With Linux being the standard for server systems there is no way to force locked bootloaders everywhere without making the whole web and a lot of companies collapse. But I expect more limitations regarding desktop systems. It’s hard to tell at this point because it’s a complex issue, not only from an economical but also political point of view (Mass surveillance).
Don’t I own this hardware? Can I not do what I want with it?
No, because fuck you. Ownership is for pussies, do you really want to own what you buy? Just buy a new one if you have problems. my hope is that we eventually get to a point where you cant even build your own PC. Gaming PCs all built by Nvidia woth the latest Geforce built in to the motherboard. With a subscription fee to use it, im talking cheap like only $20/month. and then in a year it can sleep gently in a landfill. Oh and a feature that sets your house on fire and mangles your genitals. and if you try to turn that off, you get sued. it was in the TOS, just dont use a computer if that bothers you, shithead. the future is bright.
You own the hardware but not the software.
And that includes the firmware required for you to load your software.
Without software access it is useless until you are able to jailbreak it.
Which is technically a breach of contract at the very least and could be deemed IP theft by a brain dead USian judge.
So you can’t even commercialize your solution because capitalism works 1 way.
Case in point:
Find a recently-ish manufactured used Chromebook/chromebox, and try to unlock the BIOS so you can slap a different OS on it
Source: it me 🫠
You’ll shoot your eye out, kid.
/s
Your account is marked as a bot by the way, you can fix that in your user settings
I already did, but thanks nonethless.
Oh sorry about that, it’s still showing up as a bot for me but it’s fine on your instance. I think the information just hasn’t federated over to lemmy.ca yet
Interesting. Maybe it helps if I log off?
It might, but I think it might be a federation bug between our instances. I haven’t seen one like this before, but I’ll keep an eye out to see if it happens again / there’s a pattern.
You could also try setting yourself as a bot, saving, and then reversing it again. That might prompt your instance to send out the information again.
Thanks, I will try to switch it on and off again.
If it helps, you don’t show up as a bot from my instance
Maybe try touching a little grass too
Thanks, I already did. Plenty of grass where I am.
must be nice
Beep-boop!
Companion (2025)
It’s called secure boot and it’s been around for over 10 years now.
And the first iteration was much more locked down, only got changed after public complaints.
I think that’s because of GPL-2, which had allowance (unintentional) for Tivoization, which is what Secure Boot is a form of from what I read. I might be wrong on that, though.
GPL-3 fixed the Tivoization, though.
IIRC the first draft had the keys all controlled by Microsoft, with no option to use your own, and no option to disable it. Don’t think the GPL had anything to do with it directly, though it was people wanting to use Linux (and other systems than the one pre-installed) on their own hardware that complained.
This isn’t quite the same thing. I’d say locked bootloaders are the Android analog, and they are already less likely to be user unlockable than the typical PC (and the situation is getting worse).
Microsoft is already starting to lay the groundwork with their CPU, SecureBoot, and TPM 2.0 requirements.
Apple has been doing this for a long time, though there are ways to get around it on MacOS, for now.
On PC, the answer is Linux. For mobile devices, things are looking more bleak.
Linux won’t be an option if the boot loader is locked. I think Linux is just about popular enough that options should remain but they might become reduced unless it becomes more popular than it currently is.
I’d imagine not every mobo manufacturer will play ball with whoever mandates a locked bootloader.
Right now, we have google and apple with a duopoly on mobile devices.
The grand majority of all laptops and desktop devices are using motherboards manufactured specifically for those devices (or device series). It’s not much of a stretch to imagine them adding restrictions to their already mature supply chain.
Sure, but there’s Tuxedo Computers, Framework, the PopOS guys selling PCs and many more. Those won’t go away.
Yeah, but for 99.9% of computer users that doesn’t matter.
They’re getting their hardware from major manufacturers or second hand from people who bought them from major manufacturers.
Which means the negative effects will be felt across the board except for the few people who specifically purchase hardware from niche manufacturers.
Linux is heavily used on servers. Losing server sector means a huge chunk of revenue.
Linux is servers.
Hell, VMware migrated to a Linux base a while back, and with their new exorbitant pricing, large environments are switching to things like Proxmox.
The next ten years, VMware will be second string virtualization, even in data centers.
