And to that, let me remind us all of a little-known concept called cryptographic attestation. If that doesn’t ring any bells, then the term “secure boot” should.
Once this shit passes into law, that’s the next step. Operating system vendors have their private keys to sign attestation tokens saying “John Johnson is an adult” and you’re only getting one if you verify your government ID. When you go to a website, your browser sends your signed token to the website and then the website checks if it’s a valid token signed by Microsoft, Apple, or Google.
But Linux?, you may be wondering. No. No Linux. Kiss it good-bye. Your bank will “require” identity attestation for “extra security”, and your bank doesn’t give a fuck about Linux. Your bank will check against whatever list of public keys they want to trust, and it ain’t going to include anything not backed by a global megacorporation.
It’s already the case that banks don’t allow their apps to be used on rooted phones. I can imagine a similar possibility for desktop computers. A dreadful possibility, but a possibility nonetheless.
Better yet not 1 single piece of unapproved software can run anymore. These inconvenient pieces of software that are allowing people to do all sorts of dodgy things can be removed from circulation.
I mean I get where you’re going with this, but I still don’t see how this effects Linux. Oh no I can’t access reddit without a government ID…cool I don’t use it anyway?
And if Lemmy or whatever else requires one then oh well, I’ll find the dozen or so forums that don’t care then
It won’t at first. If more essential websites start to unnecessarily adopt it, it will start to lock Linux users out of being able to access the services necessary to exist in modern society.
“But that’s unenforceable”, some will claim.
And to that, let me remind us all of a little-known concept called cryptographic attestation. If that doesn’t ring any bells, then the term “secure boot” should.
Once this shit passes into law, that’s the next step. Operating system vendors have their private keys to sign attestation tokens saying “John Johnson is an adult” and you’re only getting one if you verify your government ID. When you go to a website, your browser sends your signed token to the website and then the website checks if it’s a valid token signed by Microsoft, Apple, or Google.
But Linux?, you may be wondering. No. No Linux. Kiss it good-bye. Your bank will “require” identity attestation for “extra security”, and your bank doesn’t give a fuck about Linux. Your bank will check against whatever list of public keys they want to trust, and it ain’t going to include anything not backed by a global megacorporation.
It’s already the case that banks don’t allow their apps to be used on rooted phones. I can imagine a similar possibility for desktop computers. A dreadful possibility, but a possibility nonetheless.
Better yet not 1 single piece of unapproved software can run anymore. These inconvenient pieces of software that are allowing people to do all sorts of dodgy things can be removed from circulation.
I mean I get where you’re going with this, but I still don’t see how this effects Linux. Oh no I can’t access reddit without a government ID…cool I don’t use it anyway?
And if Lemmy or whatever else requires one then oh well, I’ll find the dozen or so forums that don’t care then
It won’t at first. If more essential websites start to unnecessarily adopt it, it will start to lock Linux users out of being able to access the services necessary to exist in modern society.
Imagine if you need age/identity verification to: