[michaelmrose]

Even if you turn secure boot off you cannot grant for love or any amount of money permission for software of your choosing to access the built in storage which is pretty much required for normal people to be able to run software of their choosing on the machine.

Few people will buy equivalent external ssd storage for 300-500 and carry it around with them to have access to a second OS.

There is absolutely no reason to believe that they will ever act to increase your ownership of your own device and every reason to believe that you will ultimately have about the same privileges as someone using their employers machine at work while being expected to fall full freight.

It's especially bemusing when you understand that evil maid is almost nonexistent in reality while your actual loss of freedom has real effects now.

[geofft]

What software of your choice have you attempted to use, where did it fail, and what's the stack trace?

Given that Windows works, it's hard to believe that any issues accessing internal storage are a result of permissions. It just sounds like nobody's implemented Linux support for the hardware. Why don't you?

If you're not able to either spend time writing a driver or hiring someone to do so, you have no meaningful ability to exercise your software freedom. You might be lucky if someone else implements support; you might not. But that's always been true.

[angelsl]

Windows works on the new MacBook not because it has special drivers for NVMe-via-T2 but because Apple trusts Microsoft's EFI key.

So no, stop it with all this "Linux works if you just disable Secure Boot" nonsense. It doesn't. You can run Linux from a USB key, sure, but it can't access the internal NVMe SSD!

[comex]

Judging by this post:

https://unix.stackexchange.com/a/479544

It looks like some kind of driver issue, not an intentional lockout.

To corroborate this, while I don’t have personal experience running Linux on T2 devices, I do know it’s possible to build xnu from source and boot the resulting unsigned kernel (in “No Security” mode) without the disk disappearing.

[geofft]

Please provide evidence for this causal link. It is true that (with Boot Camp enabled) the firmware trusts the Windows key and not the MS third-party key. It is true that Windows can access the disk and Linux cannot. It is not obvious that these are related.

[michaelmrose]

Why don't I in my free time implement driver support for a machine I can't afford for a company with almost 300 billion in cash equivalents who has benefited massively from open source but wont even provide specification so that someone can do the free work for them effectively?

Why don't they send me a laptop along with the specs one of their engineers feels sufficient to implement support?

[geofft]

"No one is going to give you the education you need to overthrow them." "The master's tools will never dismantle the master's house."

If you want freedom—real freedom—you'll have to work for it. You can't just wish for the powerful to let you borrow some of their freedom.

[michaelmrose]

I build custom desktops on which I install linux. My router runs linux. I have a thinkpad on which I've installed... you guessed it linux.

I'd love to give something like the librem phone a whirl but I really can't upgrade from my nexus 5 just now.

I am just calling out Apple for boiling a bunch of frogs slowly.

[vetinari]

No matter now much time you spend writing your driver, until your kernel has the "correct" signature, it was wasted effort.

So unless you point out a method, how to factor the right key, all your suggestions are a waste of resources that lead nowhere.

[geofft]

Please provide evidence for this claim.

[bengale]

This is a driver issue.

[kartickv]

Huh? You can absolutely grant software of your choosing permission to access the built in storage. How else does Windows or Linux on Mac work?

[dahfizz]

I believe they are referring to the fact that linux (and non boot camp windows) cannot access the SSD on T2 equiped macbooks. People seem to disagree if it's the T2 itself or just a driver issue with apples proprietary controller.

[kartickv]

According to https://www.omgubuntu.co.uk/2018/11/apple-t2-chip-cant-boot-... you just have to turn off the extra security.

[michaelmrose]

Nobody ever said you can't disable secure boot and boot from an external drive. The point is that you can't access the expensive and essential internal storage where all your data lives. Here is an equivalent product a thunderbolt external nvme ssd 480GB for about $300.

https://www.amazon.com/Plugable-Thunderbolt-External-Compati...

If you don't mind spending hundreds of dollars, carrying around a second slightly awkward box wherein if you accidentally unplug it your computer crashes, and if you continue to use osx ferrying data between a and b periodically you too can run linux.

It would be utterly fantastic if people didn't keep responding to reports of the actual problem with articles like this which actually don't even touch on the item at hand.

[kartickv]

People are responding this way because there are contradictory reports out there. Some sources, like the one I linked to and Apple's T2 security document, say you can run Linux without mentioning that you need an external drive. Have you tried disabling security as Apple suggests and installing Linux?

[michaelmrose]

There seem to be several individuals making the claim that you can boot linux if you disable secure boot I have heard zero people claim that linux can access the internal device.

As far as I can see all primary sources are saying the same things. Then people who don't have the hardware are misreading said reports and spreading misinformation.

I don't have the hardware either so I can give you no direct report myself. I just bothered to read what people are saying instead of skimming and guessing.