Mmmm, Linux
How long do we have before PCs get locked bootloaders and corporations ban installation of "non-approved" software? (for context: Google is restricting sideloading worldwide on Android ETA 2027)
Submitted 7 months ago by DeathByBigSad@sh.itjust.works to nostupidquestions@lemmy.world
Comments
Clbull@lemmy.world 7 months ago
handsoffmydata@lemmy.zip 7 months ago
Now? Doesn’t M$ still release the “S” mode version of Windows that only allow downloads via their “official App Store”?
xvertigox@lemmy.world 7 months ago
My girlfriends laptop came with S mode and holy shit, I just about threw it out the window. I knew Windows 11 would be dogshit but when I couldn’t run firefoxinstaller.exe I got so annoyed. I then spent ~30 minutes troubleshooting how to allow running fucking exes as the guides were all out of date, including the one that were a month old.
I’ve been using Linux and XP for a few years now and god damn does it feel gross to use Win11. Not having control over your own PC is disgusting.
handsoffmydata@lemmy.zip 7 months ago
Windows machines make great Linux devices. Hope your gf likes her new Ubuntu laptop :)
DeathByBigSad@sh.itjust.works 7 months ago
You can convert to the home edition for free (for now at least)
Also you can disable secure boot and just install linux.
DoctorPress@lemmy.zip 7 months ago
[deleted]__siru__@discuss.tchncs.de 7 months ago
And wasn’t there already some kind of security certificate issue with secure boot? It is like always, in the name of security and safety the free software/hardware gets locked away and ends up being less secure afterwards.
Unlocking_Freedom@lemmy.world 7 months ago
Linux is quite well established now on home pc’s and servers to the dismay of Microsoft and Apple. I hated Secureboot , built into UEFI, during startup by verifying the digital signatures of firmware, drivers, and the OS bootloader. Reading into Deep State Mass surveillance helps:
Professorozone@lemmy.world 7 months ago
Nothing says that Linux could eventually evolve into the same thing or fail to ever really function for the masses.
localhorst@sh.itjust.works 7 months ago
youtu.be/HUEvRyemKSg might be relevant.
Turns out some people can predict the future if they pay attention
Blackmist@feddit.uk 7 months ago
Didn’t MS already try this with Windows S editions?
Smoogs@lemmy.world 7 months ago
And just like that I’m all about Ubuntu phones now
DeathByBigSad@sh.itjust.works 7 months ago
Which devices are you planning to get at right now?
Smoogs@lemmy.world 7 months ago
Either buy pine or try out userland for current but I haven’t completed the research yet
neon_nova@lemmy.dbzer0.com 7 months ago
I kind of expect this to happen with Apple’s rumored $600 macbook. Since they just updated ipadOS to run like a locked down version of macOS. I bet they will offer this cheap mac with the same locked down OS since it will have a “phone” processor in it.
They will say this was a compromise needed, but the majority of people will not care. After a few years, the macs that are open will get more and more expensive.
I’m guessing Windows will slowly start to move in thie direction, but I think they will try to push their remote computers thing to accomplish this.
I’m not sure about bootloaders being locked, I am guessing there will always be something that is unlocked and able to run linux though. It is needed for servers and stuff like that. In the worst case, someone will likely sell arm or risc-v powered boards that can be used to run linux.
fluffykittycat@slrpnk.net 7 months ago
Fear of this is why I have been hoarding any computer that runs for a long time now
Valmond@lemmy.world 7 months ago
Thinkcentre club stand uup !
I think I have 5 😐 or 6 IDK
fluffykittycat@slrpnk.net 7 months ago
I don’t know how useful 32 bit old computers are, if they run cryptography software they aren’t completely useless
MystikIncarnate@lemmy.ca 7 months ago
This is already happening, but it’s on an organisational level by policy. These policies can be applied to systems that follow trusted computing rules, which is most Windows 10 systems and pretty much all windows 11 systems. Google has laid the groundwork for this since the pixel 3 was released in 2018.
Since then, we have seen Google put the Titan security module in all phones and I’m certain Chromebooks are requiring TPM modules that serve the same function.
Apple has been doing the same since God knows when. Their systems have had unique chips that ensure that when MacOS is installed, it is only installed in Apple computers. There are ways around this, just as there are ways around the TPM requirement for Windows 11.
The trusted computing model, when fully imposed, can basically stop any applications from running that have not been given the blessing of the security team.
As far as I’m aware, the only people taking advantage of the technology are government institutions.
