this post was submitted on 27 Nov 2024
256 points (95.7% liked)
Technology
60083 readers
3597 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
AKA not that big of a deal, yet. An article from another post about this also mentions GRUB explicitly as a requirement as well as PoC using self signed keys, which renders it sort of impossible to abuse.
UKI + your own keys + secure boot is still not broken.
How many distros support secure boot out of the box? IIRC it’s only Ubuntu and RHEL. The rest require hacking some shit together with self signed keys.
Don't know, been rolling with Gentoo for some time now.
I wouldn't trust "out of the box" support anyway as that would imply trusting microsoft keys.
It is so annoying that one can't ditch m$ keys and still boot windows. Sure you can sign the windows bootloader with your own keys. However it checks its own signature and just refuses to boot.
If anyone has a solution let me know.