Works here, here's the text for anyone who can't access it:
> Turns out APFS has an undocumented "VolBootable" flag that we were never setting since, well, it is undocumented, and the boot picker never cared about it (it read it and printed it's state to system log, just did not take any action). Anyway, fix PR-ed to asahi-installer, old installs will have an installer option to set the flag. But still, probably hold off on installing macos betas :P.
It seems like this is a bug, apple went through the trouble to allow something like asahi to be possible in the first place. I doubt they're purposely trying to break it.
Apple designed a bootloader for Apple Silicon Macs that allows you to run an unsigned OS without degrading security when you boot into MacOS. This wasn't an accident.
M series macs are weird tho, yes the bootloader allows it but absolutely no documentation on the hardware, drivers etc. Can't help but to think the goal of this wasn't to actually allow third-party OSes, but for development purposes(and ye they could hide the feature behind apple account with paid dev license) or anti-anti-trust measures à-la Google with Firefox: in front of a jury of normal people they can simply say "look there's these nerds making Asahi" the same way "look we're not a monopoly Firefox has .2% market share".
More weird than the opaque Management Engines on Intel or AMD chips that can take full control of your system at any time that you have no control over?
> Can't help but to think the goal of this wasn't to actually allow third-party OSes
Apple has explicitly stated that allowing third party OSes is exactly the purpose of the new bootloader.
You should probably do do some reading on the subject to gain a bit more understanding:
> This puts [Apple Silicon Macs] somewhere between x86 PCs and a libre-first system like the Talos II in terms of freedom to replace firmware and boot components; while a number of blobs are required in order to boot the system, none of those have the ability to take over the OS or compromise it post-boot (unlike, say, Intel ME and AMD PSP on recent systems, or the DMA-capable chips on the LPC bus running opaque blobs that exist on even old ThinkPads).
Yes, more weird than that. x86 PCs have fairly standardised boot and autoconfiguration (UEFI and ACPI). ARM based systems, including the Apple M series, don't. You just have to know what's there (device trees), and Apple isn't going to tell you. Hence why it's difficult to make another OS run on it, because you first need to find out what hardware's even there, and how to talk to it. It's initialised by Apple before iBoot runs, sure, but you don't even know what it is, so good luck writing a driver for it.
The Intel ME / AMD PSP are creepy, and probably a security risk to the device owner, but they're not weird, you can run an OS without even knowing they're there, and they like it that way.
>More weird than the opaque Management Engines on Intel or AMD chips that can take full control of your system at any time that you have no control over?
Considering they're pretty much fully undocumented (officially, that is) and could contain any number of IME equivalents since we know that they already have independent processors like the secure enclave running its own OS: yeah, probably more weird. Just because Asahi did not find one doesn't mean it doesn't exist.
The design of the exposed mechanism is explicitly about booting unsigned versions of MacOS. There is zero support for booting anything else, but no enforcement that it must be MacOS.
However, apple's justification for exposing this mechanism to users appears to explicitly include "booting linux" even if the mechanism has zero explicit support for booting linux.
And if Apple were going to change their mind and try to block linux, they would intentionally modify the bootloader to remove that functionality, not break the boot picker.
Such bugs have happened and been reported before. Asahi exercises "raw boot" facilities that just don't get all that much attention in any other context.
If the happy path disappears, the not-so-happy path will be taken to allow for booting custom kernels, one that will likely rely on turning the some or a lot of the RE energy towards breaking the Secure Enclave, the bootloader, and so on. Apple practically laid the red carpet out to avoid people trying to crack the parts of the hardware/software chain-of-trust they would really rather not have cracked. A similar strategy helped keep the Xbox One un-pwned for over a decade (running homebrew was allowed in a specific mode). It is doubtful Apple's legal department isn't aware of the value of the current software strategy.
Nothing is perfectly secure on its own. No system designed or checked by humans ever will be. After all, the Xbox One was indeed pwned, relatively recently. However, because the juice wasn't worth the squeeze for so long, it got pwned years after it was a relevant, money making console.
Novel jailbreaks for ancient iPhones are not worth much. But attention on current, brand new devices means increasing the danger that a mistake gets found, which increases the odds that that mistake is found by someone who wants to sell it for the most money. Also, from Apple's perspective a zero-day in the bootloader on macOS also means a zero-day in the bootloader in all of the billions of iOS devices out there too. They do not want to give anyone anymore reason than what already exists to try and pwn LLB or iBoot. Given a happy path, all of that hacker energy for "put Linux on my M1 Macbook" is put towards device drivers and support, rather than "how the hell do we get an alternative kernel booting on this thing".
