from the "I've-got-that-'impending-doom'-feeling-again" dept.
Arthur T Knackerbracket has processed the following story:
The Linux ecosystem is buzzing with news of Amutable, a new company founded by some of the most influential figures in modern Linux development. Led by Lennart Poettering (creator of systemd), Christian Brauner (Linux VFS subsystem maintainer), and other prominent Linux kernel developers, Amutable aims to deliver "verifiable integrity to Linux workloads everywhere."
[...] Amutable's stated mission is ambitious: to build cryptographically verifiable integrity into Linux systems. Their approach focuses on three key areas:
Ensuring that software builds are verifiable and tamper-proof from the development stage through deployment.
Implementing secure boot processes that can cryptographically verify the integrity of the entire boot chain.
Maintaining verifiable system state throughout the operational lifecycle of Linux workloads.
The company's tagline, "Every system starts in a verified state and stays trusted over time," encapsulates their vision of comprehensive system integrity.
While Amutable has been relatively secretive about specific technical details, the company appears to be building on remote attestation technology. This involves using hardware security features (like TPMs - Trusted Platform Modules) to cryptographically prove the state of a system to remote parties.
The technology builds on existing standards and protocols but aims to make them more accessible and user-controlled in Linux environments. According to founding engineer Aleksa Sarai, the models they have in mind are "very much based on users having full control of their keys."
The announcement has generated significant discussion in the Linux community, with reactions ranging from excitement about improved security to deep concerns about potential implications for user freedom.
However, a significant portion of the Linux community has expressed serious reservations, drawing parallels to how similar technologies have been used to restrict user freedom on mobile platforms.
Remote attestation inherently involves revealing information about your system to third parties. Even with privacy-preserving protocols, concerns remain about:
One of the key technical challenges is providing attestation without compromising user privacy. While protocols like Direct Anonymous Attestation (DAA) exist, they often require trusted intermediaries and can still be vulnerable to correlation attacks.
[...] As one community member noted, attestation can only verify that known vulnerabilities are still present, not that a system is actually secure. With thousands of CVEs discovered in Linux annually, "verified" doesn't necessarily mean "safe."
Lennart Poettering's involvement adds another layer of complexity to the discussion. His previous work on systemd was similarly controversial.
Supporters counter that systemd solved real problems and modernized Linux system management. The parallel concerns about Amutable suggest the Linux community is wary of another potentially disruptive change from the same architect.
Amutable has been notably quiet about their business model, which has fueled speculation and concern. Possible approaches include:
The lack of clarity around monetization has led some to worry about potential future restrictions or lock-in mechanisms.
Amutable enters a space where several major players are already active:
A Linux-native solution could either complement these existing systems or compete directly with them.
Government regulations around cybersecurity are increasingly requiring organizations to demonstrate system integrity. Amutable's technology could help organizations meet these requirements, but it could also become a compliance requirement that effectively mandates its adoption.
[...] Amutable represents a significant moment for the Linux ecosystem. The company's success or failure could determine whether Linux develops robust, user-controlled security attestation or whether the platform remains vulnerable to the kind of lockdown that has characterized mobile computing.
The involvement of respected Linux developers like Poettering and Brauner lends credibility to the project, but their track record also shows they're willing to make controversial changes they believe are necessary for Linux's evolution.
The key question is whether Amutable can thread the needle between providing the security guarantees that enterprises need while preserving the freedom and openness that Linux users value. The answer will likely shape the future of Linux security for years to come.
For now, the Linux community watches and waits, hoping that this new venture will enhance rather than restrict the platform they've helped build. The stakes couldn't be higher: the future of open computing may well depend on getting this balance right.
(Score: 5, Funny) by Anonymous Coward on Thursday February 05, @02:00PM
Good
Maybe this will keep him and his kind out of mainline kernel "enhancements"
(Score: 5, Funny) by Snort on Thursday February 05, @02:20PM
systemd-securityd will simplify configuration and workflows. There is no way this will be misused or abused.
(Score: 5, Insightful) by VLM on Thursday February 05, @03:20PM (2 children)
I would assume the users they refer to are corporations. Human users don't care about what they're trying to provide. Or actively want the opposite of the world they're trying to create. So, I hope they fail.
My guess is it'll be used for government monitoring. Only a terrorist would import a computing device past a customs official that does not have attestable provable back door access, for example.
My guess is we'll have another generational bifurcation where there will be locked down appliances like a pre-1980s ma bell telephone that are used exclusively for boring tasks like paying water bills online, they'll be incredibly expensive due to engineered lack of competition and the "high security theater" means there will be massive fraud problems and security holes, just like Ma Bell back in the day. Meanwhile anyone trying to do anything fun or interesting will have those "personal" computers that don't require the permission of Ma Bell or IBM or any of those people, where all the money is made and all the interest will be located.
Phones will be totally locked down appliances, the idea of modifying corporate software on the phone will be about as popular as modifying firmware on an old fashioned CRT TV, phones will be for old people to argue with AI/LLM bots on mega legacy social media platforms, meanwhile everyone "interested in computer stuff" will be running BSD unix on $2 RISC-V microcontrollers, etc.
(Score: 1, Insightful) by Anonymous Coward on Thursday February 05, @03:45PM (1 child)
Phones are ALREADY locked-down appliances
Good luck modifying anything on your baseband processor today.