I’m not sure what’s going to happen, but there was a “BIOS War” in the 80’s,when IBM wouldn’t release their BIOS code, so other devs reverse engineered it. No reason why that couldn’t happen again.
If the private key were to leak, we’d be home free
The situation is actually quite awful. I remember when TPM was palladium and there were apocalyptic talks in tech conferences about it being the end of general purpose computers. The idea that your computer could veto what it was used for.
The backlash only set them back a few decades apparently. Everyone forgot and now it’s a literal requirement for the latest Windows and in two months they’ll stop supporting the old Windows…
Next phone I get I’ll get fairphone and check the market for an alternative OS at that time. This might be the push that the Linux phone community needs to make it proper and good.
We currently need a KDE phone that they sell where I can buy a KDE phone and support them that way.
The pieces are coming together for Linux notably:
- SPA support instead of apps.
- Waydroid
- Core components such as calling, sim card actions, recording, speakers can be provided by fairphone via drivers.
I’m getting pretty sick of Google and other corpos locking down Android so fuck them, third best phone OS will have to do and I’ll do banking in the mobile browser page.
I just bought the cheapest fairphone I could get to replace my old pixel. Now it’s time to try proper linux on mobile for the first time. I’m excited!
Almost 15 years on Android finally coming to an end! My first Android phone came with Android 2.1 and now 14 shall be the last version I’ll ever use.
This is what happened when we allowed companies with a profit incentive to code our devices. Linux will always be free, and there will be companies that design computers for Linux, such as Fairphone, Framework, Furi, Fedora, and probably some that don’t start with F too
How does Fairphone design computers for Linux?
The Fairphone is one of the beat supported Linux Mobile devices
By far most of work on Linux is being done by for profit companies
It’s been tried a bit before, but didn’t get through. The current situation with secure boot is worrying, because we’re one manufacturer playing ball away from it to become a reality.
I’d like to say there’s strong incentive to not do that, but it seems that logic alone would not stop this kind of push. And weirdly enough, even financial risk might not be enough, as we’ve seen baffling decisions made these last few months.
The main saving graces is that there are more than two manufacturer for motherboard, and as far as I know, patent lockdown and secrecy isn’t as big on PC hardware than on mobile boards, so it might be easier to escape such lockdown. But fully locked down systems under external control is clearly where some people wants us to go.
Users are getting dumber by the day. The people arguing back to me about “this is a you problem” when I mention reasons why device ownership is important is way too fucking high.
This is why you gatekeep hobbies. Keep the dipshits out so they don’t become the masses that ruin what you enjoy.
Exactly, if I like something I try to keep it on the down low, or only spread it in circles where I know it will be similarly appreciated, the moment a majority of the people are into something, that thing will now get subjected to external influences that require it to be liked by everyone and most people are mediocre so the thing moves towards mediocrity
It’s been done before. ChromeBooks comes to mind, but there have been others. Usually winds up killing the outfit that tries it.
As far as I know Chromebooks only survive because of the educational market. Locked down devices are preferable in schools.
I won’t buy one, but I could see such systems becoming dominant in another 20 years or so.
It will creep in slowly since most people dont touch any settings on their computer after the initial unboxing and setup.
Big box retailers will offer discounts on them, much like how you can buy a Chromebook for very little.
Enticed by cheap computers, people will buy not knowing that any limitations exist. They’ll be encouraged to use centralized app repositories but they can still install some other stuff.
A year or two later, some things won’t be permitted, computer will make scary warnings when installing, but with enough clicking, you can get past. Until the day you can’t.
It will be a progression, but it will happen eventually. I honestly am surprised that computers dont require some sort of registration. I’m sure that will happen eventually.
I wonder if PCs are getting fast enough to do everything that the opposite can happen. Older hardware and free software is as good or better than proprietary with new software. So, even with subsidy, they can’t turn the screw. The problem with mobile is the lack of a competitor, and the duopoly.
Even Microsoft could not break it. If Linux mobile can port over all android apps seamlessly or easily for devs, with lower fees, then it has a chance. Microsoft paid devs to put their apps on the windows mobile store but even that wasn’t enough.
Similar to windows, the more they turn the screws, the more people want to leave. There is a boiled frog effect but eventually lots of the frogs die in that analogy, turning off the cash spigot.
I had a Windows Phone, and almost all apps in their app store cost money. And were often of uselessly bad quality anyway. People didn’t want to risk it paying even 7€ for an app that will end up being crap.