The fact that this can be wielded to enforce control over private individuals by our corporate masters is becoming a very real possibility, but the fact that it hasn’t happened yet, by any vendor, is, in my opinion, good evidence to say that it’s unlikely, but not impossible. Maybe that’s wishful thinking on my part.
In any case, the only truly free operating system left is GNU/Linux, with few other exceptions.
chiliedogg@lemmy.world 7 months ago
They’re waiting until all the products in the wild can be locked down.
Right now, they’re struggling to get people.to jump to Windows 11, and people are hoarding their old computers. They want all the products that don’t have TPM or its equivalent to be outmoded before they remove the mask.
MystikIncarnate@lemmy.ca 7 months ago
Maybe. In my experience business isn’t that patient.
A TPM is otherwise a good thing. It can extend cryptographic capabilities and the overall security stance of the system.
But I digress. I will reserve judgement for now. Time will tell either way, and I don’t think anyone will feel like gloating if they start to lock it down like you believe they will.
UnsavoryMollusk@lemmy.world 7 months ago
Gnu Hurd ftw ! (I’ll see myself out)
FreedomAdvocate@lemmy.net.au 7 months ago
Microsoft are smart enough to not piss off and destroy their entire business overnight, so you can count on it never being forced by them.
angband@lemmy.world 7 months ago
pissing off customers never stopped them for decades different versions of office programs ran side by side with no issues. they auto uninstall other versions of office automatically while stopping the install with a big pop up about compatibility issues.
this impacts all businesses using old versions of access programs alongside more new versions of office with newer installers. along with a byzantine licensing model with bizarre “incompatibilities” between the same year versions in different licensing channels, yeah tell me how microsoft won’t piss off corpo and government clients.
they seem to specialize in pissing off corpo and gov clients.
FreedomAdvocate@lemmy.net.au 7 months ago
Sounds like the businesses you’re talking about have incompetent IT staff.
staph@sopuli.xyz 7 months ago
This kind of stuff never happens overnight. It happens slowly, incrementally, and the people are never mad enough at too much sudden change to be motivated enough to do anything. People should feel good about the imposition of boundaries, and it helps that for the average user, the boundaries often result in a better user experience.
FreedomAdvocate@lemmy.net.au 7 months ago
I don’t think you guys understand that forcing windows to only run approved by Microsoft software would literally break the world as we know it. Microsoft know this. There’s no way around it.
Valmond@lemmy.world 7 months ago
Last time I used windows in a big corpo settings, there were so many things pudding off both us Devs but also IT.
Switch out a bad RAM stick? Spend an hour with IT.
Use a software? Spend an hour (or days) with IT
Compile your own software? Believe it or not, spend large amounts of time with IT
Like the compiler on a windows PC can’t work without different windows protection systems gets in the way, repeatedly. And then your executable, or some .d’ll just get wiped off the disk 😐🤷🏼♀️
I don’t think they do it intentionally, but big corpos don’t give a shit about their workers conditions, so if they were to enforce things (with backdoors ofc, so that if needed you can deactivate things, remember the unique installation code for windows like 95 or 98?) the grunts will just have to eat it up. And they would probably not have a much harder time, everything is already locked down hardware wise so they are used to all that jazz.
FreedomAdvocate@lemmy.net.au 7 months ago
None of your examples at the start I’d that comment make sense or are true.
Also you’re talking about corporate policies for businesses that use windows, not windows itself. Management of devices is one of the biggest reasons why windows is the only real option for big corporations.
untorquer@lemmy.world 7 months ago
They certainly wouldn’t roll it out overnight but they’ve had their long term targets on OS as a service since Windows 8 and these things tend to come bundled.
FreedomAdvocate@lemmy.net.au 7 months ago
Nah, they know their limits. They will keep trying to make an optional locked down OS for regular users a thing, but there will always be a fully “unlocked” version available due to legacy software and the entire worlds reliance on it.
Atomic@sh.itjust.works 7 months ago
It’s not going to happen.
Motherboard manufacturers are not going to start making Windows only BIOS.
Microsofts target audience isn’t the private user. It’s companies. The money they make selling their OS to private persons are table scraps compared to their enterprise licenses. Any such initiative would fuck over every single enterprise customer.
SirEDCaLot@lemmy.today 7 months ago
It’s been attempted in two ways.
First is secure boot. There were a handful of computers sold that did not allow disabling of secure boot, or changing the loaded keys. So it was basically essentially a Windows only computer.
More recently is there was Microsoft Windows S. This was a cheap version of Windows Home that ran on low end computers and was locked to only allow installing apps from the Microsoft store. It was possible to unlock it but as I recall it required an additional fee.Enterprises almost all run Windows anyway so they DGAF.
