[bubblesnort]

The downside is that one company holds the keys to the castle for this particular security scheme.

Also, saying freedom requires technical knowledge and fiddling is a non sequitur. Technical knowledge and fiddling is possible with freedoms 1 and 3. Without technical knowledge and fiddling you still benefit from freedoms 0 and 2. Thus, software freedom applies to everyone irrespective of skill level.

[rollcat]

> The downside is that one company holds the keys to the castle for this particular security scheme.

And how exactly does that take away any of your freedom? You can still disable any or all parts of the verification chain at will, or enroll your own keys. No privilege has been taken away from you.

If you truly cared, you'd advocate for a way to make managing a self-signed trust chain less cumbersome, but you're instead advocating for the user to choose whether to compromise their security entirely. It's a lose-lose situation for a free software platform, ideally the user does not have to choose any compromises.

The tech world is full of mono/oligopolies. You're running an x86 CPU from one of two vendors, using a browser engine either made by Google or paid for by Google, etc. Not depending on any "one company" is as simple as not using a computer at all. Is that a compromise that you'd be ready to suggest?

> Thus, software freedom applies to everyone irrespective of skill level.

Only if your definition of freedom is as narrow as the fundamentalistic "four software freedoms". To someone else, their definition of computing freedom may go more like "I want to play my favourite computer game, but I only have one hour left this evening". At that point, "irrespective of skill level" is an utter lie: most games are significantly more difficult to run on free OS's.

Unless you mean Steam, but isn't that a platform owned by a single company?...

[bubblesnort]

You're missing the point entirely and brought a plate of red herring to the table.

I could roll keys for my own computer, but freedom 3 falls flat on its face when everyone elses private key is kept secret by one company. People unknowingly trust one company for their "security", while in fact the "security" in this entire scheme boils down to securing stock gain. You can hardly blame the consumers for buying computers that come pre-compromised with vendor-specific keys as the change was touted as "more secure". Secure, again, in the sense that it secures even more money in already deep pockets. Those who can't change their OS or can't easily tick a box on a security checklist will stay on the prerolled platform.

Not being dependant on any one party is an effect of having freedom. Not a prerequisite.

And you conflate software freedom with personal freedom. The four freedoms you call narrow and fundamentalistic, apply to software. You argue no privilege is taken away from me, which is correct, but that also applies to the four software freedoms. I choose not to buy games that don't work on the OS I run. That's personal freedom. The software I write is free on its own to end up on anything from a roll of toilet paper to critical mission control systems. I don't care because it's free as in freedom on its own.

[rollcat]

> I choose not to buy games that don't work on the OS I run.

That's your personal choice. All I ask is that you don't advocate for narrowing down the personal choice for others.

> I don't care [...]

Yeah, that's the real problem here. When your needs are met, you don't care.

[bubblesnort]

You have it backwards. One company holding the keys hurts personal choice for everyone.

And again you conflate software freedom with personal freedom. The needs of any particular piece of software are outlined in its license. My personal choice is to prefer hardware that works fine without non-free software, because I need a different level of trust than you.

[rollcat]

> One company holding the keys hurts personal choice for everyone.

I understand why you like to hate on Microsoft (they have a long track record of playing dirty), but the actual keys that are preloaded into hardware that ships with UEFI are ultimately the choice and responsibility of individual OEMs (Lenovo, HP, Dell, etc etc), and some of them are directly accountable for major screw-ups in this area - while others ship systems preloaded with a free OS, and go the extra mile to verify that you have the means to install your own. Microsoft could give zero fucks about cooperating, but rather than making this an impossible problem to resolve between every individual OEM and every individual distro/OS, they chose to sign a shim, so that everyone can play with everyone. I do not dismiss this as a possible threat vector, but please consider the wider picture.

What I don't understand is why you're hyperfixating on hating Microsoft (which, 13 years in, still haven't made an aggressive move in this area), while Intel[0] puts an entire dedicated core, with its own -completely opaque and unauditable- OS, network interface, and a long track record of security holes, into every CPU they've shipped in the last 15+ years, with no user choice/control over that whatsoever.

