Among the GNOME 43 features is a new ‘Device Security’ panel that tells you about the security status of your device.
But if you upgrade to Ubuntu 22.10 in October you’re unlikely to be able to see it.
A bug report filed by Ubuntu developers this weekend describes the new device security feature as “confusing and unhelpful” in its current guise.
“A default Ubuntu install only gets us “Security Level 1”. The highest level is “Security Level 3”. There isn’t anything an Ubuntu user can do to get to a higher security level from the Device Security screen,” the bug report reads.
“If a user attempts to get their system to a higher security level, I think they could break their system since this isn’t something we currently support. We can work towards better integrating this screen for Ubuntu in future releases”.
GNOME’s Richard Hughes (yes, of LVFS fame) quips in response to the bug report: “I suppose that not knowing is more secure?” — and he’s kind of right: I’d rather know my system had security flaws than not.
Or would I?
Testing it out
Here’s my AMD Lenovo laptop, as reported by the new device security panel in a live USB of Fedora 37 equipped with GNOME 43 beta:
Seeing “Security level 0” and “Exposed to serious security threats” is pretty frightening, especially in that “critical red” colour. But hey: security threats are serious!
If I click on the security level pod I get this:
Here I can unfurl each security level to see what the requirements for it (and if my device passes or fails each of them). But there’s no information or context presented as to what each requirement means to me as a user, nor are any details provided on how I can fix it and “level up” my device.
And that’s sort of the point Ubuntu’s developers are making.
As is, there’s a danger folks who see a list of things their computer does NOT protect them against will blame the OS rather than a laptop OEM, which is where many of these issues should/can/ought to be fixed. It could be enough to send them scurrying back to Windows, and in to the arms of Microsoft Defender, as they seek reassuring green check marks.
Still, it’s also worth keeping in mind that the feature is not finished. GNOME developers DO plan to add further information to this section before the final stable release of the feature in GNOME 43 next month.
As someone who uses Fedora regularly, I’m interested to see the new Device Security panel evolve. I want to learn more about the impact of the “not secure” status it reports, what the implications of this are for my security (in a hopefully easy-to-understand manner), and, most importantly, how I can go about securing the best security level for my safety.
But in lieu of that it’s easy to see where Ubuntu devs are coming from, especially as the final stable release of GNOME 43 isn’t that far away and things aren’t yet “complete” enough for roll out.
Let me know what you think of this situation down in the comments