The key affected here is specifically for the Linux shim signed by Microsoft.

And exactly that Linux shim signed by Microsoft is no longer valid because the Microsoft signature in the UEFI firmware is expired.

and you’re being kind of a jerk?

Please don’t troll and come back to the topic. GP was completely missing the topic, do you want to avoid it?

. If you disable Secure Boot, install a Linux distro, enrol that distro’s keys and then reenable it, you’re fine.

Um, given that Secure Boot prevents any modification of your computer’s boot chain - including installing another boot loader or OS - that’s not how it works.

At least that way you don’t depend on Microsoft’s keys and shim or anything,

The whole point of the article is that you do depend on their expired root key. You have produced a lot of text without even understanding the key issue. At that point I am wondering whether all that text was produced by an LLM?

That said, I’ve always just enrolled my own keys.

That does not help if the master key in the key chain is expired.

Sure you can disable Secure Boot. But a password-protected BIOS is secured by TPM again. High levels of security always carry a risk of locking oneself out.

As commenters on the LWN thread said, I doubt that many firmwares even bother to check anyway. My motherboard happens to have had a bug where you can corrupt the RTC and end up in 2031 if you overclock it wrong.

Seems it compares the expiration date of the UEFI key with the signature date of the bootloader / OS keys. (See the comments on the LWN article, some are far more knowledgeable than I am.) So, no, it does not require a working on-board clock to lock you out if you are not extremely careful and fully understand each part.

Can you explain the detailed reason why you think that? Voicing opinions is nice of course but explaining the thought process and logic is, I think, almost always more interesting to other people.

To start with, what do you think is the “normal users” threath model? And, for example, if one happens to be a member of any of the various minorities that authoritarian governments of every color happen to single out and persecute in your countries case, what would you want to protect from? Or if you are, say, a lawyer, and have a professional obligation to protect sensitive data from theft?

And by the way, Intel motherboards which are running your Linux system may contain a copy of Minix - yes, the Minix from the historic Tanenbaum vs. Torvalds debate - which runs below the OS in the system management mode engine and is controlled by the vendor, which can e.g. update firmware via the network. SMM is normally not visible by the user but it can cause problems e.g. for real-time applications because it has higher privileges than the kernel and can interrupt all of the kernel at any time.

The details are complex; it has humorously been called “security by security”.

Hobby Linux users could, as far as I understand , simply disable UEFI secure boot (after weigthing carefully what secure boot provides to them, and what it does not provide). Otherwise, they’ll need a firmware upgrade before any upgrade to a new OS / bootloader chain.

Small companies which use old laptops with Windows might be bitten hard by this because they can become locked out of their hardware with no way to update it, or even make a backup!

Your comment sounded like you were primarily concerned about the shell script piping rather it just being a program which can be downloaded without going through distro packages.

The AUR install scripts are just downloaded shell scripts which are executed (hopefully after inspection).

curl | bash just skips the inspection step - curl downloads to stdout, bash executes from stdin.

That is why Debian uses digital pgp signatures for all packages. And the GNU project uses strong cryptographic hashes for install packages.

Wait what happens once some government or state actor hacks rust’s install script rustup with its curl | bash install procedure and relying on TLS certificates which are e.g. issued by the Russian government. (No, the rust project won’t use a Russian/Chinese/US Gov certificate but your browser will trust near all of them…)

The affected malicious packages are:

• librewolf-fix-bin
• firefox-patch-bin
• zen-browser-patched-bin

What a nice attack on privacy-friendly infrastructure.

And then, Arch AUR has such suspicious things like the Brave browser which claims to reduce tracking… and works together with advertisers.

To be clear, AUR is fantastic if you develop some experimental package and you want to give it to your friends to try it out easily. But not as a general distribution mechanism.

BTW python’s package index has roughly the same problem - but a far less technical, experienced and critical user base. NPM has this problem since years.

Expect these problems to rise with every percent more of new Linux users which never learned the difference between opening / viewing untrusted data, and running untrusted code, because Windows basically ignores this essential concept and Android tries to solve that with sandboxing each app.

Microsoft has been making Windows worse. I feel more that this is Microsoft’s fault, they have abandoned the development of desktop Windows and the advancement of support for modern processor designs and gaming hardware.

Moores law is dead since a long time except for graphic cards and GPUs. This means you can’t keep adding things to desktop software in the style of “What IBM giveth, Microsoft takes away”.

Existing development paradigms don’t add significant qualities to many-processor hardware.

Which also explains part of the AI craze. It is investment money searching for a sensible use.

After getting to 1% in approximately 2011, it took about a decade to double that to 2%. The jump from 2% to 3% took just over two years, and 3% to 4% took less than a year.

Could be exponential growth.

Now, jujutsu covers almost the same with < 10% of that complexity and less than 10% of the documentation - simpler but the same power.

And from what I can tell it’s much easier to do a git pull upstream master than to do jj new skdfsld dskfjas since you’ll likely have to lookup those hashes? I mean I wouldn’t remember them.

One takes them from the last commit log and uses the first few letters. Steve Klabnik shows how they are used in practice. It makes no sense to repeat it here.

So you think that git has already a perfect user interface?

Yeah you can undo undo and also resurrect undone states.

If the readability of the commit history really does not matter to you - for exsmple, nobody needs to read this code again - it’s possible that jj does not give you enough advantage. Everyone works different.

I have to admit that in spite of having used git for about 20 years, I never used reflog. And even with magit I did stuff like rebase rarely. I found it costing too much time to read the man pages again every time and meditate what would happen with “reset xyz”.