On Mon, Jul 4, 2016 at 3:58 AM, Ralf Mardorf <ralf.mard...@alice-dsl.net> wrote: > On 04.07.2016, at 00:02, Tom H wrote:
>> The Linux developers who put together a Linux solution/option for >> Secure Boot must've thought that there's a case to be made for Secure >> Boot on Linux. > > Yes hardware and multi-boot with a proprietary OS that enforces usage > of secure boot is at least one reason. Not x86; yet... >> Think malware existing outside of the OS and targeting >> the pre-kernel boot process. > > Are there some examples for such malware that affected Linux or BSD > machines, where secure boot would have protected those machines or are > there any other evidences for more security for Linux or BSD machines > by secure boot? There was a proof-of-concept bootkit for OS X (more or less BSD) for which Apple had to patch its OS and there was a combination Spanish bootkit/rootkit for Lin-macOS-Win (and Android-iOS too IIRC) but I seem to remember that the bootkit was exclusively for Windows. >> If there's a way for Ubuntu to offer its users the possibility of >> using Secure Boot and dkms-compiled modules, why not? > > Sure, if somebody likes to maintain this option, it's ok. It's still > more user-friendly to disable secure boot, than to deal with it, isn't > it? It's certainly simpler. I've disabled SB on my laptop out of sheer laziness; and because there seem to be as many instructions about SB as there are blogs about it. I'll try the simple mokutils command that started this thread when 4.6.4 is released. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
