That perception is what we need collectively to fight. It turns a world of makers into passive consumers and we’re worse off for it. There’s been a couple examples, where indeed that was the perception, and the products ultimately did get discontinued and leave millions of units to rot. Such a waste.
>The future of computing is that all code running on a device is one of the two S's: Signed or Sandboxed.
>To do otherwise presents unnecessary risk.
Unnecessary risk to whom? To monopolies that want to control the devices?
I would say the future is requiring open-source flashable firmware to every programmable chip on every piece on industrial or consumer equipment sold.
My vision of the future is farther away than the Signed&Sandboxed, but we should collectively take efforts to minimize damage from the near future of locked down devices controlled by unknown parties.
Unnecessary risk to everything and everyone else on the internet eventually.
AI will create perfect Sybil attacks. The reality dictates our need of a signal for humanness. To know an interaction is a real human and not an indistinguishable simulation of one. Picture if the internet was flooded with 100 trillion malign actors and trolls, each tireless, merciless, skilled at both social manipulation and cyber attacks, with no way to tell if they are real people or not. Even a live video call with them cannot be trusted, not even if they look and sound like someone you know.
We're not there yet, but how far out do you feel confidant in saying that will still be the case? Two years? Five?
> Unnecessary risk to everything and everyone else on the internet eventually.
AI will create perfect Sybil attacks. The reality dictates our need of a signal for humanness. To know an interaction is a real human and not an indistinguishable simulation of one. Picture if the internet was flooded with 100 trillion malign actors and trolls, each tireless, merciless, skilled at both social manipulation and cyber attacks, with no way to tell if they are real people or not. Even a live video call with them cannot be trusted, not even if they look and sound like someone you know.
And secure boot on ESP32s is what will save us from this dystopian vision of the future..?
We are talking about things like light bulbs and weather sensors.
They do not pretend to be humans, and will never run AI on the device itself, so there is no concerns about social manipulation.
But there are concerns (and many, many examples) of devices that rely on vendor's cloud.. and the vendor goes out of business, making devices useless. If there is no secure boot, people can flash alternative firmware and make devices usable again. If everything is signed, the device has to go to landfill instead.
It's unclear to me how locking down devices with signed firmware fits into that dystopia you are imagining, other than by making it impossible to fight back since you're not allowed to modify anything.
That’s fine, assuming we pass laws mandating that signing keys can be controlled by end users. Otherwise we end up where no-one really owns their devices any more, every device would be merely temporarily rented.
NVIDIA GPU Linux kernel modules must be self-signed to work with SecureBoot enabled; they must be self-signed every time they're updated by an akmod package upgrade.
So, it is necessary to remove the MS SecureBoot ~CApubkey and add the OS and local ~CApubkeys to the SecureBoot cert list with BIOS, and re-sign every module install|&build in order to work with NVIDIA (and probably also AMD?) in containers.
It's necessary and a fair expectation that users will continue to be able to remove and add x86-64 SecureBoot bootloader signing keys.
To do otherwise presents unnecessary risk.