We already have “secure boot” BS. For now it’s easy to turn off but it’s only a matter of time before getting locked and forced everywhere.
And just like that I’m all about Ubuntu phones now
Which devices are you planning to get at right now?
Either buy pine or try out userland for current but I haven’t completed the research yet
I kind of expect this to happen with Apple’s rumored $600 macbook. Since they just updated ipadOS to run like a locked down version of macOS. I bet they will offer this cheap mac with the same locked down OS since it will have a “phone” processor in it.
They will say this was a compromise needed, but the majority of people will not care. After a few years, the macs that are open will get more and more expensive.
I’m guessing Windows will slowly start to move in thie direction, but I think they will try to push their remote computers thing to accomplish this.
I’m not sure about bootloaders being locked, I am guessing there will always be something that is unlocked and able to run linux though. It is needed for servers and stuff like that. In the worst case, someone will likely sell arm or risc-v powered boards that can be used to run linux.
Didn’t MS already try this with Windows S editions?
https://youtu.be/HUEvRyemKSg might be relevant.
Turns out some people can predict the future if they pay attention
Linux is quite well established now on home pc’s and servers to the dismay of Microsoft and Apple. I hated Secureboot , built into UEFI, during startup by verifying the digital signatures of firmware, drivers, and the OS bootloader. Reading into Deep State Mass surveillance helps:
https://www.printernational.co.uk/timmann/history.htm#surveillance
Nothing says that Linux could eventually evolve into the same thing or fail to ever really function for the masses.
Fear of this is why I have been hoarding any computer that runs for a long time now
Thinkcentre club stand uup !
I think I have 5 😐 or 6 IDK
I don’t know how useful 32 bit old computers are, if they run cryptography software they aren’t completely useless
Mine are all “modern” ones, I think even the old E8300 was 64 bits and that one I left a loong time ago. Do you keep all your computers?
All the ones that run and a couple that don’t. Some are in my mom’s basement though
Any idea what you want to use them for, or is it “just in case”?
At minimum they can be crypto terminals or distraction free writing/eBook reading machines. But mostly just in case it’s all we have left to use.
This is already happening, but it’s on an organisational level by policy. These policies can be applied to systems that follow trusted computing rules, which is most Windows 10 systems and pretty much all windows 11 systems. Google has laid the groundwork for this since the pixel 3 was released in 2018.
Since then, we have seen Google put the Titan security module in all phones and I’m certain Chromebooks are requiring TPM modules that serve the same function.
Apple has been doing the same since God knows when. Their systems have had unique chips that ensure that when MacOS is installed, it is only installed in Apple computers. There are ways around this, just as there are ways around the TPM requirement for Windows 11.
The trusted computing model, when fully imposed, can basically stop any applications from running that have not been given the blessing of the security team.
As far as I’m aware, the only people taking advantage of the technology are government institutions.
The fact that this can be wielded to enforce control over private individuals by our corporate masters is becoming a very real possibility, but the fact that it hasn’t happened yet, by any vendor, is, in my opinion, good evidence to say that it’s unlikely, but not impossible. Maybe that’s wishful thinking on my part.
In any case, the only truly free operating system left is GNU/Linux, with few other exceptions.
They’re waiting until all the products in the wild can be locked down.
Right now, they’re struggling to get people.to jump to Windows 11, and people are hoarding their old computers. They want all the products that don’t have TPM or its equivalent to be outmoded before they remove the mask.
Maybe. In my experience business isn’t that patient.
A TPM is otherwise a good thing. It can extend cryptographic capabilities and the overall security stance of the system.
But I digress. I will reserve judgement for now. Time will tell either way, and I don’t think anyone will feel like gloating if they start to lock it down like you believe they will.
Gnu Hurd ftw ! (I’ll see myself out)
It’s not going to happen.
Motherboard manufacturers are not going to start making Windows only BIOS.
Microsofts target audience isn’t the private user. It’s companies. The money they make selling their OS to private persons are table scraps compared to their enterprise licenses. Any such initiative would fuck over every single enterprise customer.
It’s been attempted in two ways.
First is secure boot. There were a handful of computers sold that did not allow disabling of secure boot, or changing the loaded keys. So it was basically essentially a Windows only computer.
More recently is there was Microsoft Windows S. This was a cheap version of Windows Home that ran on low end computers and was locked to only allow installing apps from the Microsoft store. It was possible to unlock it but as I recall it required an additional fee.Enterprises almost all run Windows anyway so they DGAF.
Fedora supports secure boot out of the box
So does Ubuntu, but there is a catch. Secure boot relies on signature checking, so you can manually add the signature of your OS manually to the UEFI db, but can’t do that on locked UEFI. Major Linux providers went another route, they paid Microsoft to sign a
shimbinary, which in turn can verify and boot the matching Linux kernels. Microsoft refusing to sign shims would be a rather crippling move, but they would get a massive backlash from that.
Isn’t secure boot signed by Microsoft anyway IIRC? I know Lenovo had their own signing too. From my knowledge, installing a secure-boot supported linux version requires a ‘shim’ to allow it, and there was an issue that came up as the keys are due to expire for older OS versions.
