[realusername]

The raspberry pi example is an even worse implementation of secure boot using an absurd write only once scheme for the keys.

That's just creating more ewaste, nobody can ever use that device normally again and it cannot be resold.

[CircleSpokes]

I don't think its absurd at all. It isn't required in anyway (opt in), lets you use your own keys (no preinstalled microsoft or other bigcorp keys), and isn't possible for someone to modify what keys you installed.

Of course if you lose your keys you can't sign anything else and that would make it basically ewaste, but most things end up as waste when you take actions that are reckless and can't be reversed (which is what losing the keys would be). Plus tech tends to ends up as ewaste after less than a decade anyways. Like sure you could still be using an AMD steamroller CPU but realistically after 10 years you'd be better off using a cheaper more power efficient chip anyways.

[realusername]

> Plus tech tends to ends up as ewaste after less than a decade anyways. Like sure you could still be using an AMD steamroller CPU but realistically after 10 years you'd be better off using a cheaper more power efficient chip anyways.

I'm not sure what you are trying to argue but people routinely buy used computers on market place. Rasperry pies with locked keys are essentially paper weights once the owner doesn't want to use them anymore.

And realistically, the biggest ewaste generators are especially smartphones nowadays which are too locked to be reused well.

[tzs]

> I'm not sure what you are trying to argue but people routinely buy used computers on market place. Rasperry pies with locked keys are essentially paper weights once the owner doesn't want to use them anymore.

Why can't the owner who wants to sell their locked Pi give the buyer the key?

[realusername]

Because presumably they are not going to use one key per raspberry they own? Who would complicate their setup like that?