Note, this is about not booting from *signed and verified* bootloaders, using th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tlamponi on July 8, 2022 \| parent \| context \| favorite \| on: Lenovo shipping new laptops that only boot Windows... Note, this is about not booting from signed and verified bootloaders, using the 3rd party Microsoft CA, which need to go through quite some hoops already to get verified, not some unverified and/or unsigned loader. Debian, Fedora, ... use already trusted and signed bootchains, but they are excluded by choice without any benefit of security whatsoever. IMO this smell again like classic Microsoft EEE...

Sakos on July 8, 2022 [–]

Debian and Fedora work fine with Secure Boot though.

Avamander on July 8, 2022 | [–]

They don't work with Device Guard, but as I mentioned a comment above the previous, it can be disabled.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact