So, is there any consensus if secure boot is even needed at all? I’ve read so many different opinions about this the past few days and have no idea.
How would we know if this will affect us? I have been running Linux distros for 20 years and didn’t know Microsoft was involved at any level in firmware.
Nah, don’t use it. Secure boot is tainted by Microsoft 🤮
Secure boot can’t fail due to expired certificates if it’s already disabled…
Secure boot security used as ransomware to ensure Windows purchases.
On Bazzite there is a built-in
ujustscript:enroll-secure-boot-key # Enroll Nvidia driver & KMOD signing key for secure boot - Enter password “universalblue” if prompted
But I don’t really understand how Secure Boot works so far, so I wonder if using it fixes the issue.
That should exactly fix the problem.
The real issue is that by default, if secure boot is enabled, you won’t be able to boot up into bazzite or whatever in order to run that command.
So the user experience will be worse now, because instead of just installing and running, Linux users have to disable secure boot, boot and install their distro, run that enroll command, and then reenable secureboot. And lots of people are going to give up at step 1, and leave secureboot off.
Microsoft is counting on that
EDIT: could they just make this part of the install process? Could they make it like a thing that runs on first boot, if you can only do it from within the kernel/boot loader that is to be authorized?
