this post was submitted on 14 Jan 2025
275 points (98.2% liked)

Technology

60456 readers
3951 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
275
Right to Root Access (medhir.com)
submitted 13 hours ago by Zak@lemmy.world to c/technology@lemmy.world
27 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] boreengreen@lemm.ee 51 points 11 hours ago (3 children)

The world would be a better place if locked bootloaders were not a thing. I agree that there needs to be laws in place to prevent the sale of these devices.

[–] henfredemars@infosec.pub 13 points 6 hours ago

I don’t have a problem with boot loaders doing cryptographic checks in general, as long as the ultimate decision lies with the device owner.

[–] Cocodapuf@lemmy.world 2 points 4 hours ago* (last edited 37 minutes ago) (2 children)

How do you feel about locked bootloader's on game consoles?

I figure this is one of those edge cases people might fall on either side of. But consoles are also a really large segment of the tech market, so it's worth thinking about.

[–] Abnorc@lemm.ee 2 points 26 minutes ago

I feel like consoles are targeted at a section of the population that doesn’t value freedom over how they use their hardware. Locked bootloaders on consoles are technically not good, but it’s almost like it’s part of what defines a game console. If it really valued the users freedom, it’d just be a PC. The steam deck and similar devices are changing that idea though.

[–] SomethingBurger@jlai.lu 4 points 1 hour ago

The PS3 used to have an unlocked bootloader with official Linux support. Sony removed it because of piracy. Of course, piracy is still possible, but as always, it's only an excuse to exert more control over customers.

[–] Zak@lemmy.world 47 points 11 hours ago (1 children)

Locked in the technical sense of being able to verify the operating system isn't a bad thing. The problem is when the device owner can't add signing keys of their choice.

The latter is what GrapheneOS does.

[–] Corngood@lemmy.ml 16 points 9 hours ago (1 children)

Something that worries me about that is attestation. This is the advice from the GrapheneOS Devs:

https://grapheneos.org/articles/attestation-compatibility-guide

They're asking app developers to trust their keys specifically, which would mean that the app might work on GrapheneOS, but not my fork of GrapheneOS with some cherry picked fix I want.

It would be much better if we stamped this out now, before all online services require attestation.

[–] Zak@lemmy.world 6 points 8 hours ago

Agreed. Microsoft proposed something along those lines under the name "Palladium" a couple decades ago and was widely criticized, even in the mainstream press. Apple and Google doing the same thing to our phones barely got a whimper.