The `base` hook installs the shell PID 1, the `systemd` hook installs systemd as PID1. The default hook setup was changed with the latest'ish release to default too the `systemd` hook setup.
> Maintainers: You’re a primary maintainer or core team member of a public repo with 5,000+ GitHub stars or 1M+ monthly NPM downloads. You've made commits, releases, or PR reviews within the last 3 months.
Laughable.
This is a tiny, if even unimportant, fraction of the FOSS community that runs the modern tech stack.
I'm tired of grub too. That's one of the packages on my shitlist. Currently it is broken on my system, as it has been in the past from time to time. I'm tired of the unreliability and have decided to write my own bootloader instead. It will be simple and bulletproof.
I already laid the basic foundation and have the kernel loading into memory and booting. Next step is to get the memory map and pass that along. It's BIOS only for the moment; EFI support will come later, along with other architectures. (PowerPC is next.)
Secure Boot allows you to enroll your own keys. This is part of the spec, and there are no shipped firmwares that prevents you from going through this process.
Android lets you put your own signed keys in on certain phones. For now.
The banking apps still won't trust them, though.
To add a quote from Lennart himself:
"The OS configuration and state (i.e. /etc/ and /var/) must be encrypted, and authenticated before they are used. The encryption key should be bound to the TPM device; i.e system data should be locked to a security concept belonging to the system, not the user."
Your system will not belong to you anymore. Just as it is with Android.
Banks do this because they have made their own requirement that the mobile device is a trust root that can authenticate the user. There are better, limited-purpose devices that can do this, but they are not popular/ubiquitous like smartphones, so here we are.
The oppressive part of this scheme is that Google's integrity check only passes for _their_ keys, which form a chain of trust through the TEE/TPM, through the bootloader and finally through the system image. Crucially, the only part banks should care about should just be the TEE and some secure storage, but Google provides an easy attestation scheme only for the entire hardware/software environment and not just the secure hardware bit that already lives in your phone and can't be phished.
It would be freaking cool if someone could turn your TPM into a Yubikey and have it be useful for you and your bank without having to verify the entire system firmware, bootloader and operating system.
> This is part of the spec, and there are no shipped firmwares that prevents you from going through this process.
Microsoft required that users be able to enroll their own keys on x86. On ARM, they used to mandate that users could not enroll their own keys. That they later changed this does not erase the past. Also, I've anecdotally heard claims of buggy implementations that do in fact prevent users from changing secure boot settings.
Don't get me wrong, I'm happy to attribute a lot of malice to Microsoft, but in this case I really do believe that it was incompetence. Everything I've ever read about 90%+ of hardware vendors is that shipping hilariously broken firmware is an everyday occurrence for them.
This reminds me of when I enrolled only my own keys into a gigabyte AB350 and I just soft-bricked it because presumably some opt-rom required MS keys.
I exchanged it for an Asrock board and there I can enable secure boot without MS keys and still have it boot cuz they actually let you choose what level of signing the opt-rom needs when you enable secure boot.
What I want to say with this is that it requires the company to actually care to provide a good experience.
Note that the comment you replied to does not even mention phones. Locked down Secure Boot on UEFI is not uncommon on mobile platforms, such as x86-64 tablets.
I wish the myth of the spec would die at this point.
Many motherboards secure boot implimentation violates the supposed standard and does not allow you to invalidate the pre-loaded keys you don't approve of.
> The TPM has nothing remotely resembling per-user PCRs.
The system could extend one of the PCRs, or an NVPCR, with some unique user credential locked to the user directory. Then you can't recreate the PCR records in any immediate way.
But you can't just recreate a key under one of the hierarchies anyway. You still need to posses the keyfile.
> The system could extend one of the PCRs, or an NVPCR, with some unique user credential locked to the user directory. Then you can't recreate the PCR records in any immediate way.
Sure, but can the system context-switch that PCR between two different users?
> but for almost any economically important project all the major contributors and maintainers are on the payroll of one of the big tech interests or a foundation funded by them.
"almost" is the load bearing word here, and/or a weasel word. Define what an "economically important project" is.
> Also just to be clear: node is filled with povertyware and you should be extremely careful what you grab from npm.
Is "povertyware" what we call software written by people and released for free now?
> "almost" is the load bearing word here, and/or a weasel word. Define what an "economically important project" is.
Linux, clang, python, react, blink, v8, openssl... You know what I mean. I stand by what I said. Do you have a counterexample you think is clearly unfunded? They exist[1], but they're rare.
> Is "povertyware" what we call software written by people and released for free now?
It's software subject to economic coercion owing to the lack of means of its maintainership. It's 100% fine for you to write and release software for free, but if a third party bets their own product on it they're subject to an attack where I hand you $7M to look the other way while I borrow your shell.
[1] The xz-utils attack is the flag bearer for this kind of messup, obviously.
Unfunded is kind of a stretch, but at least libxml2.
Essentially "povertyware" as you call it when you consider the trillion dollar companies built on top of them? Now that's way easier: SQLite, PostgreSQL, ffmpeg, imagemagick, numpy, pandas, GTK, curl, zlib, libpng, zxing or any other popular qr/barcode library, etc...
> Linux, clang, python, react, blink, v8, openssl... You know what I mean. I stand by what I said. Do you have a counterexample you think is clearly unfunded? They exist[1], but they're rare.
For Linux "all the major contributors and maintainers are on the payroll of one of the big tech interests or a foundation funded by them" is simply not true. It's trivial to prove this by just looking at the maintainers of the subsystems. Making this claim is nonsense to begin with.
