Comment by m3galinux
7 hours ago
Linux intends to be left out of all this attestation garbage because it completely undermines the point of fully owning and controlling your own devices. I don't want or need to ask permission before I run a program - not from random megacorporations, and ESPECIALLY not from any of the various governments. If some third party service wants to make sure I'm not doing anything nefarious, they should do it at the border of their servers and the services they offer.
> what does someone running Linux do if the government mandates online services require proprietary attestation APIs?
So, in the scenario posed (quoted above again for context) that I’m responding to, where the government has mandated attestation online, it seems like you’re arguing that Linux should continue to opt-out of attestation, and thus be forced into non-internet uses only. Do I misunderstand your intended outcome to the scenario here? I took for granted that Linux users would want to retain access to the internet as a critical priority, given how strongly they’re objecting to attestation of internet apps (and eventually internet access), but if I’m mistaken then I’m happy to reverse course!
The idea is that enough users insist on non-attestation devices and platforms that governments and mega corps aren't able to require them for critical services. And loudly protest, switch to different services, etc when they DO attempt to be required. Example: already personally switched banks when they tried to require a validated Android device, and let them know directly and in reviews all over the place.
Don't fall for the trap that all of this is inevitable, you have to try and resist it first.