Yes, secure boot ensures only trusted software runs on a device, protecting it from malicious code.
Yes, secure boot ensures only trusted software runs on a device, protecting it from malicious code.
I faced some problems setting up NVidia drivers and found that turning off UEFI secure boot was straightforward. It made me question its purpose since it’s meant to block untrusted software, yet it seemed unnecessary if such a simple fix existed.
It isn't possible to turn it off when the system's UEFI is protected by an admin password and remote removal isn't available. A hacker can't force a boot of the affected operating system.
I relied on secure boot across every Linux distribution I used. My concern for security drove me to choose Linux initially. I saw firsthand how simple it was to compromise another system. I applied LVM encryption to protect all my partitions, set strong passwords for my BIOS, and enabled secure boot to block booting other operating systems.
You can totally disable Windows startup and rely on Linux booting too—though it’s pretty much a waste of time since anyone can grab the Linux source and sneak in some nasty code. The safer move? Secure third-party boot in the BIOS and add a password so only you can jumpstart the system.
I thought LVM made it simpler to resize or expand storage volumes. [edit] - don't worry, I understand now. You can find more details here: https://security.stackexchange.com/quest...encryption
Secure boot offers advantages in scenarios where someone with potential malicious intent might interact with a device—like students in schools or portable systems. It adds layers of protection by ensuring only trusted software can start up. While it complicates booting alternative operating systems, encryption remains a stronger choice for data security. On machines lacking secure boot, securing the BIOS with a password and restricting boot sources is a viable alternative. In short, secure boot serves specific needs but isn't essential for everyday users. Some claims about its origins are exaggerated.
I believe the main issue isn't stopping boot-ups but rather what occurs when someone removes your hard drive from your machine, connects it to another system, and mounts it on any operating environment. All your security measures, BIOS safeguards, secure boot processes, and login credentials become entirely ineffective. In short, you need to encrypt your drive. Otherwise, if your computer is stolen, your privacy and data are at serious risk.
it serves as a security measure by MicroShit to prevent the system from starting with non-EFI Windows versions, effectively blocking access to older operating systems like Windows or Linux. it must be included in every computer sold with Windows pre-installed under the agreements with MicroShit. for Windows 10, there isn't an official way to disable this feature, though some users can still override it due to manufacturers' reluctance to restrict installation rights.
Agreed, that's why I brought up encryption. It seems some might think it's unreal that secure boot could be hiding behind motives for dominating the OS market. Sure, it's easy to turn it off now on many systems, but that doesn't have to stay that way. As someone said at M, we're in the Embrace or Extend phase, gradually shifting toward Extinguish—though I really wish that isn't where things go... Edited November 13, 2018 by Wild Penquin a questionable negative