zlacker

[return to "Pluton is not currently a threat to software freedom"]
1. messe+sa[view] [source] 2022-01-09 03:37:29
>>foodst+(OP)
The fearmongering about Pluton feels very similar to the criticism that was levied against UEFI Secure Boot when it was being debuted. In the end, x86 systems didn't become any more locked down.

I predict that this will blow over, and won't be a big deal in a few years time once FOSS drivers for what is effectively just a new breed of TPM are released.

If in five years, it turns out I was wrong, I'll eat my hat. Although defining "my hat" by then might be difficult, as it'll probably be subscription based.

◧◩
2. jevote+zb[view] [source] 2022-01-09 03:46:42
>>messe+sa
> In the end, x86 systems didn't become any more locked down.

And non-x86 systems? Wasn't there a line of MS Surface devices where secure boot could not be disabled, and users were stuck with Windows? It feels careless to only care about x86, especially as other platforms proliferate.

In any case, lockdown is not the only threat that Trusted Computing presents. Remote attestation itself is dangerous. If we remove our x86 blinkers and look at the mobile world, we see it's already happening, with countless apps, including ones important to modern day life such as banking, refusing to run on rooted phones.

You may say, "Oh, I will use my x86 desktop system at home for Free Computing, and allow phones, consoles, tablets, surface devices, etc etc, to become locked down." Like the old free speech zones, this is a toothless freedom, tamed and neutered. The user-empowering Free Software you will write will have no users - they will be on locked devices.

◧◩◪
3. gruez+uc[view] [source] 2022-01-09 03:55:08
>>jevote+zb
Your ARM smartphone and/or IOT device don't support UEFI or secureboot, yet they were still locked down and you couldn't flash third party OSes. The problem is locked bootloaders, not UEFI or secureboot. Fearmongering over a largely non-problematic implementation (secureboot explicitly allows you to load your own keys) is exactly OP's point.
◧◩◪◨
4. jevote+Xd[view] [source] 2022-01-09 04:07:44
>>gruez+uc
This sounds very much like "there are many ways to lock out users, why are you complaining about this specific method, when other platforms used a different one?"
◧◩◪◨⬒
5. judge2+Dg[view] [source] 2022-01-09 04:33:30
>>jevote+Xd
We should be complaining when it happens, not that any of these methods exist - they're super useful to have in many applications, eg. access control door locks, keeping PKI HSMs locked down, etc.
[go to top]