS today and it would not surprise me to find Valve’s BIOS implements the same, as I’m pretty certain this is basic off-the-shelf functionality on Zen4/Zen5. But, regardless, Free/Open Source is wholly unconcerned by whose release signing key is used; otherwise it wouldn’t be Free/Open! The decision to care about whose release signature is live right now is the gaming server’s decision, not Steam Linux’s, and that decision is not restricted by any OSS-approved license that I’m aware of.

Secure boot attestations plus sealed images do enable “unmodified Valve Linux release” checks to be performed by multiplayer game servers, without needing the user to be locked out of making changes at all. This is already demonstrated in macOS today with e.g. Wallet’s Apple Pay support; you can disable and mod the OS as much as you wish, and certain server features whose attestation requirements require an Apple release signature on the booted OS will suspend themselves when the attestation doesn’t match. When you’re ready to use those servers, you secure boot to an OEM sealed environment and they resume working immediately. This is live, today, on every Apple Silicon (and T2 chipped Intel) device worldwide, and has been available for developers to use for years.

Attestations are, similarly, already available on all AMD devices with a TPM today, so long as the BIOS to OS chain implements Secure Boot — not requires, but implements, as there’s no reason to deny users unsigned OS booting once you’re checking attestation signatures server-side. As you note, it remains to be seen if the Steam Box will make use of it. If they do, it coexists just fine with full reputposability and modifiable, because you can do whatever you like with the device — and, correspondingly, each game may choose to require an unmodified environment to ensure a level playing field without kernel or OS modifications.

It would be a lost opportunity for them if they were not the first fully open OS with a fully secure multiplayer environment that prohibits both third-party cheating mods and third-party DRM rootkits. VAC becomes as simple as a sysctl, and patches are still welcome. Open source for the win, and one step further towards the Linux desktop finally overtaking residential Windows, and thr ability to play console-grade multiplayer without the proliferation of on-device software-only hacks? Yes, please.

(Note that manufacturers who use Secure Boot to lock out device modifications are not in-scope here; that choice has no effect on attestations. Secure Boot is “the OS booted had this checksum and signature” with HSM backing, so that the software can’t lie. It is extremely unlikely that Valve would demand that the OS booted be signed by Valve. That would be no different than Xbox/PS5/Switch, and they’d be leaving a massive competitive advantage over tvOS on the table: device repurposeability.)