I have to say this one has been entertaining, one of the most luddite threads on phoronix.

kind of like "don't look up!".

This feature doesnt change anything about secure boot. It just informs you of the status of what you have. However it is making some people on here feak out.

But i need the green check, else daddy gets angry

One can only hope you're joking with large parts of your comment.

No, there shouldn't be any deep integration with some snake oil security suite. When I want to use a handbrake I'll just use that. And never ever in a million years it should do what Windows Defender does. That is enforcing itself upon the user and turning itself on randomly after you explicitly turned it off. The only relevant reatures that would actually make a difference would be protected folders so not just any app can write to them, and some kind of rudimentary VM to analyze unknown files. But virus detection programs are pretty much snake oil. They can only check signatures, which can be circumvented very easily, and they can use heuristics which just never work. What a great way to teach the user a very false sense of security.

And no, Flatpaks and Snaps are really the last type of packages you want to put your trust into. Instead, you should bring sandboxing to the normal Linux apps. Not to mention that Snaps are the worst pile of garbage, but both systems and AppImages repeat the worst and most unforgivable sin that Microsoft does for decades: Having all apps package every dependency themselves. With a proper system managed by the likes of apt, rpm and co, if there is a critical vulnerability in a dependency like OpenSSL and others that very often have big impact security flaws, you update that one package, and you're good to go. With Windows, Flatpaks, Snaps and AppImages you litteraly have to pray that the application will be updated quickly. But you can't even be sure that it does. Or do you have a way that magically tells you which libraries are used in which version of an app? At least there isn't any user-friendly way.

And no, they should most definitely not remove a way to hide that pile of crap of an "information screen". The large majority of users will, if they ever use secure boot with Linux, use a Microsoft signed shim to do the trick, which is by far the least trustworthy approach. Then you can just turn it off all together, the result would be the same. And no, the majority of users will never enroll their own keys with all the hassle connected to it. Especially given that GNOME isn't just any DE used by only tech-savvy users, but that's mainly used by Ubuntu and Fedora, the two distros that probably are used the most by Linux newbies. They shouldn't be bothered with stuff that wouldn't have much of a benefit but only scare them away because of the amount of work needed. If Linux distributions are able to check all the boxes in a user-friendly way, sure, go ahead and shove it in their faces if things aren't right. But as long as it's connected with way too much trouble or half-assed solutions like kissing Microsoft's ass, just don't show it to newbies. It will only have negative results.

The point is, and this might surprise you, the mainstream is comprised mostly of people who aren't tall enough to do that work. If you want Linux on the desktop to become relevant at all, you need to streamline stuff for regular people.

Gnome Developers have always had a Stable Mentality and Judgement Capability....
It would make sense they'd nag their users to enable a security feature that'd break being able to use Gnome,
other Linux related software, let windows off the leash at a firmware level for dual booters.

absolutely right Microsoft is abuse and malware and scam

Flatpak has runtimes and they can be fixed independently. So your OpenSSL can be fixed easily without updating the flatpak package. The advantage of flatpak is that you can have different runtimes at the same time. Something that is not possible with traditional distributions.

And if the original developer will produce the flatpak you will not get same randomly broken package of your distribution because it is tested. As a developer I very often have seen broken packages because the wrong library version was used. Some packagers even patched the original source without any understanding. It would be nice if this FUD of superior packaging of distributions could stop.

If you're on about the GTK file picker not having image previews, GNOME are moving away from using that file picker and instead having Nautilus itself provide the file picker, improving the entire experience. https://blogs.gnome.org/christopherd...43-and-beyond/

The intent is obvious. This is trying to gatekeep legitimacy to those companies that can afford to pay for signing keys. Red hat wants to be the one and only official Linux. Once that's all set up they can fleece users.

Or so the business majors in the company believe. Distros will patch this out, and, failing that, fork if pushed too far. It's not going to get to a point where all operating systems are beheld to corporations. They're deluded. Systemd was of similar intent and invasive, but propagated because the notion wasn't completely hollow. Secure boot is pointless.

That's why it you really want to do everything right from security POV, you need to sell your old PC and buy one that has TPM.
And that's why it is pointless of Gnome to implement these fancy features before there's a solid and robust approach in major distributions with regard to auto-installing signed unified kernels with TPM-based verifications for keys, hardware and firmware.