661
We already have "secure boot" BS. For now it's easy to turn off but it's only a matter of time before getting locked and forced everywhere.
And wasn't there already some kind of security certificate issue with secure boot? It is like always, in the name of security and safety the free software/hardware gets locked away and ends up being less secure afterwards.
And just like that I’m all about Ubuntu phones now
Which devices are you planning to get at right now?
Either buy pine or try out userland for current but I haven’t completed the research yet
It's not going to happen.
Motherboard manufacturers are not going to start making Windows only BIOS.
Microsofts target audience isn't the private user. It's companies. The money they make selling their OS to private persons are table scraps compared to their enterprise licenses. Any such initiative would fuck over every single enterprise customer.
It's been attempted in two ways.
First is secure boot. There were a handful of computers sold that did not allow disabling of secure boot, or changing the loaded keys. So it was basically essentially a Windows only computer.
More recently is there was Microsoft Windows S. This was a cheap version of Windows Home that ran on low end computers and was locked to only allow installing apps from the Microsoft store. It was possible to unlock it but as I recall it required an additional fee.
Enterprises almost all run Windows anyway so they DGAF.
Enterprises use a lot, and I do mean A LOT of custom software. Either developed in house or by others. They absolutely care.
What Microsoft does within their own OS, as the "S" version you're talking about. That's a non issue given you can just flash the drive and install whatever OS you want.
As for the concern that you'd somehow be unable to install another OS. Due to Secure Boot. I personally have never come across a computer that I've had full BIOS access to that didn't allow disabling secure boot. Though some have been more cooperative than others. But maybe I'm just lucky.
But I'm also pretty sure there are linux distributions that support Secure Boot.
Secure Boot for what it's intended to do, is a pretty good feature. Which is to stop unauthorized software from running before initiating your OS
I was talking about secure boot. If the computer only runs Windows, enterprise doesn't care. If the computer only runs Windows S, it's an absolute nonstarter in enterprise tons of apps aren't on the app store. But Windows S is never targeted to enterprise, only low end home users.
Anything can support secure boot, the question is, are the keys included in the BIOS so it can run that particular OS without loading extra keys?
I've also not personally encountered a computer where secure boot couldn't be disabled or the list of keys modified, but I've definitely heard about them existing.
What exactly is your argument? Why would a computer only be able to run Windows?
Secure Boot doesn't restrict anyone to only windows. Even if we play with the idea that it's impossible to disable it. You can still install some Linux distributions.
Anything can support secure boot, the question is, are the keys included in the BIOS so it can run that particular OS without loading extra keys?
I don't even understand what you're trying to say... You don't need keys in BIOS to install either Windows, or Linux. The only purpose for the BIOS key is for users to be able to just boot up their new computer that they bought factory new WITH their OS of choice without having to go through extra steps of verifying your OS license.
But you don't NEED a key in BIOS. You can still buy a key separately to set up Windows. Same goes with paid versions of Linux distributions, such as Red Hat.
Fedora supports secure boot out of the box
So does Ubuntu, but there is a catch. Secure boot relies on signature checking, so you can manually add the signature of your OS manually to the UEFI db, but can't do that on locked UEFI. Major Linux providers went another route, they paid Microsoft to sign a shim binary, which in turn can verify and boot the matching Linux kernels. Microsoft refusing to sign shims would be a rather crippling move, but they would get a massive backlash from that.
load more comments
(1 replies)
This is already happening, but it's on an organisational level by policy. These policies can be applied to systems that follow trusted computing rules, which is most Windows 10 systems and pretty much all windows 11 systems. Google has laid the groundwork for this since the pixel 3 was released in 2018.
Since then, we have seen Google put the Titan security module in all phones and I'm certain Chromebooks are requiring TPM modules that serve the same function.
Apple has been doing the same since God knows when. Their systems have had unique chips that ensure that when MacOS is installed, it is only installed in Apple computers. There are ways around this, just as there are ways around the TPM requirement for Windows 11.
The trusted computing model, when fully imposed, can basically stop any applications from running that have not been given the blessing of the security team.
As far as I'm aware, the only people taking advantage of the technology are government institutions.
The fact that this can be wielded to enforce control over private individuals by our corporate masters is becoming a very real possibility, but the fact that it hasn't happened yet, by any vendor, is, in my opinion, good evidence to say that it's unlikely, but not impossible. Maybe that's wishful thinking on my part.
In any case, the only truly free operating system left is GNU/Linux, with few other exceptions.
They're waiting until all the products in the wild can be locked down.
Right now, they're struggling to get people.to jump to Windows 11, and people are hoarding their old computers. They want all the products that don't have TPM or its equivalent to be outmoded before they remove the mask.
load more comments
(1 replies)
load more comments
(1 replies)
That’s the whole intention of requiring TPM for Windows 11. It’s coming soon.
