← Back to context

Comment by NekkoDroid

21 days ago

AFAIU (I haven't looked much into it) shim basically exists so that MS signs the shim once (or only a few times when updated), which has the distro public key embedded, which does further verification of the chain (bootloader/kernel) which gets updated more frequently.

4 comments

NekkoDroid

Reply
jcgl  21 days ago

That's basically my understanding too. But since you can still boot any shim-supported distro, Secure Boot + shim practically gains you nothing. An adversary can simply boot their own own copy of shim with whatever OS they like.

  • NekkoDroid  21 days ago

    > An adversary can simply boot their own own copy of shim with whatever OS they like.

    They'd need to get MS to sign it first, but otherwise yea. That's why I remove the MS keys on my non-windows systems.

    • jcgl  21 days ago

      I don't know all the ins and outs, but because of the Machine Owner Key (MOK) mechanism in shim, it should be possible to boot arbitrary OSes without MS signing anything.

      Your step of removing the MS keys works of course :) Although I've heard that can be risky on various systems that need to load MS-signed EEPROMS. Also I think that firmware updates can be problematic?

      1 reply →