Note: The update is that it turns out that they do allow it (if you disable secure booting), but there is no driver for the T2/SSD in Linux yet.
It is not clear that it is simply a driver issue. It may be that the T2/SSD is actually locked out of use. I have seen no hard information on this either way.
At least it sounds like it isn’t intentional if this posting on the comments of the article is legitimate (contains link to image of a twitter conversation with Craig Federighi):
Looking at the stackexchange link, turns out T2 does work as a “normal” NVMe controller!
But it shuts down the whole machine in 10-30 seconds, because it seems to detect an unauthorized OS.
Maybe a driver could be made that does whatever a bootcamped Windows 10 does to appear legitimate…
I’m no fan of Apple’s recent Mac hardware, but my first thought was “Don’t most people turn off Secureboot by default anyway?” :)
For most values of “most people”, I’d find that hard to believe tbh
I have utterly anecdotal evidence that says that whenever anyone has problems with any UEFI Linux install the first suggested step for remediation is “Turn off Secureboot.”
Most people don’t have problems with UEFI Linux because most people don’t install Linux onto hardware that didn’t ship with it.
OK I’m coming from a place of ignorance so I’ll bite. Do you have actual data on that? I don’t get that impression from the various mailing lists, forums etc. Do people posting quesetions there represent the vocal minority?
Linux: 2.04%, macOS: 9.40%, Windows: 88.05%
Linux has a much higher market share on smartphones, but those ship with it, rather than having the end-user install it.
I’m seeing several people, including you, dance around the actual question.
“Of Linux users, how many install Linux on machines themselves and how many buy machines that come with Linux pre-installed?”
Your data has no bearing on this question.
Or did I mis-understand what we were actually talking about here?
The desktop, where Linux is not shipped on most machines, has few Linux users.
Smartphones and servers, where Linux is very popular, either ship with Linux or with no operating system at all.
Knowing that few end-user systems (desktop, laptop, notebook, convertible, tablet, whatever…) are shipped with Linux it becomes clear that there are in fact many who install Linux on systems which did not come with it. To get at actual numbers you’d have to get sales data from the likes of Dell and HP as well as those from companies which specialise in Linux systems.
Another way to gage the interest in installing Linux on non-Linux systems is by looking at the mailing lists and forums for Linux distributions where you’ll find a plethora of questions and answers on the subject of installing Linux on this or that system. Yet another way is to look for the number of downloads for Linux distributions. Some distributions keep a tally of how many installs there are, these can provide some data.
Remember the times when people spoke about the ‘Microsoft Tax’ or ‘Windows Tax’ which was levied when buying hardware? Those were people who wanted to install something else on their store-bought systems, usually some form of Linux, less frequently a BSD or something else.
Seen as a percentage of total sales the number of systems which are destined to have their Windows replaced with Linux is small. However, this small percentage still represents a considerable number of systems. How many of those come with UEFI and ‘secure boot’ remains to be seen, often Linux is installed after the machine has been used previously with Windows and as such the machines on which Linux is installed are often from a previous generation. These machines often did not come with/were not encumbered with UEFI and ‘secure boot’.
Linux desktop marketshare is relatively (to the size of overall desktop usage) still a small percentage (from what I understand), so presumably “most people” don’t ever install Linux at all?
Of those that do use Linux, it would certainly be interesting to see how many of them run on systems that both support secureboot, and have it enabled.
This is the general pattern that most of Apple’s recent security features follow: add new levels of security that limit freedom (in exchange for security) as the default, but keep the old methods around. See Gatekeeper, Boot Security, Sandboxing, Kernel extension approval.
This time though, it’s hardware level, and it’s hard to get the freedom (of using the internal SSD) back. You can access the SSD on Linux, but the machine shuts down in a few seconds if you try that.
My thinkpad didn’t allow installing openbsd either, but after paying the $500000 DMCA fine everything works fine.