Why someone want to buy something like this? Just to have an unrepairable PC? And if something inside breaks you have to just buy a new PC? I like to mess with my PC internals, upgrade it and fix it if I can with my poor electronic skills.
If something inside breaks, you can get it fixed. For free, if it's under warranty. Most people have neither the time nor the technical ability to fix something themselves anyway, so this is a non-issue.
For me, I've had an iMac for 5 years and I upgraded both the RAM and the HDD (to an SSD) myself with no issues. And it shows no signs of slowing down and is better than the day I bought it, and is probably one of the best investments I've made. Hell, at the time, and this is still true, buying a monitor of comparable quality would've cost half what I paid for the entire computer.
I don't care any more about NVidia blobs. My old NVidia based laptop have died due to the nvidia chip. My new one is intel based with open source drivers and i'am very happy.
My desktop PC still have an NVidia Graphics card, and i'am looking for a replacement. But I cant find any Intel based graphic card on the market.
I don't own or plan to own an iPad. So the locking of the iPad is not affecting me directly. It is sad and silly imho that people is buying locked machines, but that's their right to do.
Now ARM boot restrictions from Microsoft directly affects me, as soon i can't buy any ARM based machine, given the way the markets work. And in the future it is a big possibility that i can't buy any other PC and put any OS that i like without pay directly or indirectly money to Microsoft. And i can see some foreign governments to use this technology to control the OS that her citizens runs, and install backdoors.
So yes UEFI secure boot is a treat to my freedom and not only my freedom to run the OS of my choice.
Do we really need UEFI? I believe that there is simpler ways to achieve this. For example:
a. User turn ON a switch to enter "OS Install mode"
b. User install the OS of his choice. During installation the installer read a motherboard specific key from the BIOS and sign his bootloader/kernel/drivers using that key.
c. User turn OFF the "OS installation switch". System is save (at least as long as the OS in choice is not a Redmnond one)
Is there any fundamental problems with this approach?
It seems that UEFI is supposed to protect against malicious actors who have physical access to your machine.
Of course, you're also assuming that securing the end-user is the actual goal of UEFI. ;-) I can see legitimate situations where a corporation would want to ensure that their employees aren't tampering with their hardware.
Of course, I think it's fairly obvious by now that one of the main reasons that MS is pushing UEFI at this point is to prevent Android from being installed on "Windows" hardware.
If someone have physical access to my machine he/she can install keys if the BIOS supports that anyway. And even if it doesn't i have many more things to worry anyway. UEFI don't protect me from stealing the machine or the HD data or installing mallicius software.
Of course, i totally agree with you on that the reall reasons is for MS and hardware manufactures is trying to control MY hardware.
I played yesterday with some SVG demos again and with Raphael JS library. We need to invest more efforts into open source technology instead of trying to patch existing proprietary and inefficient solution.
Today is secure boot. Next say some governments will make it illegal to buy a machine without a secure boot feature and forbids you to run any OS without a backdoor. Now i'am sure that your government will never do that
I personaly will never buy any machine, as soon as i can, as soon as it is still legal, with any "secure" feature. My machine is mine, not to the original manufacture, not to Microsoft or to Redhat or to anyone that believe that it is theirs. Even that i know that i live in a great democracy, i have nothing to hide, and my government is my good friend
I will never buy any hardware, with any vendor specific keys inside. If Ubuntu or Redhat enter any key at hardware i will never use that distros again. My computer is mine. It does not belongs to Microsoft or to Redhat or to Canonical or to anyone else.
I'am even willing to pay more money to buy hardware that i really own, if i have no other option.