Fewer bullets pinging off the armor. Fewer cracks in the fuselage forming. Fewer knives to dodge. All of it means Apple's boot process for their current devices are less likely to be pwned before they turn into e-waste (whenever that is, not making a comment on Apple's perhaps accelerated or otherwise practices in obsolescence).
Just like a jetliner will eventually succumb to entropy and become dangerous to fly, so too will a lot of "secure" software. You only need to actively maintain a jetliner while it is flying passengers or cargo. Once it is retired, it can rot, people can break into the husk of it at the junkyard and fornicate and smoke crack and smash windows and steal parts of the fuselage. At that point, who cares?
No, if their lawyers want it gone, Apple will just update the bootloader to reject local signing keys.
The actual problem was that Apple has an undocumented APFS key for if a volume is bootable, which Asahi wasn't setting and Apple wasn't checking, but now they do, so they do.
Other than this situation, what other landmines are there? I have an M1 with Asahi Arch Linux that I've been using as my primary laptop for the last 8 months, its my favorite laptop by far out of the 5ish I have.
Pretty much all ARM platforms are. Even ARM devices designed from the ground up to be Linux devices are full of issues, like the MNT Pocket Reform's lack of HW suspend. The tight interop between vendor and implementation is a huge anti-pattern for software freedom, and the standardization initiatives like ARM SR are nowhere to be seen. It's probably the most problematic part of ARM being the future of personal computing, yet another impending manifestation of enshittification.
i run linux on both in arch and fedora versions with zero problems, by using the hypervisor framework of macos and wsl2 (wrapper for hyperv). do you need a more direct than hypervisor access to some hardware?
On the other hand, your “us” is not very big compared to your “not us.” I like Linux as a server OS (and would pick it over Windows or MacOS for that any day of the week that ends in y), but as a desktop OS it’s just more work than I care to exert (in fact, Windows also exceeds my tolerance for fiddliness in a desktop OS). My general preference is for “you don’t have to” over “you can” as much as possible which is the exact opposite of the Linux desktop experience.
macOS and Windows are both such a chore for development, though. WSL was the closest I got to an "it just works" dev environment, but it exposes just how bad native toolchains like Cygwin and git bash are. macOS is hardly any better, and once you manage to install all of the GNU utilities it just feels like a poorly-supported Linux distro. It's a bunch of wasted effort to imitate a fraction of Linux's power.
So what are we supposed to use? ReactOS? SerenityOS? The entire mainstream is a "you have to..." OS, I fear the day when I have to abandon GNOME for a desktop that treats developers like chopped liver. Your general preference is fine, but I'm surprised that it aligns with the OEMs that want to put advertisements all over your desktop.
macOS, as shipped, is only Unix-like. Even when configured to pass UNIX certification, it doesn't qualify without the temporary waivers:
if you want your installation of macOS 15.0 to pass the UNIX® 03 certification test suites, you need to disable System Integrity Protection, enable the root account, enable core file generation, disable timeout coalescing, mount any APFS partitions with the strictatime option, format your APFS partitions case-sensitive (by default, APFS is case-insensitive, so you’ll need to reinstall), disable Spotlight, copy the binaries uucp, uuname, uustat, and uux from /usr/bin to /usr/local/bin and the binaries uucico and uuxqt from /usr/sbin to /usr/local/bin, set the setuid bit on all of these binaries, add /usr/local/bin to your PATH before /usr/bin and /usr/sbin, enable the uucp service, and handle the mystery issues listed in the four Temporary Waivers. [1]
Maybe your installation of macOS is technically Unix, but mine sure as hell ain't. Desktop "Unix" in 2026 is little more than lipstick on a pig anyhow.
> ... copy the binaries uucp, uuname, uustat, and uux from /usr/bin to /usr/local/bin and the binaries uucico and uuxqt from /usr/sbin to /usr/local/bin ...
This should be your hint that UNIX certification is more of a box-checking exercise than a real test of functionality. UUCP has been functionally obsolete since at least the mid-1990s; it's surprising that macOS even bothers shipping its binaries, and it's exceptionally silly that UNIX certification requires it to be present and installed in /usr/local.
It doesn't look like the certification requires those UUCP binaries to be in /usr/local, that's just where you have to put them on macOS to be able to `chmod +s` them, which is what the certification actually requires. Less arbitrary, but even more clearly obsolete and bad practice for a modern OS.
I get most of this, but spotlight doesn’t need to be disabled altogether. That is a requirement for the verification, not the actually running as unix.
You do actually get UEFI on a few of these, though personally I've always fared better with U-Boot. (Sooner or later, I always run into something that is a simple edit in the device tree or uEnv, but UEFI doesn't expose.)
Those are currently suffering from high power draw because they have to keep the cores awake for memory speeds. Lackluster performance as well, but thats the problem with the majority of the ARM ecosystem ever since apple started crafting SoCs.
I must have missed something...what does Apple creating M-series have to do with Allwinner, Qualcom, Mediatek, AWS, and the rest of the ARM ecosystem having 'lackluster performance'?
To add on. If I remember correctly, its been awhile keeping track of it, they recommend you do because macOS is how you will get firmware updates as there are not any or many mechanisms to update firmware on Apple Silicon devices from Linux.
On the other hand I doubt that's intentional.
Even as an avid Apple critic I want to mention that people I trust and are more involved with Asahi, always pointed out that Asahi received the occasional little help from Apple devs where possible (surely, not with official documentation, or confidential infos).
So, I would wait until things had time to calm down and not get too invested with Apple bashing.
I’m sorry but some of the comments are out of touch. Apple devices do not have any intent of supporting separate OSes . Asahi supports M1 to M2. I can see this as a PSA to not install a beta but I am confused who would install both Akashi and macOS 27 beta at the same time when you could run the beta in a VM for development ? Others have said that this has been a fix that will happen soon.
There is clear intent, albeit not as good as the Boot Camp days. One doesn't just accidentally the Boot Policy subsystem to enable doing so every step of the way as it is. It has even been remarked as much by an Apple dev:
> I purposely designed a mechanism so that M1 Macs would retain the capability to boot completely arbitrary code instead of XNU if users wanted. But you have to 1) reboot to recoveryOS with a physical power button press and 2) put in your SEP-backed credentials.
> The challenge to running arbitrary code of course, as @marcan42 noted in his crowdfunding effort to getting linux on the M1, is that the SOC is undocumented, so you still have to reuse bits of XNU and/or reverse engineer a bunch of stuff.
> As one senior architect said "the contract is that there is no contract". So that Apple can change things to suit its own needs, not others', to build the best macOS experience, which is what most customers (besides y'all who follow me) are there for.
12.1 also added support for raw image boot, which was seemingly for, and has only been relevant to, making booting Asahi Linux easier. Discussion at the time https://news.ycombinator.com/item?id=29591578 and an archive of the tweet's content below:
> Looks like Apple changed the requirements for Mach-O kernel files in 12.1, breaking our existing installation process... and they also added a raw image mode that will never break again and doesn't require Mach-Os. And people said they wouldn't help. This is intended for us.
A consumer shouldn't be restricted from installing their own OS on a device that they bought, be it a smartphone, tablet, laptop, desktop, or server.
A company the size of Apple should also be required to release proper documentation that enables the porting of operating systems to these kinds of devices.
The reverse engineering work that the Asahi team did is remarkable but so much of it is ultimately busy work that didn't need to be done if we regulated the consumer electronics market appropriately.
If you believe this, the fight should be against PlayStation and Xbox.
They’re 100% commodity hardware and fully locked down from any user freedom. Weirdly everyone focuses on Apple with all their might instead of gaming consoles.
Because gaming consoles are for a very specific purpose (and sold as such – the ruling against Sony for blocking Linux on the PS3 only happened because they advertised Linux compatibility) and Macs are general purpose computers
No Universal Machine inside any consumer product should "be for a very specific purpose," where it is locked down to prevent the consumer-owner from making software or firmware modifications to it. This goes for pacemakers, automobiles, microwave ovens, MRI machines, and even Intel IME or the little microcontroller on your NVME drive. If I were elected Benevolent Dictator For Life of the United States, I would immediately withdraw us from WIPO, strike down the DMCA, and implement a 100%+ sales tax on all "finished products" for sale which had even just one such Universal Machine in it locked down as described, AND mandate a minimum of 25 years full warranty and support on such products with forced 100% buy-back for failure to support or patch or open. We must relegate today's form of 'proprietary' to a rental/lease-only model and quit calling it 'ownership'.