Atomic@sh.itjust.works 7 months ago
Enterprises use a lot, and I do mean A LOT of custom software. Either developed in house or by others. They absolutely care.
What Microsoft does within their own OS, as the “S” version you’re talking about. That’s a non issue given you can just flash the drive and install whatever OS you want.
As for the concern that you’d somehow be unable to install another OS. Due to Secure Boot. I personally have never come across a computer that I’ve had full BIOS access to that didn’t allow disabling secure boot. Though some have been more cooperative than others. But maybe I’m just lucky.
But I’m also pretty sure there are linux distributions that support Secure Boot.
Secure Boot for what it’s intended to do, is a pretty good feature. Which is to stop unauthorized software from running before initiating your OS
Chrobin@discuss.tchncs.de 7 months ago
Fedora supports secure boot out of the box
tarknassus@lemmy.world 7 months ago
Isn’t secure boot signed by Microsoft anyway IIRC? I know Lenovo had their own signing too. From my knowledge, installing a secure-boot supported linux version requires a ‘shim’ to allow it, and there was an issue that came up as the keys are due to expire for older OS versions.
Of course, Secure Boot can be switched off as well. (for now)
untakenusername@sh.itjust.works 7 months ago
17 and a half weeks
Jimmycrackcrack@lemmy.ml 7 months ago
!Remindme 4 January 2026
HubertManne@piefed.social 7 months ago
nah. 28 likely. I mean later.
xia@lemmy.sdf.org 7 months ago
IIRC, I had a PC (since sold) that had secure boot permanently enabled from the factory. That is, in spirit, a PC with a “locked bootloader”, but you might not even notice because many Linux distros have that Microsoft-blessed Linux loading shim… but it is still Microsoft inserting themselves between you and your hardware; they could decide in the next few years they no longer “support” Linux, hypothetically.
HexesofVexes@lemmy.world 7 months ago
Eh, just means it isn’t plug and play. Once you have the hardware, you are the admin.
It may get tougher, but it’ll never be impossible.
tempest@lemmy.ca 7 months ago
Tell they to the Intel management engine or secure platform module
HexesofVexes@lemmy.world 7 months ago
Hi intel management system, you can be thrown into abnormal states where you sit there eating glue.
AdrianTheFrog@lemmy.world 7 months ago
For phones Google gets to decide, as an os maker. For PCs, there are multiple OSses so hardware manufacturers get to decide.
I personally don’t see AMD or Intel doing that anytime soon, and if they do, at least Arm and Risc-V are making some good progress in the desktop space
jj4211@lemmy.world 7 months ago
Microsoft tried to get things going that way with “s”, but it didn’t take
ITGuyLevi@programming.dev 7 months ago
I bought my wife a cheap Lenovo laptop when she needed something that supported the “Lockdown” browser (no Linux support). Didn’t realize when I bought it what “S” meant (and I’ve been an IT guy for over 20 years). Got it home and realized what was up, it couldn’t even run that browser because it had to be the preconfigured browser from her school and not one from the MS store. An evening of fiddling and a $3 grey market key and she was back onto a normal Windows install.
On the plus side the laptop was only like $299 or $399 and really isn’t too bad on the hardware side.
xePBMg9@lemmynsfw.com 7 months ago
I’m not an expert. But microsoft controls secure boot signing, right?
Microsoft is also involved in setting standards and influences manufacturers. I feel like the future where secure boot is the only option and were Microsoft holds the keys is likely.
Kolanaki@pawb.social 7 months ago
They’d have to completely kill the ability to build your own machine (the whole “IBM compatability” thing) and I don’t see that happening when almost every business and factory uses their own custom shit for specific niche reasons.
toddestan@lemmy.world 7 months ago
Not really. The pieces are already in place with UEFI and Secure Boot. All that would need to happen would be to force Secure Boot to be enabled, and only preload keys for an approved list of operating systems. With that, your fancy new motherboard may not be able to boot and run the OS of your choice.
discocactus@lemmy.world 7 months ago
Then all the software nerds become hardware nerds, and the cycle continues.
Aimeeloulm@feddit.uk 7 months ago
To all those people saying this will never happen because people wouldn’t accept or tolerate it ree living in a different reality, sorry to burst your bubble and faith in your fellow himans but…most people will just whinge whine cuss and then go do something else, people today have no guts in them to fight back and to lazy too, they expect others to do all the work for them, but wont lift a finger except to moan and whine about shit.