The new term for "phones" will be anything that requires connection
to a corporation.
Pretty much everything controlled by The Man
(Score: 2) by VLM on Thursday February 05, @05:00PM
I can write apps and download them to my phone all day. In fact I can put my projects on github and others can compile in android studio and transfer to their phones over a usb cable. Or (for now, probably ending soon) I can upload to FDroid and and they distribute my compiled code. For now.
But there's another level of appliance like my microwave oven or a 1980 Sony television or an old cordless phone from the 90s where there's no user level firmware access.
Yeah, that also applies to pretty much every wifi device. Anything needing FCC certified type acceptance is already a pain in the butt:
https://www.ecfr.gov/current/title-47/chapter-I/subchapter-A/part-2/subpart-J/subject-group-ECFR55475dd0ca1a058/section-2.1043 [ecfr.gov]
(Score: 4, Touché) by Ingar on Thursday February 05, @03:54PM
Gaming on Linux, it's a thing these days. But Linux still isn't supported by the kernel-level DRM required by a lot of online AAA-games.
Future games will require that systemd-securityd.
Love is a three-edged sword: heart, soul, and reality.
(Score: 5, Funny) by Rosco P. Coltrane on Thursday February 05, @04:17PM (2 children)
Poettering...
Really? Does this really have to come from him?
Sigh...
(Score: 4, Insightful) by Anonymous Coward on Thursday February 05, @05:02PM
There FTFY.
Please go and review the other team members. It is not just Poettering who is deployed there from Microsoft. "Amutable" is not about building something good, or useful. It is about keeping control of desktop computing from slipping out of the clutches of the noxious interests which steer Redmond.
(Score: 3, Insightful) by driverless on Friday February 06, @08:20AM
It's not even an interesting project, it's a preordained death march project that has questionable if any market demand. They'll burn through their VC, then pivot to something completely different in an attempt to stay afloat.
(Score: 2) by epitaxial on Thursday February 05, @06:04PM (2 children)
I thought the linux crowd hated secure boot and TPM. They were always decrying it would be the death of open source operating systems.
(Score: 5, Insightful) by Anonymous Coward on Thursday February 05, @07:20PM
> I thought the linux crowd hated secure boot and TPM. They were always decrying it would be the death of open source operating systems.
TPM is part of the death of open source operating systems, and that death is Microsoft's long term goal in launching Amutable.
Take a look at the names again. This is most definitely the "Linux Crowd" here. It's not just Poettering but also the others there who are deployed from Microsoft.
The TPM, UEFI, and DRM is not a mistake on their part. It is a primary goal. Don't be fooled into thinking that this is a project to advance either Linux or Open Source. It's the opposite.
(Score: 4, Touché) by https on Friday February 06, @04:13AM
There is no history to suggest LP has the interest of the linux crowd in mind.
Offended and laughing about it.
(Score: 2) by SemperOSS on Thursday February 05, @06:52PM (2 children)
At least that is an easily avoidable Poettering product … for now.
I have so far managed to keep myself out of systemd-land on my desktop and my laptop. Slightly more difficult on the server side as I for simplicity use the images available from my VPS providers, and the only systemd-free product they seem to have is Windows 🙁
I do not know Poettering personally but I have met quite a few people that consider the KISS principle as only to be used by the less than averagely endowed — IQ-wise, that is.
Open Source Solutions and Digital Sovereignty is the new black
(Score: 5, Insightful) by Unixnut on Thursday February 05, @09:41PM
Funny, I usually find it it is the less than averagely endowed (IQ wise) that think complicating things makes them smart. It is easy to complicate things, to make them simple and elegant takes intelligence.
A famous man once said "Everything should be made as simple as possible, but no simpler" [socratic-method.com], I have a poster of this up in my office to remind me never to needlessly complicate anything, fitting from a man who became famous for simplifying reams of math into an elegant equation. Feels like some people could do with such a poster themselves, but no doubt their "superior intelligence" will cloud them from understanding it properly.
(Score: 5, Interesting) by Thexalon on Friday February 06, @02:19AM
I likewise don't know Lennart personally, but having read some of his writing, and seeing his code, he comes off an awful lot like guy I knew back in my college days: He proposed a very complicated solution to what was in fact a fairly simple problem, complete with a Three-Letter Acronym, but could neither explain the plan to anyone else nor actually make the damn thing work properly. The rest of us were successful in our ensuing group project because we simply ignored him and let him spend his time banging his head against the wall trying to make his thing work while the rest of us implemented the simple solution to the simple problem. And then he changed his major away from CS shortly after that.
The one thing he does seem to be good at though is convincing suits to go along with his harebrained schemes.
One reason I think he's butted heads with Linus on several occasions is that Linus has encountered similar sorts before.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 2) by Bentonite on Sunday February 08, @11:59AM
After all, while the GPLv2 (and GPLv3) doesn't forbid implementing whatever kind of digital handcuffs and remote attestation you want, you still need to provide the user the installation information required to install modified software (i.e. a method to break, or a key for the digital handcuffs and/or a method for changing the software while also not failing the remote attestation report); "For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus ***the scripts used to control compilation and installation of the executable***."; https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html [gnu.org]
The GPLv3 is looser in that sense in that it allows refusing to provide installation information for commercial-only hardware; https://www.gnu.org/licenses/gpl-3.0.en.html [gnu.org]