The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.
Your understanding is incorrect, I think.
Apple specifically chose to leave it (or some part of the chain, I don’t actually know, not an expert lol) open, otherwise, a project like Asahi Linux would not have had a chance from the getgo.
I might try to read up on it when I find the time whether they still have to rely on something signed by Apple before being able to take over in the boot process.
I see.
I was going on the fact that the T2 has a “No Security” option for its Secure Boot config, while according to Apple Support the Apple Silicon ones (I don’t have one) only offer “Full” or “Reduced” security, which would still require signing: Change security settings on the startup disk of a Mac with Apple silicon
Dunno how the Asahi folks are planning on doing it, but they do indeed say there is no bootlock 🤔
Update: according to the Asahi docs, I seem to understand that Apple Silicon devices allow creating some sort of “OS containers” that can be chosen to boot from separately from the Mac OS one, and in such a custom container the security can be set to “permissive” limited to that container: https://github.com/AsahiLinux/docs/wiki/Open-OS-Ecosystem-on-Apple-Silicon-Macs Interesting.