Long story short we are fucked, absolutely fucked, we…those that would/will do something are few and far between now, people aka the masses are used to being beaten down and being told to put up and shut up, just get on with it, so we few just have to look after ourselves, our families and friends, get through life best way we can, we be a small pocket of resistance but thats all sadly 🥺
rocky1138@sh.itjust.works 7 months ago
This is a very American mindset
jj4211@lemmy.world 7 months ago
Not the consumers so much as a ton of businesses that would have their whole IT broken.
Microsoft has really really wanted this to happen, but their attempts have failed to get traction, because it breaks just so many applications. The only reason people use windows is compatibility with all their apps, a move that breaks all the apps just doesn’t work.
Different with Android and iPhone where they managed to define the default position as app store and didn’t have to contend with “legacy”.
RedFrank24@lemmy.world 7 months ago
Absolutely not, that would never happen. Why? Because there’s a load of stuff that runs on Windows that is ancient and only exists as legacy software and never receives updates.
If anything, Windows is the last operating system that will have locked bootloaders, because if they do, there’s gonna be some bank somewhere in the world suing them because their ancient counting software was originally made for Windows 3.0 back in the day and Microsoft has had to build their entire operating system around making sure that software continues to run.
NikkiDimes@lemmy.world 7 months ago
Not to mention there will always be methods and hackers jailbreaking devices. Even Windows 11’s TPM requirements have been defeated, anything else will be too.
SoftestSapphic@lemmy.world 7 months ago
Never
It isn’t gonna happen
The enshittification would be too much, and people would gravitate twoards the more usable tech.
People liked Apple and Google because they offered simplified UX that still let people access what they wanted, as soon as people feel too restricted they will stop using the tech.
This trend is independent and unimpeded by the legality of the tech.
ameancow@lemmy.world 7 months ago
It will happen when the major companies produce some kind of magical formula that literally everyone wants and are willing to sacrifice freedoms just to have it.
THIS is the reason they are chasing AI so hard and trying to make it to AGI before anyone is ready or prepared. They want everyone to have their magical fairy whispering product placements in their ear and charming them into simulated relationships so that the users abandon all thought of having personal control and freedom to train the things themselves, to install their own upgrades, etc.
The next major “thing” we all carry is going to be some kind of AI that can see through your view of the environment and can whisper to you privately various simulated thoughts, observations and relevant info about the things around you. As well of course as “Hey look, Kohl’s is having a 35% off sale on jackets, didn’t you need one?”
This is their dream, this is why they have put so much into the tech. People are going to gobble it up if they can ever get there, and with that goes all semblance of autonomy, freedom or independant thought.
ArnaulttheGrim@lemmy.world 7 months ago
Call me when they start bringing in legitimacy between understanding how the brain actually functions and relate it to how computation systems actually work.
The current models STRUGGLE with basic speech comprehension that humans are able to nail with significantly higher precision (Just look at LMLs that struggle with dialects between large regions like the US). Use a slang word in a modern search, or use a common definition vs the literal, AI stumbles and fails frequently. Having worked on models as someone whose job was in AI, the algorithms STRUGGLE even understanding basic concepts such as ‘Yes’ and ‘Yeah’ being interchangeable without dedicated training. There is a reason that it used to be countless humans sitting in a room teaching a machine how to do something with basic boolean values.
Current Automated Intelligence (I refuse to call it Narrow AI as it diminishes the term AI) will simply be the way of things for a long time until these companies can build trust in them and are able to actually roll out reliable items that: 1) Dont make up data. 2) Can verify data on its own. 3) Can actually understand people when they type/say something.
True AI or what they are calling AGI nowadays is a pipe dream similar to what 3D/Augmented Reality/Holographic concepts are. There will be spikes of innovation followed by periods of stagnation. The only difference is that right now current AI models are useful in the corporate world which will lead to shorter periods of stagnation comparably.
brucethemoose@lemmy.world 7 months ago
Fortunately, Microsoft is too incompetent to pull this off on Windows.
They tried. See the metro app push in Windows 8+. But it’s kind of incredible how much they permanently bungled it.
And if Windows doesn’t do it, hardware makers aren’t really interested in that sort of thing.
Stuff like SteamOS does worry me a tiny bit. It’s obviously fine now, but I can see a future where, say, Valve (or any hardware seller with some kind of successful storefront) starts to not like rising competition on their own stuff.
DeathByBigSad@sh.itjust.works 7 months ago
SteamOS
SteamDeck doesn’t even have secure boot in the BIOS lol
MonkeyBrawler@lemmy.world 7 months ago
Microsoft is incompetent, and Valve is concerning? Lol
Evotech@lemmy.world 7 months ago
I mean we already have that with Nintendo, Xbox and PlayStation
MuttMutt@lemmy.world 7 months ago
And these devices are controlled both hardware and software by an oem.
