Immutable distributions are all the rage these days, so is this a play for an immutable distribution? Or perhaps a server implementation with more containerization for Docker, Podman applications? The most famous form of an immutable distribution is Google’s Chrome OS, with two boot channels for firmware and the OS, which is hashed to verify that it hasn’t been tampered with. If there is a failure, it resorts to the other boot channel, then updates the bad one in the background. And why it does so well with updates, as it updates the unused boot channel to use on next boot, if there is an issue it reverts back, or if successful, mirrors the update. And the kernel is made read only on successful boot so it can’t be tampered with. Now Linux immutable distributions do things a little different with making the core system read only, only applying updates on reboot with easy fallback if issues, and then containerizing applications in Flatpak, Snap or AppImages. The containerizing of applications I have a problem with, so I’d never use one of these though I did play around with NixOS for a spell which had compelling use cases for corporate operations and uniformity with easy rollouts of system configurations, though the project is run by far left liberals who ran off conservatives, so I wouldn’t use it today.
https://www.theregister.com/2026/01/29/lennart_poettering_quits_microsoft/
Lennart Poettering’s Amutable aims to bring ‘cryptographically verifiable integrity’ to the other OS
Linux celeb Lennart Poettering has left Microsoft and co-founded a new company, Amutable, with Chris Kühl and Christian Brauner.
Poettering is best known for systemd. After a lengthy stint at Red Hat, he joined Microsoft in 2022. Kühl was a Microsoft employee until last year, and Brauner, who also joined Microsoft in 2022, left this month.
The trio are leading lights in the Linux and open source world. Brauner posted on Mastodon: “My role in upstream maintenance for the Linux kernel will continue as it always has.”
Poettering will similarly remain deeply involved in the systemd ecosystem.
According to the company’s website, Amutable focuses on “determinism and verifiable integrity” in Linux systems.
In its announcement, the company wrote: “Amutable’s mission is to deliver verifiable integrity to Linux workloads everywhere. We look forward to working towards this goal with the broader Linux community.”
Systemd and Poettering have attracted their fair share of controversy over the years among parts of the Linux community. Like it or loathe it, systemd can be found in most mainstream Linux distributions. At the risk of triggering a slew of angry comments, it can best be described as software that runs first, then starts other required services and applications.
Poettering’s role as chief engineer in Amutable, therefore, makes sense. The Berlin-based company’s goal is to build “cryptographically verifiable integrity into Linux systems. Every system starts in a verified state and stays trusted over time.”
It is unclear why Poettering decided to leave Microsoft. We asked the company to comment but have not received a response. Other than the announcement of systemd 259 in December, Poettering’s blog has been silent on the matter, aside from the announcement of Amutable this week.
In its first post, the Amutable team wrote: “Over the coming months, we’ll be pouring foundations for verification and building robust capabilities on top.”
It will be interesting to see what form this takes. In addition to Poettering, the lead developer of systemd, Amutable’s team includes contributors and maintainers for projects such as Linux, Kubernetes, and containerd. Its members are also very familiar with the likes of Debian, Fedora, SUSE, and Ubuntu.