Comment by Nextgrid
1 month ago
It prevents malware that obtained root access once from forever replacing your kernel/initrd and achieving persistence that way.
1 month ago
It prevents malware that obtained root access once from forever replacing your kernel/initrd and achieving persistence that way.
Unless that malware is able to activate the secure boot feature on a system where it is not enabled, in which case it permanently prevents me from removing the malware.
Then you reset the firmware and re-enroll your SB keys or disable it completely.
> re-enroll your SB keys
This is possible only temporarily.