No Stupid Questions

With Linux being the standard for server systems there is no way to force locked bootloaders everywhere without making the whole web and a lot of companies collapse. But I expect more limitations regarding desktop systems. It's hard to tell at this point because it's a complex issue, not only from an economical but also political point of view (Mass surveillance).

It's called secure boot and it's been around for over 10 years now.

Microsoft is already starting to lay the groundwork with their CPU, SecureBoot, and TPM 2.0 requirements.

Apple has been doing this for a long time, though there are ways to get around it on MacOS, for now.

On PC, the answer is Linux. For mobile devices, things are looking more bleak.

This is what happened when we allowed companies with a profit incentive to code our devices. Linux will always be free, and there will be companies that design computers for Linux, such as Fairphone, Framework, Furi, Fedora, and probably some that don't start with F too

It's been tried a bit before, but didn't get through. The current situation with secure boot is worrying, because we're one manufacturer playing ball away from it to become a reality.

I'd like to say there's strong incentive to not do that, but it seems that logic alone would not stop this kind of push. And weirdly enough, even financial risk might not be enough, as we've seen baffling decisions made these last few months.

The main saving graces is that there are more than two manufacturer for motherboard, and as far as I know, patent lockdown and secrecy isn't as big on PC hardware than on mobile boards, so it might be easier to escape such lockdown. But fully locked down systems under external control is clearly where some people wants us to go.

It's been done before. ChromeBooks comes to mind, but there have been others. Usually winds up killing the outfit that tries it.

As far as I know Chromebooks only survive because of the educational market. Locked down devices are preferable in schools.

I won't buy one, but I could see such systems becoming dominant in another 20 years or so.

It will creep in slowly since most people dont touch any settings on their computer after the initial unboxing and setup.

Big box retailers will offer discounts on them, much like how you can buy a Chromebook for very little.

Enticed by cheap computers, people will buy not knowing that any limitations exist. They'll be encouraged to use centralized app repositories but they can still install some other stuff.

A year or two later, some things won't be permitted, computer will make scary warnings when installing, but with enough clicking, you can get past. Until the day you can't.

It will be a progression, but it will happen eventually. I honestly am surprised that computers dont require some sort of registration. I'm sure that will happen eventually.

Too late to do this for PCs. You already have Linux laptop providers and Linux distros supported by corporations. Most of the components have multiple providers. You will be able to source "unlocked" hardware from somewhere.

The problem with mobile is that the hardware is too complicated for open source projects to handle. Many have tried, all have failed. So far. Hopefully we will finally see something usable come out of projects like PinePhone and PostmarketOS.

I would say if/when PCs move over to ARM than we very well may see the same issues mobile devices have. There is a severe lack of Linux compatibility due to proprietary drivers, sometimes no drivers at all, no software support, and no device trees.

It's not going to happen.

Motherboard manufacturers are not going to start making Windows only BIOS.

Microsofts target audience isn't the private user. It's companies. The money they make selling their OS to private persons are table scraps compared to their enterprise licenses. Any such initiative would fuck over every single enterprise customer.

We already have that. A reason they want to shift to ARM is so they can lock the hardware down.

That's probably why risc-v is getting quite popular in embedded stuff - smaller companies wanting more supply chain independence. Hopefully it'll start to get more powerful soon for more serious computing. Its nice that stuff like debian now has risk-v version too.

To all those people saying this will never happen because people wouldn't accept or tolerate it ree living in a different reality, sorry to burst your bubble and faith in your fellow himans but....most people will just whinge whine cuss and then go do something else, people today have no guts in them to fight back and to lazy too, they expect others to do all the work for them, but wont lift a finger except to moan and whine about shit.

Long story short we are fucked, absolutely fucked, we....those that would/will do something are few and far between now, people aka the masses are used to being beaten down and being told to put up and shut up, just get on with it, so we few just have to look after ourselves, our families and friends, get through life best way we can, we be a small pocket of resistance but thats all sadly 🥺

We already have "secure boot" BS. For now it's easy to turn off but it's only a matter of time before getting locked and forced everywhere.

And just like that I’m all about Ubuntu phones now

Linux on the phone has come a long way I hear. I have been meaning to buy one and see if it can be my daily driver. Google being shitty would definitely push me there

Expect specialist "open" hardware capable of installing any software/OS to become increasingly expensive, while increasingly locked-down, mass-produced consumer hardware remains at current price. You only need to look at TVs for an example of this - try finding a recent non-smart TV at a reasonable price as the cheap models are all subsidised by the revenue from pushing ads into your face.

Such pcs already exist and are used by buinesses and schools all over... Mostly chromebooks and i suppose apple also fits that criteria.

But it would be very hard to stop a determined hacker who has physical access to a device and doesnt mind voiding any warranties or user agreements.

IIRC, I had a PC (since sold) that had secure boot permanently enabled from the factory. That is, in spirit, a PC with a "locked bootloader", but you might not even notice because many Linux distros have that Microsoft-blessed Linux loading shim... but it is still Microsoft inserting themselves between you and your hardware; they could decide in the next few years they no longer "support" Linux, hypothetically.

This is already happening, but it's on an organisational level by policy. These policies can be applied to systems that follow trusted computing rules, which is most Windows 10 systems and pretty much all windows 11 systems. Google has laid the groundwork for this since the pixel 3 was released in 2018.

Since then, we have seen Google put the Titan security module in all phones and I'm certain Chromebooks are requiring TPM modules that serve the same function.

Apple has been doing the same since God knows when. Their systems have had unique chips that ensure that when MacOS is installed, it is only installed in Apple computers. There are ways around this, just as there are ways around the TPM requirement for Windows 11.

The trusted computing model, when fully imposed, can basically stop any applications from running that have not been given the blessing of the security team.

As far as I'm aware, the only people taking advantage of the technology are government institutions.

The fact that this can be wielded to enforce control over private individuals by our corporate masters is becoming a very real possibility, but the fact that it hasn't happened yet, by any vendor, is, in my opinion, good evidence to say that it's unlikely, but not impossible. Maybe that's wishful thinking on my part.

In any case, the only truly free operating system left is GNU/Linux, with few other exceptions.

It'll just be another day for apple users.

For phones Google gets to decide, as an os maker. For PCs, there are multiple OSses so hardware manufacturers get to decide.

I personally don't see AMD or Intel doing that anytime soon, and if they do, at least Arm and Risc-V are making some good progress in the desktop space

It's almost already like this. In my country every single bank reinvented the wheel by creating a single purpose app which does what aegis does (otp generation from a seed) but with some bits changed (one for example "encrypted" the seed with ROT13) and with draconian measures like bootloader must be locked, adb must be disabled, and are using literal exploits to see if you have "forbidden" directories on /sdcard like/sdcard/magisk even if no file access is granted

I have a feeling, that Windows 12 PCs will be just glorified smartphones with voice control as the default.