They also banned Kaspersky in the states because they weren’t whitelisting state malware.
I kind of expect this to happen with Apple's rumored $600 macbook. Since they just updated ipadOS to run like a locked down version of macOS. I bet they will offer this cheap mac with the same locked down OS since it will have a "phone" processor in it.
They will say this was a compromise needed, but the majority of people will not care. After a few years, the macs that are open will get more and more expensive.
I'm guessing Windows will slowly start to move in thie direction, but I think they will try to push their remote computers thing to accomplish this.
I'm not sure about bootloaders being locked, I am guessing there will always be something that is unlocked and able to run linux though. It is needed for servers and stuff like that. In the worst case, someone will likely sell arm or risc-v powered boards that can be used to run linux.
Didn't MS already try this with Windows S editions?
IIRC, I had a PC (since sold) that had secure boot permanently enabled from the factory. That is, in spirit, a PC with a "locked bootloader", but you might not even notice because many Linux distros have that Microsoft-blessed Linux loading shim... but it is still Microsoft inserting themselves between you and your hardware; they could decide in the next few years they no longer "support" Linux, hypothetically.
Now? Doesn’t M$ still release the "S" mode version of Windows that only allow downloads via their "official App Store"?
My girlfriends laptop came with S mode and holy shit, I just about threw it out the window. I knew Windows 11 would be dogshit but when I couldn't run firefoxinstaller.exe I got so annoyed. I then spent ~30 minutes troubleshooting how to allow running fucking exes as the guides were all out of date, including the one that were a month old.
I've been using Linux and XP for a few years now and god damn does it feel gross to use Win11. Not having control over your own PC is disgusting.
Windows machines make great Linux devices. Hope your gf likes her new Ubuntu laptop :)
You can convert to the home edition for free (for now at least)
Also you can disable secure boot and just install linux.
For phones Google gets to decide, as an os maker. For PCs, there are multiple OSses so hardware manufacturers get to decide.
I personally don't see AMD or Intel doing that anytime soon, and if they do, at least Arm and Risc-V are making some good progress in the desktop space
Microsoft tried to get things going that way with "s", but it didn't take
load more comments
(1 replies)
Fear of this is why I have been hoarding any computer that runs for a long time now
Thinkcentre club stand uup !
I think I have 5 😐 or 6 IDK
I don't know how useful 32 bit old computers are, if they run cryptography software they aren't completely useless
Mine are all "modern" ones, I think even the old E8300 was 64 bits and that one I left a loong time ago. Do you keep all your computers?
All the ones that run and a couple that don't. Some are in my mom's basement though
load more comments
(2 replies)
Linux is quite well established now on home pc's and servers to the dismay of Microsoft and Apple. I hated Secureboot , built into UEFI, during startup by verifying the digital signatures of firmware, drivers, and the OS bootloader. Reading into Deep State Mass surveillance helps:
https://www.printernational.co.uk/timmann/history.htm#surveillance
Nothing says that Linux could eventually evolve into the same thing or fail to ever really function for the masses.
Absolutely not, that would never happen. Why? Because there's a load of stuff that runs on Windows that is ancient and only exists as legacy software and never receives updates.
If anything, Windows is the last operating system that will have locked bootloaders, because if they do, there's gonna be some bank somewhere in the world suing them because their ancient counting software was originally made for Windows 3.0 back in the day and Microsoft has had to build their entire operating system around making sure that software continues to run.
They might have hardware requirements like the TPM chip, but they're never going to make it so you can only install software approved by them, because they've got over 40 years of software they'd need to approve before they can do that, and they won't.
Not to mention there will always be methods for and hackers jailbreaking devices. Even Windows 11's TPM requirements have been defeated, anything else will be too.
https://youtu.be/HUEvRyemKSg might be relevant.
Turns out some people can predict the future if they pay attention
Eh, just means it isn't plug and play. Once you have the hardware, you are the admin.
It may get tougher, but it'll never be impossible.
view more: next ›
this post was submitted on 01 Sep 2025
661 points (100.0% liked)
No Stupid Questions
43352 readers
588 users here now
No such thing. Ask away!
!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must be legitimate questions. All post titles must include a question.
All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.
Rule 2- Your question subject cannot be illegal or NSFW material.
Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding META posts and joke questions.
Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.
On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.
If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.
Rule 7- You can't intentionally annoy, mock, or harass other members.
If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.
Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- Majority of bots aren't allowed to participate here. This includes using AI responses and summaries.
Credits
Our breathtaking icon was bestowed upon us by @Cevilia!
The greatest banner of all time: by @TheOneWithTheHair!
founded 2 years ago
MODERATORS