Apple's new bootloader won't let you install GNU/Linux

Locking bootloaders with trusted computing is an important step towards protecting users from some of the most devastating malware attacks: by allowing the user to verify their computing environment, trusted computing can prevent compromises to operating systems and other low-level parts of their computer's operating environment.

But as with every security measure, there's a difference between "secure for the user" and "secure against the user." Bootloader protection that doesn't allow an owner to decide which signatures they trust is security against the user: security that prevents the user from overriding the manufacturer, and so allows the manufacturer to lock the user in.

Apple's latest bootloader protection, the controversial T2 chip, is a good example of this. The chip comes with a user-inaccessible root of trust that allows for the installation of Apple and Microsoft operating systems, but not GNU/Linux and other open and free alternatives.

There's no reason it has to be this way: Google's flagship Pixel Chromebooks come with hardware switches that can be activated during the bootup to allow their owners to change which signatures the system trusts (users can initialize these systems with passwords that prevent others from covertly altering the trusted root later). This gives users the best of both worlds: a system that, by default, protects them from malware, and, with should the user choose, allows them to nominate parties other than Google to decide whom they trust.

To make things worse, publishing tools to allow for bootloader overrides is legally risky under section 1201 of the DMCA, which provides for 5 year prison sentences and $500,000 fines (for a first offense) for anyone who trafficks in tools to override access controls for copyrighted works. Read the rest