(lwn.net)

253 points pabs3 | 2 comments | 18 Jul 25 03:53 UTC | HN request time: 0.481s | source

Show context

omnibrain ◴[18 Jul 25 08:23 UTC] No.44602459[source]▶

I'm sure this is a naive take, but why is it not possible to enter a new key into the BIOS (dating myself, I know it's EFI) by hand?

replies(4): >>44602517 #>>44602569 #>>44602734 #>>44603003 #

nottorp ◴[18 Jul 25 08:34 UTC] No.44602517[source]▶

>>44602459 #

You'd have control over what boots on your computer then...

replies(2): >>44602571 #>>44602581 #

ozgrakkurt ◴[18 Jul 25 08:50 UTC] No.44602581[source]▶

>>44602517 #

That would be a disaster. Or imagine what would happen if you just disabled secure boot, your computer will be infected with viruses and your bank account emptied instantly I reckon

replies(1): >>44602920 #

1. Dead_Lemon ◴[18 Jul 25 09:57 UTC] No.44602920[source]▶

>>44602581 #

Secure boot doesn't stop user-space malicious activity.

I'd argue that it only helps check a tick box on corporate security manifest, as it indicates the kernel being booted, is not tampered with.

replies(1): >>44604420 #

2. OldfieldFund ◴[18 Jul 25 13:27 UTC] No.44604420[source]▶

>>44602920 (TP) #

OP was being sarcastic

↑

Linux and Secure Boot certificate expiration