Needlessly intrusive. Can obviously be circumvented by cheaters anyway, so quite possibly superfluous. Apart from that it protects against the kinds of attacks that typically require physical access to the computer. If you have physical access you have full access anyway. Etc.
Why?
Kyrgizion@lemmy.world 1 day ago
9tr6gyp3@lemmy.world 1 day ago
If you have physical access you have full access anyway. Etc.
You know secure boot was specifically made to protect users for this exact use case. Any tampering of the system will prevent the system from booting.
Eggymatrix@sh.itjust.works 1 day ago
I get your pc, “tamper” it, then i install a fake bios that tells you all is well and that your tpm and secureboot and whatever else bullcrap they invent is still happy.
See the problem?
Corngood@lemmy.ml 1 day ago
It won’t boot though, because the keys to decrypt the system are stored in the TPM.
Sure you could replace the whole OS, but that’s going to be very obvious and won’t allow you access to the data.
Limonene@lemmy.world 1 day ago
A person with physical access can tamper with the OS, then tamper with the signing keys. Most secure boot systems allow you to install keys.
Secure boot can’t detect a USB keylogger. Nothing can.
9tr6gyp3@lemmy.world 11 hours ago
The signature checks will immediately fail if ANY tampering has occurred.
Adding a USB keylogger that has not been signed will cause a signature verification failure during boot.
Tanoh@lemmy.world 1 day ago
If you have physical access you have full access anyway
No, encrypt your drives.
SoupBrick@pawb.social 1 day ago
It fucks with Linux. I literally just disabled it to resolve a driver install issue before this announcement was made.
9tr6gyp3@lemmy.world 1 day ago
Linux can run with secure boot just fine though. Use your distros documentation to set it up.
brezel@piefed.social 1 day ago
muusemuuse@sh.itjust.works 1 day ago
Alaik@lemmy.zip 17 hours ago
I don’t think he needs a winning argument. I think EA needs to justify this kernel level AC, not the other way around.
muusemuuse@sh.itjust.works 11 hours ago
I’m agreeing with point 4.
Truscape@lemmy.blahaj.zone 1 day ago
muusemuuse@sh.itjust.works 1 day ago
Kazumara@discuss.tchncs.de 17 hours ago
Weird, for me it was just flicking the switch in UEFI and now Grub and trough it Windows 10 and Fedora 43 boot in Secure Boot.
9tr6gyp3@lemmy.world 1 day ago
Im fairly certain any legacy hardware that doesn’t have secure boot as an option is going to struggle loading BF6 regardless.
The first two points are not related to secure boot at all.
brezel@piefed.social 1 day ago
you think loading my own kernel modules is not related to secure boot? i guess you don't work in IT then.
Miaou@jlai.lu 17 hours ago
Most people who work IT don’t even know what a kernel is, tbf
9tr6gyp3@lemmy.world 1 day ago
It doesn’t matter which kernel modules are used, as long as you have signed those changes before rebooting.
pathief@lemmy.world 1 day ago
You can’t install most linux distributions with secure boot enabled.
muusemuuse@sh.itjust.works 1 day ago
This is outdated information. Linux has supported secure boot for quite a while now.