I didn’t, but a friend did and loved it. I’ve heard the os was great. I’m not upset it died. Competition is good, but I don’t think Microsoft would have been good competition. I just wish someone else had taken the mantle.
Android started out great. It has jest become perverted into a tracker with less freedom.
Windows does require registration to any normal user at this point. Gotta setup a micrisper account
It’s not required, it just seems required to non-technical people (I know, potato/potato, it’s effectively required).
To any normal person it may as well be required, which is why I said it requires it to any normal user
Isn’t the serial number already on the box? So its already scanned into a database then you checkout? I know for phones at least, they definitely scan the barcode with the imei at checkout
Too late to do this for PCs. You already have Linux laptop providers and Linux distros supported by corporations. Most of the components have multiple providers. You will be able to source “unlocked” hardware from somewhere.
The problem with mobile is that the hardware is too complicated for open source projects to handle. Many have tried, all have failed. So far. Hopefully we will finally see something usable come out of projects like PinePhone and PostmarketOS.
all have failed
Here I sit, an eternal failure.
- posted from my Oneplus 6T on PostmarketOS
To be honest, I don’t have any hope. I just keep running. When I run out of places to hide, maybe I’ll give computers up and get into philosophy or something. If only 1M signatures carried the weight of $1M, we might stand a chance.
Where from here? Keep finding obscure ways to use computers freely, different chipsets, virtualization, remote access, whatever it takes. Fuck Microsoft, Google and Apple.
$1M carries the weight of about 1M signatures, which is to say… not much.
What makes mobile hardware more complicated than desktop hardware?
It’s a long history lesson. But the gist is that IBM made an architecture that allowed for modular LEGO style construction of computers. They were assholes and tried to make it lock down by keeping software secret and proprietary, but it was so popular that everyone else copied it and IBM/PC clones were born. Then the architecture became the standard, and everyone could make components for a PC with (more or less) assurance that any component made would be compatible and fit into (almost) any other computer.
Phones, on the other hand were born out of the necessity of being the smallest and most portable device possible. This meant bespoke solutions. The people who were chasing that format chose an architecture, ARM, that at the time required everything to be on a single chip. Memory, storage, CPU, CMOS, everything has to be on the chip. Which means exchanging parts is not possible. System on chip became the smart phone standard. Now, technically ARM doesn’t have to always be SOC. But it means two things, first is that every phone model is an unique and bespoke production that will never exist again once out of print. Second, it is a Titanic task to reverse engineer certain parts of it, firmware for sensor input is always unique, for example.
This means that FOSS is at a disadvantage. To make free open software for a phone means that, either a manufacturer is magnanimous and gives you all the firmware, or after a major effort to reverse engineer lots of pieces of software, it will be useless for the next model of phone. You either make your own open standard phone, which is a several billion dollar r&d endeavor. Or you’re constantly shooting at a fast moving target.
No one has created an open standard that allows small component manufacturing of mutually interchangeable parts for phones. Risc-v is close but not yet terribly financially viable.
It’s not any one platform that is too complicated, it’s that none of it was standardized. So once you have support for one phone completely done, the next model is already released 6 months ago and you have to start almost from scratch again.
Pixel was one exception to this, because Google would release and document all the modifications needed to run Android. Unfortunately they stopped doing this as well.
Contrast this to the x86 PC and laptop market and everything basic, like how to discover hardware, how to boot is all a documented standard. Even though on PC, you still have to deal with drivers for specific hardware.
Another reason why PC is much easier for Linux is that much of the hardware is shared with servers and for servers, Linux is absolutely a first class operating system, which all but some extremely niche hardware manufacturers fully support.
You need way, way better sleep handling. To get decent battery life everything needs to be able to go to sleep really fast but also be able to listen for signals from specific devices like GSM modem and wake up immediately. Without it it’s not really usable. Desktop PCs didn’t have any sleep functionality for a very long time and even now they mostly just disable everything and wait for a button press. Sleep/wake-up cycle can last couple of seconds without issues.
Mobile hardware also has more devices. I don’t have GPS, GSM, accelerometer or finger print reader in my laptop. When Linux was developed they also didn’t have cameras or bluetooth. A lot of this additional devices are not easily available like PC parts and require closed source drivers and firmware.
To make a usable mobile phone you need to figure out all if it at once. You can’t really release a phone without GPS or GSM and expect people to use it as a daily driver. With PC you can live without the camera or build in WiFi. I remember using USB dongles for WiFi and simply not having a working camera in my Linux laptops and I was fine with it.
Has Fairphone failed in this regard, in your opinion?
Fairphone devs contribute drives to linux. Their phones are among the best supported devices for postmarketos and ubuntu touch and so on.
What are these Linux laptop providers going to sell if they can’t order anything from the factory that lets them change the software because reasons
Just updated my pinephone the other day. It’s not spectacular in terms of usability. It does the bare minimum at the bare minimum.
I’m saying that there’s enough laptop providers and enough different factories to maintain supply of unlocked hardware. You don’t have to worry about locked CPU/GPUs, only about locked bootloaders which have a lot of different providers. With mobiles it’s easier to lock because it’s all packed into SOCs and you don’t have as much choice for latest hardware.
Too late to do this for PCs.
let me tell you about this little thing called windows 11.
I know for a fact that this is exactly where compute is going, just look at the aggressive moves that MS has been making over the last 15-25 years.
it starts with requiring an always on connection, and ends with hardware lockout like Mac has.
sure Linux will be an option… but for how much longer? all the old devs are retiring and the new ones…god help us. they want to rewrite it like any greenhorn, and they want to use…rust??!
I give it 10-15 years before hardware locks out Linux, and Linux is dying.
I’m a Linux user btw, so don’t think I’m a MS or Mac fan.
Linux is dying
I definitely am not getting this impression, especially with the recent boost in popularity, but this isn’t my field of expertise. Any reading you can recommend to get an old man up to speed?
Most of servers run Linux, and servers are just computers.
https://www.supermicro.com/en/products/system/clouddc/1u/sys-611c-tn4r is not running anticheat required software, bank webapps and windows store could start requiring: https://insider-gaming.com/battlefield-6-secureboot-not-enabled-error/
Just to add on top of that I think Linux will be good as long as Torvalds is alive. After that who knows what would happen. They might add binaries to mainstream kernel that lock you out and who can stop them ? We are lucky we live in times where we have a choice.
They might add binaries to mainstream kernel that lock you out and who can stop them ?
Who are “they”?
It seams you don’t know how Linux kernel is maintained. Linus is simply releasing the most commonly used versions of it. Nothing stops you from choosing a different one. If someone takes over the main kernel and starts doing weird things distros will simply package another kernel by default.
I would say if/when PCs move over to ARM than we very well may see the same issues mobile devices have. There is a severe lack of Linux compatibility due to proprietary drivers, sometimes no drivers at all, no software support, and no device trees.
there is another… but, it may be RISCy
As much as I love RISC-V I’m afraid it will turn just like arm now, the architecture is open but every chipset that came out is not, there isn’t an unified booting standard like UEFI+ACPI for RISC-V
God I hope i’m wrong
Also ARM is way less standard. While UEFI does exist on ARM, most just use some custom bootloader. And let’s not forget how ARM is protecting its Mali Linux drivers.
I have the ubuntu 25 concept installed on my snapdragon HP Omnibook 14
Other than a few software hiccups you would expect of a “concept build” it works almost perfectly and is now my daily driver. Actually getting the OS on the machine was pretty easy too, it has something akin to a bios. the process isn’t all that different.
The more difficult bit was getting the drivers working after installing the OS. no all of them have been released under license yet so some of them you have to poach from the windows partition. also audio required some tweaking.
Well yes many arm PCs do work, im just saying eventually they will be locked down
It’s not going to happen.
Motherboard manufacturers are not going to start making Windows only BIOS.
Microsofts target audience isn’t the private user. It’s companies. The money they make selling their OS to private persons are table scraps compared to their enterprise licenses. Any such initiative would fuck over every single enterprise customer.
It’s been attempted in two ways.
First is secure boot. There were a handful of computers sold that did not allow disabling of secure boot, or changing the loaded keys. So it was basically essentially a Windows only computer.
More recently is there was Microsoft Windows S. This was a cheap version of Windows Home that ran on low end computers and was locked to only allow installing apps from the Microsoft store. It was possible to unlock it but as I recall it required an additional fee.Enterprises almost all run Windows anyway so they DGAF.