PC’s are hardware and software agnostic. Some OEM’s have done weird stuff with the hardware and bios/uefi to prevent users from upgrading and don’t some things but as long as you can buy a motherboard, gpu, ram, and other parts is going to be tough to convince three manufacturers to prevent an end user from using it how they see fit.
Tuuktuuk@sopuli.xyz 7 months ago
I would say this is one of the things EU is doing quite a good job.
It would be difficult making Linux de facto illegal in EU. It could happen but most likely it won’t.
ArmchairAce1944@discuss.online 7 months ago
I have just one year before I pay off my phone and I want to get a degoogled phone. I wanted my current phone degoogled… but due to the breakage of my previous phone it was a bit of an emergency and I didn’t have time to do proper research.
SaharaMaleikuhm@feddit.org 7 months ago
Honestly just get a fairphone. They are repairable, the work well with custom roms and their devs even contribute drivers straight to the linux kernel so the support for proper linux on those phones is great too. You won’t find more freedom than that on a phone.
NoodlePoint@lemmy.world 7 months ago
Nah, PCs are easier to install anything we want. Corps trying to lock out Linux would be like shooting themselves in the foot.
Phones are what they would like to get a tighter leash on, because it has become a device that nearly everyone buys more than PCs due to them being more usable and cheaper, and thus a bigger revenue channel.
crimsonpoodle@pawb.social 7 months ago
I mean they could always use VMs or docker vs locking the actual base level OS
NoodlePoint@lemmy.world 7 months ago
Yeah, but that’s not for everyone else, unfortunately.
quick_snail@feddit.nl 7 months ago
You’re describing Secure Boot. It happened years ago.
And, btw, the Android thing also doesn’t affect anyone without gapps. Chill out.
Dumhuvud@programming.dev 7 months ago
You’re describing Secure Boot.
Secure Boot is literally configurable. You can create your own key and sign whatever you want with it. See sbctl.
quick_snail@feddit.nl 7 months ago
Yes and no. Most firmware this is impossible.
xePBMg9@lemmynsfw.com 7 months ago
If you change platform keys, it looks to me like you can brick your system if hardware component drivers that execute during boot are signed by microsoft keys.
Microsoft will make sure many of their partners sign hardware drivers with their keys to be windows 11 certified of course. No other reason.
They will encourage manufacturers to only allow secure boot in UEFI. Then at some point they will stop signing UEFI loaders, like shim, that linux distros rely on to boot.
okamiueru@lemmy.world 7 months ago
There is no requirement for it, and can be disabled
SaharaMaleikuhm@feddit.org 7 months ago
For now.
quick_snail@feddit.nl 7 months ago
Exactly.
nibbler@discuss.tchncs.de 7 months ago
And, btw, the Android thing also doesn’t affect anyone without gapps. Chill out.
so only 99% are affected, that really calms me down.
Manny services that are connected to finance/payment require gapps, car sharing, banking etc.
quick_snail@feddit.nl 7 months ago
Don’t install gapps. And ffs don’t use banking on insecure devices anyway
quick_snail@feddit.nl 7 months ago
When I was tasked with buying laptopa for a company, I made sure to test Linux compatibility on every machine. If the model didn’t support Linux, we didn’t buy it.
Most of the devs were windows users, but there were enough devs and sysadmins that preferred Linux that it just made more sense to only buy hardware that supports both windows and Linux.
Corporate pressure would never allow such lockdown in the market
mrfriki@lemmy.world 7 months ago
I see Apple doing it, not because they are Apple but because they control the whole manufacturing process, so they wouldn’t need to negotiate with third parties. That’s what has happened in the mobile industry. In the PC side of things you would need to sit in a table: the CPU, OS, and probably GPU and MOBO manufacturers to negotiate, and knowing how greedy they all are, I don’t see it happening anytime soon. But hey, anything is possible in this dystopian society we live in.
Harbinger01173430@lemmy.world 7 months ago
Wasn’t amd pluton or something going to do that?
I just bought a new and CPU and Chinese motherboard and I could still install Ubuntu without problems
ZILtoid1991@lemmy.world 7 months ago
I have a feeling, that Windows 12 PCs will be just glorified smartphones with voice control as the default.
surph_ninja@lemmy.world 7 months ago
That’s the whole intention of requiring TPM for Windows 11. It’s coming soon.
They also banned Kaspersky in the states because they weren’t whitelisting state malware.