Scooby Doo!

The key enrollment that Mint did sounds like registering the Machine Owner Key (MOK). That basically tells the bios that anything signed with that key should be permitted. The MOK is especially required when compiling your own drivers. Anything shipped by a Linux distro should already be signed so that the shim will permit it. SecureBoot is more about making sure your boot files haven’t been tampered with rather than being about preventing the owner from doing something.

You should already be able to boot any modern Linux OS that has support for SecureBoot. Only if you compile your own drivers or kernel would you need to use a MOK. If you do need that, you should be able to enroll another MOK or copy the MOK key files from the Mint install and use those keys to sign drivers in any other Linux distro.

The cli program mokutil will let you view and export your enrolled MOKs.

Text would be more useful than screenshots. Text is smaller to store, easier to translate, and easier to shape to whatever screen a person is using. :)

The MOK key stuff is fixable, but it sounds like you don’t have a big need for SecureBoot in the first place. I would say leave it disabled for now.

Also, SecureBoot is more of a way to authenticate the software that is being loaded at boot time. It could prevent someone from inserting something bad at boot time. It’s nice to have but not required.

Further, I think your EFI Boot Manager has a BootNext entry that is booting the MOK utility instead of the Linux shim or kernel. You should be able to remove this BootNext entry in your EFI settings.

If you can get it booted into Linux from a bootable USB drive, you can use the “efibootmgr” program to inspect and remove the BootNext entry.

sudo efibootmgr

will show you all of the EFI boot entries. If the first line says BootNext, then that’s likely the problem. Note that these are not grub boot entries. The EFI has a boot list that happens before grub.

sudo efibootmgr —delete-bootnext

will remove the temporary BootNext entry.

After that, make sure secure boot is disabled and you should be able to boot Linux.

This page https://wiki.debian.org/SecureBoot#DKMS_and_Secure_Boot Mentions the “MOK Manager EFI Utility”. That utility is the blue screens you posted. You should be able to change a setting in EFI to boot something other than the MOK Manager.

Can you turn off Secure Boot in your BIOS/EFI? That should get you booting again, and then you can figure out the MOK.

Another thing to check is that your EFI is actually booting the Linux kernel. It could be booting the MOK enrollment program which runs only at boot time. There should be a selection in the EFI settings that mentions “next boot” or something like that.

Use brew to update the core Unix utils such as bash, tar, sed, etc to the latest GNU releases. The mac has really outdated BSD-based versions.

I hope they have a good way of keeping rainwater out of the bins.

Emacs Org Mode would be perfect, but that’s a commitment if you don’t already know Emacs.

Also https://mcfunley.com/choose-boring-technology

It’s common in the US Tech industry. It’s considered “voluntary” because you could always say no and find a different job, or you could negotiate the removal of that clause. Often at the beginning they give you an opportunity to list your existing obligations that would be exempted. Always read the fine print of your employment agreement.

Now, if Tesla were to start pushing updates to older cars that made them artificially degraded or less responsive than the newer cars (as Apple is accused of doing), then that would be a worthy outrage story.

There seems to be a bit of a misunderstanding by the author here, or a conflation of “no more software updates” with “continuing to get updates that your processor isn’t powerful enough for”. You may miss out on some new features, but barring equipment failure, the original software will continue to do what it did when you bought the car.

“But once software-dependent cars stop receiving updates, they will start to get worse. Maybe the navigation system starts to crash, or the Netflix app in your Tesla becomes so buggy”

No, when you stop getting updates, the car will continue to perform in the same way, again barring equipment failure. The software itself will not degrade and suddenly start to become buggy.

The reason your iPhone seems to do that is because it continues to get software updates that are made for a newer, more powerful phone. Your old iPhone 6 doesn’t play the latest graphics-intensive and high resolution games, but it performs the way it always did. And perhaps Apple pushes iOS updates that don’t perform as well on your old phone, making it seem slow. If you were to load the original iOS and the original apps of the time period, it would perform as well as it did the day you got it.

The bigger concern for me is being able to control what software is applied to my car (right to repair) so that I can keep bloated software updates out if I prefer the way it was working previously. Currently that’s not possible with Tesla.

I recommend The Cuckoo’s Egg by Cliff Stoll as a good start.

https://en.wikipedia.org/wiki/The_Cuckoo's_Egg_(book)

In my experience, keeping your equipment clean and sanitized is the most important step.

And they keep making it harder and harder to not use a Microsoft Account.

https://www.techradar.com/computing/windows/microsoft-is-removing-known-mechanisms-for-creating-a-local-account

I would say focus on becoming an experienced, well-rounded developer who is familiar with all of the tools at their disposal. The “vibe cleanup” angle may be popular for a few years, but 10 years from now it will be something else.

Here’s a nice list.

https://areweanticheatyet.com/?search=&sortOrder=desc&sortBy=status

Online multiplayer games are the most likely to have anti cheat. EA (Battlefield) is the most visible unsupported one. They view running under any virtualization or compatibility layer as an opportunity for cheating, so they intentionally deny it. EasyAntiCheat supports running in Linux, but not all game developers enable it. The success of the Steam Deck is starting apply pressure to change this, though.

True, nvidia does work great when it’s configured properly. Those distros that have the nvidia specific install option have done the work to do the extra config and keep it up to date. My preferred distro is not one of those. If I was buying new gpu hardware, I would go with one that has a fully open source driver.