• ljrk@lemmy.161.social
    link
    fedilink
    arrow-up
    4
    ·
    4 years ago

    What a load of bullshit. You can, in fact, install the new Ubuntu versions and flavours, it’s just the upgrade path that isn’t there yet – which is actually quite common. LTS releases even wait for the .1 release before enabling upgrades.

    There are two sides of SecureBoot: The “MS is the only CA” side and the “You can have measured and signed boot”. The former is, unanimously, agreed to be bad. But this isn’t something the Linux community can protest by not allowing for the latter to happen.

    The latter is actually a really great addition wrt security. Your full disk encryption is shite when you pass borders, if you don’t sign your system binaries. Travelling, at least before Covid, wasn’t that uncommon, I’ve heard.

    All the cases where the FBI is whining about not being able to unlock iPhones? It’s because Apple uses a combination of signed, attested boot and encryption. Do we really want a Linux which is less secure than your average smartphone? Or even a fucking Windows?

    This “problem” here affects those who want to upgrade now. But this group is also capable to deactivate SB or custom-sign the shim. All regular users don’t care and upgrade when it’s ready.