- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Linux users who have Secure Boot enabled on their systems knowingly or unknowingly rely on a key from Microsoft that is set to expire in September. After that point, Microsoft will no longer use that key to sign the shim first-stage UEFI bootloader that is used by Linux distributions to boot the kernel with Secure Boot. But the replacement key, which has been available since 2023, may not be installed on many systems; worse yet, it may require the hardware vendor to issue an update for the system firmware, which may or may not happen. It seems that the vast majority of systems will not be lost in the shuffle, but it may require extra work from distributors and users.
Even if the code is there, you will need someone to maintain that code. Easier or not, even in a git repository, those individual components will eventually not have the support necessary to patch it.
If an eight year old usb controller has flaws, and the manufacturer is not maintaining that git repository anymore because they cannot possibly afford to hire someone to look at that code after so long, then it is going to keep those flaws. It wont matter if that code is proprietary or open source and included in coreboot. Its just simply not feasible to support hardware properly once most of the world has moved on to other products.
We agree that we can not expect companies to support products beyond the timeframe which they expect to sell and support their own products. Code under FSF approved licenses means that anyone can say, “I need this supported” and choose to pay anyone that they want to get support. Or at the barest minimum, ensure existing functionality is not removed from them, just because company A demands that you their customer should buy something newer and that it would be in their financial best interest to brick their customers’ shit.
I wish all the firmware for every motherboard was made public and open sourced. Even if a company has proprietary firmware/drivers, I would hope that once that product reaches end of life that they do in fact open source that code so that someone else can pick up where they left off.
I 100% agree that they should not brick their hardware once it reaches end of life. There might be someone out there who would take on the task of maintaining it, which is better than nobody maintaining it.