Comment by Gareth321
12 hours ago
We can still install, right? It just comes up with a scary warning. Still not great but at least we aren't locked out.
12 hours ago
We can still install, right? It just comes up with a scary warning. Still not great but at least we aren't locked out.
You can, but it's more than a warning. VeraCrypt has a signed kernel driver, which has higher requirements. You'll need to boot into a special Windows mode and disable Driver Signature Enforcement.
Afaict, you can't disable driver signature enforcement permanently without disabling secure boot.
You also get a huge watermark that says "Test Mode" that takes up the entire screen (not kidding)
3 replies →
Secure boot is an anti-feature in most of the landscape anyway. Sure, if you have a distribution under your control or influence it could theoretically be a benefit. But you need to not be stupid or naive here.
You can also roll you own encryption if you are not stupid and naive. Probably a question of self-reflection.
Note that signatures are not revoked retroactively when a certificate is revoked. You can still install previous releases.
With all the bugs and potential security flaws that are there and not fixable.
1 reply →