That’s not at all what this about. Poettering has given quite a few talks about this subject, that being Linux boot chain verification and integrity.
One of the core concepts is measured boot. The TPM on your CPU measures the values of various pieces of software in the boot chain. If a measurement does not match, then the system will not boot because it could be compromised.
And unlike secure boot, this is a decentralized system. It’s not some corporation like Microsoft saying “this software is signed with this approved key, so it may boot”. It’s your own system checking the software and recording the expected value so that when you boot up, it checks again to make sure they match.
It’s not about apps asking doing things like DRM checks or anything like that. In fact, it can’t. GrapheneOS implements a system just like this to ensure the OS has not been tampered with.
The problem is that this value can be compared to a list of “allowed” values. Therefore it opens the gate to creating software that would require only certain “whitelisted” systems to run it. Such list can be easily updated automatically once those “whitelisted” systems update. Therefore an argument “updates would break it” do not actually work.
This is precisely how play integrity works on android. And Poettering intensions do not matter much. His system can be used like that and therefore it will be used like that.
That’s not at all what this about. Poettering has given quite a few talks about this subject, that being Linux boot chain verification and integrity.
One of the core concepts is measured boot. The TPM on your CPU measures the values of various pieces of software in the boot chain. If a measurement does not match, then the system will not boot because it could be compromised.
And unlike secure boot, this is a decentralized system. It’s not some corporation like Microsoft saying “this software is signed with this approved key, so it may boot”. It’s your own system checking the software and recording the expected value so that when you boot up, it checks again to make sure they match.
It’s not about apps asking doing things like DRM checks or anything like that. In fact, it can’t. GrapheneOS implements a system just like this to ensure the OS has not been tampered with.
The problem is that this value can be compared to a list of “allowed” values. Therefore it opens the gate to creating software that would require only certain “whitelisted” systems to run it. Such list can be easily updated automatically once those “whitelisted” systems update. Therefore an argument “updates would break it” do not actually work.
This is precisely how play integrity works on android. And Poettering intensions do not matter much. His system can be used like that and therefore it will be used like that.