We must demand hardware which strongly adheres to the GNU/FSF ethos or it must be rejected society-wide (or made too expensive for the average normie to afford, effectively killing its market). Universal Machines are to free humanity, not limit or enslave us! THIS is why I don't buy Apple and hold my nose buying x86 (Qubes OS) and Google Pixels (GrapheneOS); if I could afford Raptor Engineering's TALOS II, I would own only that!
Macs are special purpose hardware for running macOS. A PC you build from custom components in your office is a general purpose machine. The gaming console example by oc is quite apt.
So what you're saying is it would be acceptable for Microsoft and PC manufacturers to lock down their hardware to running Windows only? Most ship with Windows so why not?
Yes? That's what the law currently allows. If we want to make a law that says companies are required to let end users install _any_ software they want onto any device they legally own, that encompasses almost the entire consumer product ecosystem. It is becomes hard to determine what is "general purpose" and what happens if Acer says "this machine runs windows specifically and isn't general purpose?" or they say "you no longer own this machine, you are licensing the hardware from us?"
It would not be acceptable, and it is the duty of ethical whitehat hackers to break such digital locks, flip the bird to Congress and the WIPO's DMCA, and free humanity. It would be ethical to form militias and raid federal prisons to free whitehat victims caught up by the state for it. Liberty is not free.
As long as consumers understand that is the kind of device they are purchasing then it is acceptable.
It is cheaper for hardware manufacturers to only support a single operating system instead of designing a platform to be used by many. It also makes security simpler.
Sure, but where do you draw the line? Many PCs ship with some custom hardware but are not locked down. The MacBook Neo is probably not locked down but uses the same SoC as the iPhone 16 Pro which is locked down.
IMO it's pretty arbitrary. I wouldn't expect to run software on an appliance, even if the underlying hardware is commodity. And an appliance is something that performs a specific task (fridge, car, etc.). There are gray area cases though when an appliance does more than its basic function (smart fridge, car infotainment).
Honestly this shouldn't be limited to traditional computing devices. Why do I need some hacker to reverse engineer my robot vacuum and then fully disassemble it just to install custom firmware to it? Should be a basic requirement of right to repair so all this smart crap doesn't wind up in a landfill when a company goes out of business or decides to arbitrarily drop support for it.
No Universal Machine, as a component or the whole product, which prevents owner modification through DMCA-styled digital locking mechanisms, must be allowed to be sold on the open market. Such contravenes the rights of ordinary citizens. It is disgusting to me that we have allowed this state of affairs through our collective and individual inaction. America's founding fathers (terrorists by today's definitions) tarred and feathered for much less!
That might be reasonable for a general purpose computer if we were talking about something like a Parallel Inference Machine running KL1 software on a KL0 kernel. But I think conflating Apple's products with that level of foundational engineering is highly disingenuous. They're not exactly trundling into the dark woods of exotic hardware and reinventing the bridge between human and computer. It's an ARM computer running a Unix clone. Apple's engineers aren't mapping every codepath and counting every micro-op, Darwin contains extensive amounts of third-party code.
Hardware and software have to interface at some point. When the people designing the hardware work at the company designing the software it's not unreasonable for them to come to some shared understanding of that interface which may not be standard, portable, or even publicly documented, and certainly not one that is stable.
This isn't incompatible with allowing users to install their own software. There just isn't an obligation on the original designers to make sure that software works. That onus is on the designers of that software.
The EU is not some kind of god that will make others do your bidding if you pray enough to them. You've been misguided into following a false religion.
For every niche thing you wish that Apple or other third parties do only for your own enjoyment, there are hundreds of millions of other people who want different niche things. Buy the products that suit your needs and wants, and companies have incentive to make them. And if no company wants to provide a feature or function that you know a huge portion of people will want, then you have a golden opportunity to start a business providing this.
I can see the argument when it comes to locked-down mobile devices, but macOS is a general-purpose operating system with no restrictions on software sources that can't be easily disabled. Nearly every program available for Linux (excepting OS-specific stuff like desktop environments) is available for macOS, commercial and free, and there's plenty more that's macOS-only. Asahi is cool, but it's mostly used by enthusiasts - there's very little practical use for it as a macOS alternative. I think that you'd have a hard time convincing regulators that this cause really matters.