[0]: https://en.wikipedia.org/wiki/Intel_Management_Engine

> [...] because I need a different level of trust than you.

Do you trust your CPU vendor - Intel? AMD? Apple? Qualcomm? Broadcom? Any other piece of silicon (hint: PCIe) that has unrestricted R/W access to your entire RAM? (Or did you even check if your system has an IOMMU, let alone who made it, how it's configured?)

I'm not dismissing the issue you're hyperfixated on, but the points you're raising are irrelevant in light of much more direct threats. You can't trust the software if you can't trust the hardware.

"Reflections on trusting trust" by Ken Thompson[1] is a 40yro classic, we are a looong way from that even if you dismiss hardware entirely and only consider trivial software-only supply chain attacks[2], and yet all you can see is the source code.

[1]: http://genius.cat-v.org/ken-thompson/texts/trusting-trust/

[2]: https://research.swtch.com/nih

My own need for trustability includes the need to continue trusting my laptop after I've left it unattended for one minute. SecureBoot&co is currently the most practical way to even detect boot chain tampering. Evil Maid[3] has been described 15 years ago - this is centuries in the black hat world, and free software developers (yes - you and me) are the most valuable targets, because of our work's potential far-reaching impact on the community.

[3]: https://en.wikipedia.org/wiki/Evil_maid_attack

If you develop software, and dismiss this class of problems, you become a liability to your users and/or employer - they can no longer trust you.

> And again you conflate software freedom with personal freedom.

I do not conflate them, I recognise software freedom as an aspect of personal freedom - but ultimately it is your own personal choice, which freedoms do you value the most. The vast majority of people using FOSS are anything but interested in compiling their own bootloaders/kernels, because we don't do boot-chain development work and instead we want this part of the OS to be stupid, simple, reliable, and secure, so that we can be free to focus on our actual work.

The "stupid, simple, reliable, and secure" part is the very thing that's missing from the entire Linux ecosystem and why I'm usually a vocal opponent of everything-Poettering, choosing to run OpenBSD where I can - their FDE[4] is orders of magnitude simpler/easier to audit than the bloody mess that is UEFI-shim+GRUB+Linux+initrd+cryptsetup. Again, if you actually cared, you would be advocating for software that is easier to audit. Source code that you can't read/comprehend is no better than a binary blob.

[4]: https://www.openbsd.org/faq/faq14.html#softraidFDE; the entire disk decryption code fits directly into the bootloader, thus even the kernel is encrypted.

[bubblesnort]

You're free to empty your wallet to the corporation you mentioned, while really it's just pissing into the ocean.

The point I'm making is that software freedom can be hurdled by so-called "security" measures. When a bootloader can reject something you built yourself or a friend on the basis it didn't come from a large corporate software vendor, the computer places more trust in its manufacturer than its owner. This is especially problematic with smartphones and tablets.

There was a time when computers weren't pre-programmed to judge what the user is doing. You could load up any program and it would execute it. You could say this is insecure, but that depends on how you look at the problem. SecureBoot has been proven to be ineffective at securing the boot process, but effective at thwarting attempts to replace MS-Windows with Linux. Apple and Google are even more hostile, with the former openly admitting they isolate their users by calling attempts to bypass their scheme "jailbreaking". It doesn't matter which multi-trillion dollar company is doing it, they're all hostile towards software freedom in my opinion.

Your argument on Intel is just red herring to me. 2 wrongs don't make a right. It's like saying corporate greed is okay because there's always bigger corporate greed out there. Whereas I'm de facto against all moves that hurdle software freedom.

I haven't taken the time to read the documents you linked, but it appears you're making a strong case against supply-chain attacks. For now, I think there's still plenty of room for disagreement much like how computers in military zones can be made deliberately insecure by our petty citizen standards, simply because their threat model is something else entirely.

I don't want blobs because as you allured to, there's a real need to be able to inspect hardware and software for correctness. Any blob that gets in the way of that, I want it gone forever.

Even if you don't do bootloader programming, I think its good practise to build as much as you can yourself. Gentoo happens to be a good fit for this on the GNU/Linux side as you can build everything but also intervene only for those few packages you really want to have fixed a particular way.