Rspigler
commented
3 years ago Hmm. This is tricky. A malicious version of Ubuntu could lie and say it is genuine, but like you said, their laptop is already assumed untrusted (daily laptop running proprietary OS). You ultimately can't verify something when starting from a possibly malicious source.
Technically, users should buy a fresh laptop to download/verify the ISO on, as well as a fresh laptop to install Ubuntu...
I guess I'm neutral on this since it is a large usability gain, and I'll still have verification instructions in the PDF
Let's add a step early in setup where the user inserts their Ubuntu thumb drive and we verify the signatures of the download. This is usually done before installation, but the daily driver laptop they are using is arguably less trustworthy than the freshly installed ubuntu laptop where the installation was downloaded from a very well known and reputable URL and signatures are verified after the fact. And we can automate it.