In any case, though, Apple agrees with you, and they explicitly built support for non-macOS OSes into the bootloader. This is a bug in the first developer beta of a new release.
> Turns out APFS has an undocumented "VolBootable" flag that we were never setting since, well, it is undocumented, and the boot picker never cared about it (it read it and printed it's state to system log, just did not take any action). Anyway, fix PR-ed to asahi-installer, old installs will have an installer option to set the flag. But still, probably hold off on installing macos betas :P.
Macs have always allowed you to run another OS.
iDevices have always had a locked bootloader.
People shouldn't confuse the two.
More weird than the opaque Management Engines on Intel or AMD chips that can take full control of your system at any time that you have no control over?
> Can't help but to think the goal of this wasn't to actually allow third-party OSes
Apple has explicitly stated that allowing third party OSes is exactly the purpose of the new bootloader.
> This puts [Apple Silicon Macs] somewhere between x86 PCs and a libre-first system like the Talos II in terms of freedom to replace firmware and boot components; while a number of blobs are required in order to boot the system, none of those have the ability to take over the OS or compromise it post-boot (unlike, say, Intel ME and AMD PSP on recent systems, or the DMA-capable chips on the LPC bus running opaque blobs that exist on even old ThinkPads).
https://asahilinux.org/docs/platform/introduction/
The Secure Enclave is equivalent to a PC's TPM (a TPM is now required to run Windows) not any form of a management engine.
The Intel ME / AMD PSP are creepy, and probably a security risk to the device owner, but they're not weird, you can run an OS without even knowing they're there, and they like it that way.
https://en.wikipedia.org/wiki/Das_U-Boot
The Asahi installer will also allow you to install UEFI alone, in case you want to use UEFI to install some other OS.
The hardware management engines in modern x86 chips are backdoors running at a higher privilege level than the installed OS's kernel.
It's hard to see them as anything else.
Considering they're pretty much fully undocumented (officially, that is) and could contain any number of IME equivalents since we know that they already have independent processors like the secure enclave running its own OS: yeah, probably more weird. Just because Asahi did not find one doesn't mean it doesn't exist.
However, apple's justification for exposing this mechanism to users appears to explicitly include "booting linux" even if the mechanism has zero explicit support for booting linux.
Novel jailbreaks for ancient iPhones are not worth much. But attention on current, brand new devices means increasing the danger that a mistake gets found, which increases the odds that that mistake is found by someone who wants to sell it for the most money. Also, from Apple's perspective a zero-day in the bootloader on macOS also means a zero-day in the bootloader in all of the billions of iOS devices out there too. They do not want to give anyone anymore reason than what already exists to try and pwn LLB or iBoot. Given a happy path, all of that hacker energy for "put Linux on my M1 Macbook" is put towards device drivers and support, rather than "how the hell do we get an alternative kernel booting on this thing".
Fewer bullets pinging off the armor. Fewer cracks in the fuselage forming. Fewer knives to dodge. All of it means Apple's boot process for their current devices are less likely to be pwned before they turn into e-waste (whenever that is, not making a comment on Apple's perhaps accelerated or otherwise practices in obsolescence).
Just like a jetliner will eventually succumb to entropy and become dangerous to fly, so too will a lot of "secure" software. You only need to actively maintain a jetliner while it is flying passengers or cargo. Once it is retired, it can rot, people can break into the husk of it at the junkyard and fornicate and smoke crack and smash windows and steal parts of the fuselage. At that point, who cares?
The actual problem was that Apple has an undocumented APFS key for if a volume is bootable, which Asahi wasn't setting and Apple wasn't checking, but now they do, so they do.
When folks say Intel and AMD are done, and we should all be on ARM, or RISC-V, beware of what to wish for.
Yes there are device trees now, however someone has to keep them up to date, and that is only part of what makes a motherboard.
So what are we supposed to use? ReactOS? SerenityOS? The entire mainstream is a "you have to..." OS, I fear the day when I have to abandon GNOME for a desktop that treats developers like chopped liver. Your general preference is fine, but I'm surprised that it aligns with the OEMs that want to put advertisements all over your desktop.
That's because it's Unix, not Linux.
[1] https://www.osnews.com/story/141633/apples-macos-unix-certif...
