I still for the life of me can’t figure out what’s so great about secure boot and tpm. All it’s ever done for me is prevent me from booting a legitimate OS, or a bootable flash drive with iso images on it (like ventoy). It’s also pretty good at giving me a headache trying to figure out how the keys work and how to register them.
I just turn them both off and live in ignorant bliss.
Secure boot and TPM are tools for (among other things) making sure nobody (E.G. a virus or worm) has tampered with your OS and bootloader. You can for instance use both on Linux, it’s just by default they come preloaded with Microsofts configuration for loading Windows, and the technical knowledge for how to reconfigure it is a bit arcane.
It’s an excellent security tool, it’s just abused by Microsoft to discourage competition.
It’s not for you, it’s for them. Secure boot means it only runs their operating system, not yours. Trusted enclave means it secures their DRM-ware from tampering by the user who owns the PC.
What do you mean? I remove all vendor keys and enroll my own secure boot keys. This way only my install with my bootloader signed by my keys will boot.
I still for the life of me can’t figure out what’s so great about secure boot and tpm. All it’s ever done for me is prevent me from booting a legitimate OS, or a bootable flash drive with iso images on it (like ventoy). It’s also pretty good at giving me a headache trying to figure out how the keys work and how to register them.
I just turn them both off and live in ignorant bliss.
Secure boot and TPM are tools for (among other things) making sure nobody (E.G. a virus or worm) has tampered with your OS and bootloader. You can for instance use both on Linux, it’s just by default they come preloaded with Microsofts configuration for loading Windows, and the technical knowledge for how to reconfigure it is a bit arcane.
It’s an excellent security tool, it’s just abused by Microsoft to discourage competition.
It greatly raises the cost of exploring competing software for the average person.
It’s not for you, it’s for them. Secure boot means it only runs their operating system, not yours. Trusted enclave means it secures their DRM-ware from tampering by the user who owns the PC.
What do you mean? I remove all vendor keys and enroll my own secure boot keys. This way only my install with my bootloader signed by my keys will boot.
Secure boot means that only the intended bootloader runs, it can be any one, but it just needs to be the intended one.
Secure boot works with Linux.
Do you enjoy just making shit up on the internet?
Not everyone only uses their PCs jsut for games, friend.
Your experience isn’t a baseline, cope