> What prevents Microsoft from mandating removal of enrollment permissions for user keychains and Secure Boot toggle, hence every Linux distribution has to go through Microsoft's blessing to be bootable?

Why are you buying hardware that Microsoft controls if you're concerned about this?

With TPM, Microsoft controls practically all the Intel hardware.

Not all. The ones that ship Linux preinstalled and with support don't.

I hope you are mistaken. It's embarrassing how far behind in security the desktop Linux ecosystem is.

Agreed in general. But regarding secure boot, it's not like shim actually helps with real security either afaiu, right?

AFAIU (I haven't looked much into it) shim basically exists so that MS signs the shim once (or only a few times when updated), which has the distro public key embedded, which does further verification of the chain (bootloader/kernel) which gets updated more frequently.

That's basically my understanding too. But since you can still boot any shim-supported distro, Secure Boot + shim practically gains you nothing. An adversary can simply boot their own own copy of shim with whatever OS they like.

> An adversary can simply boot their own own copy of shim with whatever OS they like.

They'd need to get MS to sign it first, but otherwise yea. That's why I remove the MS keys on my non-windows systems.

I don't know all the ins and outs, but because of the Machine Owner Key (MOK) mechanism in shim, it should be possible to boot arbitrary OSes without MS signing anything.

Your step of removing the MS keys works of course :) Although I've heard that can be risky on various systems that need to load MS-signed EEPROMS. Also I think that firmware updates can be problematic?

> Although I've heard that can be risky on various systems that need to load MS-signed EEPROMS

Yea, I bricked a Gigabyte board and still haven't been able to fix it. I just replaced it with an Asrock board and that has settings for what to do with option-rom when secureboot is enabled (always execute, always deny, allow execute, defer execute, deny execute and query user) and I have no clue what half of them specifically do (like, does "allow execute" only execute if a matching key exists and doesn't execute if it doesn't? and what is the difference between "always deny" and "deny execute"? and defer to when??). But I just set it to always execute and my problem is solved.

I believe you are confusing security with freedom and "behind" with "advanced".

They have a TPM that you can enable and add your own keys if you want to.

For now.

On the other side, Mulvad is looking at remote attestation so that the users can verify their servers: https://news.ycombinator.com/item?id=29903695

Glad to hear it! I am not surprised given the names and the fact you're at FOSDEM.

> I always say a Pixel, because they will at least get the latest OS support in a timely fashion.

You can also install e.g. GrapheneOS after Google stops supporting them. https://grapheneos.org/faq#supported-devices

GrapheneOS only updates Pixels for as long as Google does. All their supported devices currently receive the stock OS updates from Google. LineageOS is different in that regard.

Even something already available off the shelf!

https://www.fsf.org/blogs/membership/jitsi-meet-an-often-ove...

One of my networking groups uses Jitsi. It's fine.

It's pretty awful to setup compared to the Livekit-based solution.

Was going to say the same thing about emacs: https://news.ycombinator.com/item?id=42256409

What is share dot google? Here's the real link: https://news.ycombinator.com/item?id=42256409

Bah. It's what chrome on Android is doing now when I ask it to give me the link. Fixed it. Thanks!

I had searched for it in the search bar at the bottom of the home screen, which opened it in a chrome window. If you tap the share icon on the top right, you get the share.google link. If you tap the three dots and then something like "copy link" you get the actual link.

Emacs is a full IDE, not just a quick one-off editor. Its power comes from having everything scriptable from the ground up. Contrast this with the modern Extension concept, where there is a hard line between the editor's code and any changes you might want to make to its behavior.

I think vim is probably similar, but I've not gotten into it that much.

Exactly, and infact vim is very simular, neovim in my case extensible through lua scripts as an example. It's as light or feature packed as I like.

Contrast that to Eclipse and Visual Studio (not vsCode) and it's clear why the larger IDE's are falling out of favour.

It necessarily increases the concentration of power in the hands of the few. Some of you may recall a statement about power corrupting, etc.

Just on the face of it: extending the idea of company towns to an entire _nation_ seems bad to me on paper.