> ... copy the binaries uucp, uuname, uustat, and uux from /usr/bin to /usr/local/bin and the binaries uucico and uuxqt from /usr/sbin to /usr/local/bin ...
This should be your hint that UNIX certification is more of a box-checking exercise than a real test of functionality. UUCP has been functionally obsolete since at least the mid-1990s; it's surprising that macOS even bothers shipping its binaries, and it's exceptionally silly that UNIX certification requires it to be present and installed in /usr/local.
On the other hand I doubt that's intentional. Even as an avid Apple critic I want to mention that people I trust and are more involved with Asahi, always pointed out that Asahi received the occasional little help from Apple devs where possible (surely, not with official documentation, or confidential infos).
So, I would wait until things had time to calm down and not get too invested with Apple bashing.
https://x.com/XenoKovah/status/1339914716454526979
> I purposely designed a mechanism so that M1 Macs would retain the capability to boot completely arbitrary code instead of XNU if users wanted. But you have to 1) reboot to recoveryOS with a physical power button press and 2) put in your SEP-backed credentials.
> The challenge to running arbitrary code of course, as @marcan42 noted in his crowdfunding effort to getting linux on the M1, is that the SOC is undocumented, so you still have to reuse bits of XNU and/or reverse engineer a bunch of stuff.
> As one senior architect said "the contract is that there is no contract". So that Apple can change things to suit its own needs, not others', to build the best macOS experience, which is what most customers (besides y'all who follow me) are there for.
12.1 also added support for raw image boot, which was seemingly for, and has only been relevant to, making booting Asahi Linux easier. Discussion at the time https://news.ycombinator.com/item?id=29591578 and an archive of the tweet's content below:
> Looks like Apple changed the requirements for Mach-O kernel files in 12.1, breaking our existing installation process... and they also added a raw image mode that will never break again and doesn't require Mach-Os. And people said they wouldn't help. This is intended for us.
A consumer shouldn't be restricted from installing their own OS on a device that they bought, be it a smartphone, tablet, laptop, desktop, or server.
A company the size of Apple should also be required to release proper documentation that enables the porting of operating systems to these kinds of devices.
The reverse engineering work that the Asahi team did is remarkable but so much of it is ultimately busy work that didn't need to be done if we regulated the consumer electronics market appropriately.
They’re 100% commodity hardware and fully locked down from any user freedom. Weirdly everyone focuses on Apple with all their might instead of gaming consoles.
Lifetime Xboxes sold: ~200 Million
Lifetime iPhones sold: 3 Billion
Why is it weird?
We must demand hardware which strongly adheres to the GNU/FSF ethos or it must be rejected society-wide (or made too expensive for the average normie to afford, effectively killing its market). Universal Machines are to free humanity, not limit or enslave us! THIS is why I don't buy Apple and hold my nose buying x86 (Qubes OS) and Google Pixels (GrapheneOS); if I could afford Raptor Engineering's TALOS II, I would own only that!
Game consoles had a higher import tax than "computers" -> allow linux, save money.
IIRC they did a similar thing with the PS2 with some janky-ass BASIC interpreter being available.
It is cheaper for hardware manufacturers to only support a single operating system instead of designing a platform to be used by many. It also makes security simpler.
I should be able to put in a Linux DVD or memory stick and install Linux on it.
Or at the _very_ least an alternative app store.
IMO it's pretty arbitrary. I wouldn't expect to run software on an appliance, even if the underlying hardware is commodity. And an appliance is something that performs a specific task (fridge, car, etc.). There are gray area cases though when an appliance does more than its basic function (smart fridge, car infotainment).
Regulate what exactly? Bugs? That's what this was...
This isn't incompatible with allowing users to install their own software. There just isn't an obligation on the original designers to make sure that software works. That onus is on the designers of that software.
For every niche thing you wish that Apple or other third parties do only for your own enjoyment, there are hundreds of millions of other people who want different niche things. Buy the products that suit your needs and wants, and companies have incentive to make them. And if no company wants to provide a feature or function that you know a huge portion of people will want, then you have a golden opportunity to start a business providing this.
That is not what the industry, that pays lobby money, wants. They want to be able to control what the user runs and extract profits.
In any case, though, Apple agrees with you, and they explicitly built support for non-macOS OSes into the bootloader. This is a bug in the first developer beta of a new release.
"A foreign power could potentially deny access to the OS" sounds like a compelling argument.