If banks and streaming vendors don't trust unmodified VMs, why would open-source Linux VMs trust closed apps with binary blobs?
One benefit of running open-source Linux VMs is access to the vast corpus of mature open-source software applications packaged by Debian, Fedora, etc.
That you wouldn't need the official attested VM anymore.
> why would open-source Linux VMs trust closed apps with binary blobs?
The point is that with an open-source Linux VM, the user could decide what to trust instead of some megacorp deciding for everyone.
> vast corpus of mature open-source software applications
The problem is that there's a lot of proprietary apps that are both (1) necessary for a lot of real-world things, e.g., the SeatGeek app for tickets to shows, and (2) not replaceable with FOSS because the company will ban you if you connect to their API with a third-party client.
As hardware, sensor and cellular radio standards continue to evolve, someone has to pay for timely development of bare-metal software to drive new hardware. Today, that is the vendor providing the "official attested VM" and drivers. If Arm can reach x86 levels of backward compatibility and stable interfaces, it may be possible to extend the lifetime of mobile devices with OSS bare-metal drivers. It has taken many years to achieve this on relatively open x86 PCs. Even Arm SBCs still struggle, see the efforts of Armbian. Mobile devices are less open and more complex.
> proprietary apps ... not replaceable with FOSS because the company will ban you if you connect to their API with a third-party client.
Regulations and technology are evolving in the direction of more control, not less. Customers will need to find forms of collective and competitive action to influence vendor policy in sensible directions, because it will be increasingly expensive to bypass. Try to support vendors who use technology responsibly in service of their customers. Encourage OSS competition where feasible.