Same is true for several major contributors to the Python compiler and subsequent libraries as well.
You will move the goalpost by trying to narrow down what "major contributor" means.
> It's software subject to economic coercion owing to the lack of means of its maintainership. It's 100% fine for you to write and release software for free, but if a third party bets their own product on it they're subject to an attack where I hand you $7M to look the other way while I borrow your shell.
So without knowing anyone you are making a value judgement on the (probable?) lack of ethics? Excuse me?
> Who exactly are you thinking of that needs a job but doesn't have one?
That is not your claim. Your claim is that they "are on the payroll of one of the big tech interests or a foundation funded by them". Which is simply not true.
You can easily find several maintainers of these projects doing this as their part-time hobby project, have cut a deal at work or simply don't work at place that funds Linux development.
I'm not going to call out individual I know the situation and/or their employment history.
So blocking Kiwifarms took.. months of activism and loud complaining. Heraled by Matthew as "this is an extraordinary decision for us to make and, given Cloudflare's role as an Internet infrastructure provider, a dangerous one that we are not comfortable with".
However a fine that amounts to ~0.7% of the annual revenue and they threaten to block an entire country?
Actually, the fine amounts to over 200% of Italy-sourced revenue ($17 million fine vs. $8 million in revenue in 2024). Why would you continue doing business in Italy?
They are a conglomerate and per Matthews words "an internet infrastructure provider". Why does the local revenue matter when they are serving a global market?
EDIT: And fwiw, "Why would you continue doing business in Italy?" is not what is being proposed. They are threatening to block 55 million people from ~20% of the world wide web.
They're threatening to remove servers from Italy. They're explicitly NOT threatening to block Italians from being able to access sites through Cloudflare.
I have my fair share of problems with CF, but I assume here that they're threatening higher latency (i.e. requests from Italian users would have to go to a neighboring country to be routed) rather than blocking.
How freaking expensive do you think infrastructure is? It's not that expensive, and certainly not anywhere close to the point where it would make a noticeable impact on GDP.
> EDIT: And fwiw, "Why would you continue doing business in Italy?" is not what is being proposed. They are threatening to block 55 million people from ~20% of the world wide web.
There is no mention of blocking people in Italy from using sites protected by Cloudflare. From the tweet:
> we are considering the following actions: 1) discontinuing the millions of dollars in pro bono cyber security services we are providing the upcoming Milano-Cortina Olympics; 2) discontinuing Cloudflare’s Free cyber security services for any Italy-based users; 3) removing all servers from Italian cities; and 4) terminating all plans to build an Italian Cloudflare office or make any investments in the country.
If they do not want to comply with introducing censorship, then withdrawing from Italy is the only other option.
Italian citizens and residents are unfortunately collateral damage.
What else could they do? The government represent the country. If their business model is not welcome there then they withdraw. It's very fair to say "if you insist on those rules I choose not to play". They owe Italy nothing.
Btw, I recently "threatened" Switzerland to withdraw my business from there because the cost of doing business there (complying with their VAT regulation) is higher than my revenue from there (maybe 1-2 licenses a year). The whole Switzerland will not be able to buy my software because of that. I didn't think of posting about it on Twitter though.
> What else could they do? The government represent the country. If their business model is not welcome there then they withdraw. It's very fair to say "if you insist on those rules I choose not to play".
They can just not threaten the population of Italy? They are a 2 billion dollar company that has apparently scheduled a meeting with the vice president of the US on short notice? This is going to be resolved politically.
> Btw, I recently "threatened" Switzerland to withdraw my business from there because the cost of doing business there (complying with their VAT regulation) is higher than my revenue from there (maybe 1-2 licenses a year). The whole Switzerland will not be able to buy my software because of that. I didn't think of posting about it on Twitter though.
You have not given "free services" to 20% of the world wide web that you are now using as leverage.
Politic is not separate from the population though. Pressure from the population (hopefully) sways political decisions. This is why google news pulling out of countries were public.
It absolutely is. Why should people receive a free service while their democratically elected officials enact laws that enable them to target global revenue in their fines?
Yeah that makes sense to me. If you come up to me and say “you have to arrest that guy; he’s stealing from me” I have to do a lot of research to make sure that everything is correct.
On the other hand, if I see you steal from me, I don’t have to do a lot of research. I am a first party to the thing. I can be sure.
It’s the difference between a policeman arriving on the scene of an assault and someone actually assaulting the policeman.
The acting party being the affected party simplifies things because you know you’re not a “confused deputy”.
He isn't threatening to block Italy, just to remove cloudflare's business from there. Anyone living and surfing from Italy would not be blocked by cloudflare from accessing any service provided by cloudflare.
> So blocking Kiwifarms took.. months of activism and loud complaining.
Kiwifarms isn't a pirate site. It's just another site that you think is legitimate to censor.
> However a fine that amounts to ~0.7% of the annual revenue and they threaten to block an entire country?
What's going to be next weeks fine? Of course they should block the entire country. Even if they pay the fine (I could imagine there's some way that the EU could force that on pain of forcing them out of Europe), they should block the country.
I'm not sure why would you want to remind the world about that episode. those men lied, stalked, harassed, and threatened a lot of people to get that perfectly legal website exposed to very illegal DDoS attacks.
The `base` hook installs the shell PID 1, the `systemd` hook installs systemd as PID1. The default hook setup was changed with the latest'ish release to default too the `systemd` hook setup.
Shell `init`; https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio...