Why do Linux bootloaders have to get a blessing from Microsoft? Why does even one machine exist that has a bios that lacks the supposedly spec mandated option for the user to install their own keys? Why are there keys preloaded on every machine that the user did not provide? Why do they all come from Microsoft? And why can't the user edit or remove them? Why can't the user decide that the MS keys are invalid and that things signed by them should not be allowed to run?
There are so many ways and proofs that this tech is not what it's sales pitch claims it's not even funny.
I can understand not being aware of the underhanded aspects by simply not being aware of anything about it. I can not understand being aware of what it is and how it works, and still being OK with it and defending it as reasonable, useful, not dishonest at all, and exerting no outside _and superior_ control over what is supposed to be the users own property and actions and associations.
They graciously, most of the time, allow you to also store some keys of your own in their vault they caused to be placed on your machine even if you didn't want it? How magnanimous and generous of them!
It's not a sales pitch, it's a very practical application for a TPM. Easy-to-use LUKS is nothing to scoff at for example. If you can't use it, that's your fault.
> Why do Linux bootloaders have to get a blessing from Microsoft?
Nothing to do with TPMs. The rest of the paragraph is nearly as misguided.
> They graciously, most of the time, allow you to also store some keys of your own in their vault they caused to be placed on your machine even if you didn't want it? How magnanimous and generous of them!
Yeah, it's so bad when you have extra hardware that you can utilize for your own purposes. It really is like blaming AES-NI being used for doing public key encryption with someone else's public key. Nobody should ever have anything they should want securely stored because some other technology out there is used in restrictive ways, sure. Obviously that's not true, you're simply pointing your finger at the wrong thing.
There's that sales pitch again.
Why do Linux bootloaders have to get a blessing from Microsoft? Why does even one machine exist that has a bios that lacks the supposedly spec mandated option for the user to install their own keys? Why are there keys preloaded on every machine that the user did not provide? Why do they all come from Microsoft? And why can't the user edit or remove them? Why can't the user decide that the MS keys are invalid and that things signed by them should not be allowed to run?
There are so many ways and proofs that this tech is not what it's sales pitch claims it's not even funny.
I can understand not being aware of the underhanded aspects by simply not being aware of anything about it. I can not understand being aware of what it is and how it works, and still being OK with it and defending it as reasonable, useful, not dishonest at all, and exerting no outside _and superior_ control over what is supposed to be the users own property and actions and associations.
They graciously, most of the time, allow you to also store some keys of your own in their vault they caused to be placed on your machine even if you didn't want it? How magnanimous and generous of them!