| ▲ | GeekyBear 13 hours ago | |||||||
I am reminded of the period when secure boot was being developed for PCs. Microsoft certainly wanted to be the only company whose OS was allowed to boot with secure boot turned on. Google should not be allowed to close the supposedly "open" ecosystem they created any more than Microsoft was allowed to. | ||||||||
| ▲ | heavyset_go 5 hours ago | parent | next [-] | |||||||
When it first shipped out, Secure Boot was used to lock other OSes out on early devices, it was after pushback that it was implemented such that it allowed you to enroll your own keys. That said, there are countless mobile devices with locked bootloaders and and boot integrity attestation that will never run anything other than OEM OSes. That's equivalent to a locked Secure Boot + UKI-like system on PCs and it's already here. | ||||||||
| ▲ | ryukoposting 8 hours ago | parent | prev [-] | |||||||
> the period when secure boot was being developed for PCs. You mean right now? At a firmware level, the scope of "trusted computing" is expanding with every passing year. > close the ecosystem they created any more than Microsoft was allowed to. We are in the process of allowing Microsoft to close the PC platform. TPM is required to run Windows now. Nearly every new PC ships with "secure boot" enabled, adding a new technical barrier to escaping Windows that didn't exist before. Remove that toggle from the BIOS, and you now effectively have a vehicle to Windows-only PCs. | ||||||||
| ||||||||