Comment by fsflover
3 hours ago
Instead of proprietary SecureBoot controlled by megacorps, you can use TPM with Heads based entirely on FLOSS with a hardware key like Librem Key. Works for me and protects from the Evil Maid attack.
3 hours ago
Instead of proprietary SecureBoot controlled by megacorps, you can use TPM with Heads based entirely on FLOSS with a hardware key like Librem Key. Works for me and protects from the Evil Maid attack.
You can also use SB with your own keys (or even just hashes)...just because Microsoft is the default since most people use Windows on their PCs doesn't mean it's controlled by them. Plus they signed the shim loader for Linux anyways so they almost immediately gave up any "control" they had through SB.