Betanews: Microsoft Windows 11 users should switch to Ubuntu-based Linux Lite 6.6 now https://betanews.com/2023/09/04/linux-lite-6-6-open-source-freedom-multilingual-alternative-windows-11/ #multilingualsupport #communitysupport #OperatingSystems #Linuxmigration #Softwareupdate #user-friendly #LinuxLite6.6 #OpenSource #SecureBoot #Windows11 #Article #UEFI

Arch Linux & Secure Boot: Unified Kernel Image (UKI) mit systemd-ukify erstellen & signieren

https://www.codingblatt.de/arch-linux-secure-boot-systemd-ukify/

#archlinux #systemd #unifiedkernelimage #secureboot

TIL: You can disable #Windows11's stupid #TPM, #SecureBoot, and online account requirements during installation!

*tries to run official Intel UEFI firmware update tool on Linux*

...secure boot increasingly feels like a practical joke that was played on all of us and someone claimed would pay off some day, I swear. #UEFI #Intel #SecureBoot

@fwaggle It can boot #32bit #Linix from #USB on #MBR-formatted #Flashdrives withoit #SecureBoot...

So basically you can just make your own custom multiboot stick with #Ventoy ( http://ventoy.net ) and drag&drop your ISOs into it.

@mariusmichusch @ubuntu

#Ubuntu is literally signed with said "#SecureBoot" aka. #CensorBoot keys and you can literally use #Ventoy to circumvent that since that's also supporting "Secure" boot...

https://www.ventoy.net/en/index.html

Either way, the only valid option is to refuse to buy that shit in the first place and demand a full refund because one should be able to expect the ability to install their own OS of choice in 2023.

Thx for reminding me why I never bought any #ThinkPad ever since...

https://askubuntu.com/questions/951040/how-shim-verifies-binaries-in-secure-boot

#uefi #secureboot #shim #linux #security

Today I set up Secure Boot on one of my #NixOS machines. After I found the reason for the beloved `error: infinite recursion encountered` issue (I forgot to add lanzaboote as an argument via specialArgs), it – just worked.

Then I continued to set up LUKS unlocking via a #TPM sealed key. Also really easy.

I'm amazed.

On one machine I would like to set up #SecureBoot. I use grub as it offers redundant bootloaders via the mirroredBoots options, which makes it incompatible with #Lanzaboote.

If #fedora works with #secureboot when i get off work tonight, i may permanently stick with fedora since that’s something #arch did not allow me to do. That would be a major pull factor for me from arch unfortunately, since it would work better with my system and #windows. If only #Valorant didn’t force you to have secure boot :P

A typical Linux bootloader update, nothing to see here! #nix #secureboot

🔄 Retweet

« Super projet de @ANSSI_FR

https://github.com/ANSSI-FR/ultrablue

Cela permet de vérifier si la chaine de boot de votre téléphone n'est pas compromise.

Ça vaudrait le coup d'organiser un workshop pour les journalistes et les activistes ça

#android #secureboot
»

Source : https://twitter.com/Sebdraven/status/1676117436708290562

Finally getting the hang of SecureBoot. It can work well but as with most things if an attacker gets physical access to your machine you’re quite screwed.
Make sure to have failsafes in place so if one link in your boot-chain breaks that you can’t go further.
#computersecurity #secureboot

Qué cojones es esto... #secureboot

Today I'm deep diving on #SecureBoot.

The boot process is pretty fascinating in general and it's kind of bonkers we lived for as long as we did without anything much protecting it.

This Week in Security: .zip Domains, Zip scanning https://hackaday.com/2023/05/19/this-week-in-security-zip-domains-zip-scanning/ #ThisWeekinSecurity #HackadayColumns #SecurityHacks #BlackLotus #SecureBoot #News #zip

This Week in Security: .zip Domains, Zip scanning - The world may not be ready, but the .zip Top Level Domain (TLD) is here. It’s a pa... - https://hackaday.com/2023/05/19/this-week-in-security-zip-domains-zip-scanning/ #thisweekinsecurity #hackadaycolumns #securityhacks #blacklotus #secureboot #news #zip

Microsoft Currently Patching 0day Secure-Boot Vulnerability

#News #Microsoft #secureboot #Intel #infosec #cybersecurity #tech #computers #exploit #windows

https://www.schneier.com/blog/archives/2023/05/microsoft-secure-boot-bug.html

@roytam1 我會講升不了 #Windows11 是 32-bit 老舊架構硬傷，不是 #TPM 或 #SecureBoot 那種問題… 😅

When people generate their own signing key for use with #secureboot they usually store the private key in a root partition encrypted with LUKS so it can’t be stolen when the computer is turned off. Does anybody go a step further and derive the signing key from a hardware security token like -sk ssh keys?

MSI-Hack: Intel Bootguard- und Firmware-Signatur-Schlüssel in freier Wildbahn

Kürzlich haben sich Einbrecher Zugang zu MSI-Systemen verschafft. Jetzt sind private Schlüssel für Intel BootGuard und zum Signieren von Firmware aufgetaucht.

https://www.heise.de/news/MSI-Hack-Intel-Bootguard-und-Firmware-Signatur-Schluessel-in-freier-Wildbahn-8989300.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#BIOS #Cybercrime #Datenklau #Firmware #MSI #Security #SecureBoot #news