Linux users who have Secure Boot enabled on their systems knowingly or unknowingly rely on a key from Microsoft that is set to expire in September. After that point, Microsoft will no longer use that key to sign the shim first-stage UEFI bootloader that is used by Linux distributions to boot the kernel with Secure Boot. But the replacement key, which has been available since 2023, may not be installed on many systems; worse yet, it may require the hardware vendor to issue an update for the system firmware, which may or may not happen. It seems that the vast majority of systems will not be lost in the shuffle, but it may require extra work from distributors and users.
So… microsoft has positioned itself between common users and Linux… and as an authority of sorts.
if only people had predicted this way back when it came out
There is even a whole section in Wikipedia on issues and criticism with secure boot:
https://en.m.wikipedia.org/wiki/UEFI#Secure_Boot_criticism
Some people argue that one can work around such locking down of PC hardware. Do this or that to avoid issues with substantial tinkering.
But that is not a bug but a feature. Sure, as a technical Linux user you can work around some nastiness. Like working around privacy invasion on Facebook or Linkedin by “adjusting” settings, or “adjust” settings in Wimdows to make it more private and so on. The thing is: working against the platform becomes quickly a losing game, because you don’t control the platform - Microsoft does. And it does not help you if you manage to re-gain control of your device after some hours of tinkering if 99.9% of people around you don’t have the knowledge and time and store your data, photos, Emails on OneDrive and so on. Freedom is very much a collective thing and software freedom is no exception.
And this does not mean that the thinkering and hacking is in vain - but it is not enough. We need the practical right to control our devices.
well said