@sneak the saddest thing is that you can't run a #freedomware OS (aka #freeasinfreedom ). I would reconsider much of my reprovals that makes me #AvoidApple if they let me run Gnu/Darwin for example
@paoloredaelli GNU/Darwin might be possible actually if you reuse their signed kernel. i just got mine yesterday and haven't tampered with the OS yet, but bputil's manpage suggests you can disable the signed system volume verification.
you're late to the "referencing the right to read" party.
https://sneak.berlin/20201112/your-computer-isnt-yours/
signed kernel and signed binaries means that malware that gains root can't overwrite them. this is largely a good thing, and great for platform security. the question is as always: who owns the keys?
no but you can use bputil to disable the signature checks on the readonly root partition (but only if you're not using disk encryption). replacing the kernel is not possible at this time afaik but also there's no real reason you'd need to do that. all of the objectionable apple stuff is in userspace.
@sneak I agree. It would be a good thing to be able to get keys to sign my own binaries and kernels. Is it possible with Apple? My last hw from Apple is an iBook-Se G3 clamshell (I know, it's Jurassic)