Enterprises use a lot, and I do mean A LOT of custom software. Either developed in house or by others. They absolutely care.
What Microsoft does within their own OS, as the “S” version you’re talking about. That’s a non issue given you can just flash the drive and install whatever OS you want.
As for the concern that you’d somehow be unable to install another OS. Due to Secure Boot. I personally have never come across a computer that I’ve had full BIOS access to that didn’t allow disabling secure boot. Though some have been more cooperative than others. But maybe I’m just lucky.
But I’m also pretty sure there are linux distributions that support Secure Boot.
Secure Boot for what it’s intended to do, is a pretty good feature. Which is to stop unauthorized software from running before initiating your OS
I was talking about secure boot. If the computer only runs Windows, enterprise doesn’t care. If the computer only runs Windows S, it’s an absolute nonstarter in enterprise tons of apps aren’t on the app store. But Windows S is never targeted to enterprise, only low end home users.
Anything can support secure boot, the question is, are the keys included in the BIOS so it can run that particular OS without loading extra keys?
I’ve also not personally encountered a computer where secure boot couldn’t be disabled or the list of keys modified, but I’ve definitely heard about them existing.
What exactly is your argument? Why would a computer only be able to run Windows?
Secure Boot doesn’t restrict anyone to only windows. Even if we play with the idea that it’s impossible to disable it. You can still install some Linux distributions.
Anything can support secure boot, the question is, are the keys included in the BIOS so it can run that particular OS without loading extra keys?
I don’t even understand what you’re trying to say… You don’t need keys in BIOS to install either Windows, or Linux. The only purpose for the BIOS key is for users to be able to just boot up their new computer that they bought factory new WITH their OS of choice without having to go through extra steps of verifying your OS license.
But you don’t NEED a key in BIOS. You can still buy a key separately to set up Windows. Same goes with paid versions of Linux distributions, such as Red Hat.
Fedora supports secure boot out of the box
So does Ubuntu, but there is a catch. Secure boot relies on signature checking, so you can manually add the signature of your OS manually to the UEFI db, but can’t do that on locked UEFI. Major Linux providers went another route, they paid Microsoft to sign a
shim
binary, which in turn can verify and boot the matching Linux kernels. Microsoft refusing to sign shims would be a rather crippling move, but they would get a massive backlash from that.
Isn’t secure boot signed by Microsoft anyway IIRC? I know Lenovo had their own signing too. From my knowledge, installing a secure-boot supported linux version requires a ‘shim’ to allow it, and there was an issue that came up as the keys are due to expire for older OS versions.
Of course, Secure Boot can be switched off as well. (for now)
We already have that. A reason they want to shift to ARM is so they can lock the hardware down.
That’s probably why risc-v is getting quite popular in embedded stuff - smaller companies wanting more supply chain independence. Hopefully it’ll start to get more powerful soon for more serious computing. Its nice that stuff like debian now has risk-v version too.
deleted by creator
And just like that I’m all about Ubuntu phones now
Which devices are you planning to get at right now?
Either buy pine or try out userland for current but I haven’t completed the research yet
We already have “secure boot” BS. For now it’s easy to turn off but it’s only a matter of time before getting locked and forced everywhere.
And wasn’t there already some kind of security certificate issue with secure boot? It is like always, in the name of security and safety the free software/hardware gets locked away and ends up being less secure afterwards.
To all those people saying this will never happen because people wouldn’t accept or tolerate it ree living in a different reality, sorry to burst your bubble and faith in your fellow himans but…most people will just whinge whine cuss and then go do something else, people today have no guts in them to fight back and to lazy too, they expect others to do all the work for them, but wont lift a finger except to moan and whine about shit.
Long story short we are fucked, absolutely fucked, we…those that would/will do something are few and far between now, people aka the masses are used to being beaten down and being told to put up and shut up, just get on with it, so we few just have to look after ourselves, our families and friends, get through life best way we can, we be a small pocket of resistance but thats all sadly 🥺
Not the consumers so much as a ton of businesses that would have their whole IT broken.
Microsoft has really really wanted this to happen, but their attempts have failed to get traction, because it breaks just so many applications. The only reason people use windows is compatibility with all their apps, a move that breaks all the apps just doesn’t work.
Different with Android and iPhone where they managed to define the default position as app store and didn’t have to contend with “legacy”.
This is a very American mindset