Linux and Secure Boot certificate expiration
Linux and Secure Boot certificate expiration
lwn.net
Linux and Secure Boot certificate expiration
14 comments
-
-
How can I check if my system will be affected or not?
-
Was your bios updated in the last few years? Not when you updated it, but when the manufacturer pushed a newer update.
If it's older than 2023 then you're screwed. If it's been updated since then then you're probably fine.
-
Screwed just means you'll have to turn off Secure Boot if you ever want to reinstall Linux. And on many PCs the Secure Boot has been so badly implemented it's pretty worthless anyway. Several of mine have a root key called something like "AMI TEST KEY - DO NOT TRUST" which basically invalidates the whole system and is unfixable by the user.
-
Hm, I guess that should be visible somewhere in the BIOS, need to have a look later.
-
-
i have just revived a system from 2013 with linux, if i turn off secure boot does this matter?
-
No.
-
-
-
Would this not also be an issue for Windows users? Or is the Windows boot loader signed with a different key?
14 comments
What a terrible system. I have a couple of computers where the vendor provides good update support, but for most of them this is not the case and you're pretty much stuck with the firmware you get. To tie Secure Boot to such a flaky set of distribution channels seems like very poor planning.
Or it's on purpose to force the purchase of new hardware.
Anti Commercial-AI license
@floofloof @cm0002 Poor planning my ass. This was the plan all along. They [expletive] know what they are doing.