The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.

  • argv_minus_one@beehaw.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    you need a Microsoft signed stub to boot anything other than Windows on a PC

    False. Every PC I’ve had has allowed Secure Boot to be turned off, and some of them allow me to add another trusted certificate as well.

    you need Apple’s blessing to boot anything on a Mac

    False. The Mac boot process is completely unlocked, at least on Intel Macs.

    your smartphone manufacturer decides whether you can unlock it and lose attestation

    My Pixel 6 allows me to unlock the boot loader at any time.

    Attestation exists, unfortunately, but it’s not nearly as pervasive as you seem to think.

    This is the next logical step, to add “web app” attestation, since the previous ones had barely any pushback

    Uh, there was huge pushback. That’s why even a Microsoft Surface won’t stop you from installing Linux.

    • pseud@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      your smartphone manufacturer decides whether you can unlock it and lose attestation

      My Pixel 6 allows me

      GOTO 10

    • abhibeckert@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      The Mac boot process is completely unlocked, at least on Intel Macs.

      On Modern Macs, the process is somewhat convoluted, but you are able to boot into a custom compiled boot loader / operating system while secure boot is enabled. It just needs a few minor hoops to sign the boot loader - steps that would be difficult to social engineer around but perfectly reasonable to do them intentionally if installing an alternate operating system is your thing.

      iPhone is, of course, a different story. Hopefully that changes some day. The CPU and boot process is the same as a Mac, so there’s no reason it couldn’t be unlocked. Might require government intervention though.

      • argv_minus_one@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It just needs a few minor hoops to sign the boot loader - steps that would be difficult to social engineer around but perfectly reasonable to do them intentionally if installing an alternate operating system is your thing.

        Does that not create a barrier for entry for non-technical people looking to use an alternative operating system?

    • Something Burger 🍔@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      My Pixel 6 allows me to unlock the boot loader at any time.

      By doing that, you no longer pass SafetyNet, and some apps refuse to work without it. If unlocking your device removes features, then you aren’t really allowed to do so.