Of course, Secure Boot can be switched off as well. (for now)
Microsoft are smart enough to not piss off and destroy their entire business overnight, so you can count on it never being forced by them.
pissing off customers never stopped them for decades different versions of office programs ran side by side with no issues. they auto uninstall other versions of office automatically while stopping the install with a big pop up about compatibility issues.
this impacts all businesses using old versions of access programs alongside more new versions of office with newer installers. along with a byzantine licensing model with bizarre “incompatibilities” between the same year versions in different licensing channels, yeah tell me how microsoft won’t piss off corpo and government clients.
they seem to specialize in pissing off corpo and gov clients.
This kind of stuff never happens overnight. It happens slowly, incrementally, and the people are never mad enough at too much sudden change to be motivated enough to do anything. People should feel good about the imposition of boundaries, and it helps that for the average user, the boundaries often result in a better user experience.
Last time I used windows in a big corpo settings, there were so many things pudding off both us Devs but also IT.
Switch out a bad RAM stick? Spend an hour with IT.
Use a software? Spend an hour (or days) with IT
Compile your own software? Believe it or not, spend large amounts of time with IT
Like the compiler on a windows PC can’t work without different windows protection systems gets in the way, repeatedly. And then your executable, or some .d’ll just get wiped off the disk 😐🤷🏼♀️
I don’t think they do it intentionally, but big corpos don’t give a shit about their workers conditions, so if they were to enforce things (with backdoors ofc, so that if needed you can deactivate things, remember the unique installation code for windows like 95 or 98?) the grunts will just have to eat it up. And they would probably not have a much harder time, everything is already locked down hardware wise so they are used to all that jazz.
They certainly wouldn’t roll it out overnight but they’ve had their long term targets on OS as a service since Windows 8 and these things tend to come bundled.
Nah, they know their limits. They will keep trying to make an optional locked down OS for regular users a thing, but there will always be a fully “unlocked” version available due to legacy software and the entire worlds reliance on it.
While microsoft also plays in the quarter to quarter economic BS they still have long term planning.
It’s precisely because they have a monopoly on enterprise class software that they could pull this off. That’s why the shift in euro-gov agencies to linux is such a big deal.
MS already has updates as a “free” service and windows insider which requires a paid azure sub which means they already use the threat of “security risks” to force companies to subscribe to azure, which is in effect equivalent to a sub to the OS.
I’m suggesting that they’re going to do what they’ve said they want to do. Just maybe on the longer term or in a novel way.
The biggest motivation they have to keep individual licenses OTP is it gets people used to the ecosystem (customer capture) and they’re massively profiting on all of
yourthat data.
IIRC, I had a PC (since sold) that had secure boot permanently enabled from the factory. That is, in spirit, a PC with a “locked bootloader”, but you might not even notice because many Linux distros have that Microsoft-blessed Linux loading shim… but it is still Microsoft inserting themselves between you and your hardware; they could decide in the next few years they no longer “support” Linux, hypothetically.
For phones Google gets to decide, as an os maker. For PCs, there are multiple OSses so hardware manufacturers get to decide.
I personally don’t see AMD or Intel doing that anytime soon, and if they do, at least Arm and Risc-V are making some good progress in the desktop space
Microsoft tried to get things going that way with “s”, but it didn’t take
I bought my wife a cheap Lenovo laptop when she needed something that supported the “Lockdown” browser (no Linux support). Didn’t realize when I bought it what “S” meant (and I’ve been an IT guy for over 20 years). Got it home and realized what was up, it couldn’t even run that browser because it had to be the preconfigured browser from her school and not one from the MS store. An evening of fiddling and a $3 grey market key and she was back onto a normal Windows install.
On the plus side the laptop was only like $299 or $399 and really isn’t too bad on the hardware side.
To all those people saying this will never happen because people wouldn’t accept or tolerate it ree living in a different reality, sorry to burst your bubble and faith in your fellow himans but…most people will just whinge whine cuss and then go do something else, people today have no guts in them to fight back and to lazy too, they expect others to do all the work for them, but wont lift a finger except to moan and whine about shit.
Long story short we are fucked, absolutely fucked, we…those that would/will do something are few and far between now, people aka the masses are used to being beaten down and being told to put up and shut up, just get on with it, so we few just have to look after ourselves, our families and friends, get through life best way we can, we be a small pocket of resistance but thats all sadly 🥺
Not the consumers so much as a ton of businesses that would have their whole IT broken.
Microsoft has really really wanted this to happen, but their attempts have failed to get traction, because it breaks just so many applications. The only reason people use windows is compatibility with all their apps, a move that breaks all the apps just doesn’t work.
Different with Android and iPhone where they managed to define the default position as app store and didn’t have to contend with “legacy”.
They’d have to completely kill the ability to build your own machine (the whole “IBM compatability” thing) and I don’t see that happening when almost every business and factory uses their own custom shit for specific niche reasons.
Not really. The pieces are already in place with UEFI and Secure Boot. All that would need to happen would be to force Secure Boot to be enabled, and only preload keys for an approved list of operating systems. With that, your fancy new motherboard may not be able to boot and run the OS of your choice.
Then all the software nerds become hardware nerds, and the cycle continues.
17 and a half weeks
!Remindme 4 January 2026
nah. 28 likely. I mean later.
