this post was submitted on 11 Feb 2026
37 points (100.0% liked)

Technology

6161 readers
45 users here now

Which posts fit here?

Anything that is at least tangentially connected to the technology, social media platforms, informational technologies and tech policy.

Post guidelines

[Opinion] prefixOpinion (op-ed) articles must use [Opinion] prefix before the title.

Rules

1. English onlyTitle and associated content has to be in English.
2. Use original linkPost URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
3. Respectful communicationAll communication has to be respectful of differing opinions, viewpoints, and experiences.
4. InclusivityEveryone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
5. Ad hominem attacksAny kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.
6. Off-topic tangentsStay on topic. Keep it relevant.
7. Instance rules may applyIf something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.

Companion communities

!globalnews@lemmy.zip
!interestingshare@lemmy.zip

Icon attribution | Banner attribution

If someone is interested in moderating this community, message @brikox@lemmy.zip.

founded 2 years ago
MODERATORS
BrikoX@lemmy.zip
37
Windows' original Secure Boot certificates expire in June—here's what you need to do (arstechnica.com)
submitted 1 week ago by BrikoX@lemmy.zip to c/technology@lemmy.zip
14 comments fedilink hide all child comments
 

PCs without the new certificates could eventually have trouble booting new OSes.

you are viewing a single comment's thread
view the rest of the comments
[–] h_ramus@piefed.social 1 points 1 week ago (2 children)

Gives the illusion of security without being secure. Get the drive in a separate machine and, unless encrypted, secure boot is security theatre. Windows login password is similarly useless when the drive can be accessed when attached elsewhere.

Get rid of secure boot, install a granny-safe Linux distribution like Mint and get your drive LUKS encrypted.

[–] FreedomAdvocate@lemmy.net.au 1 points 6 days ago* (last edited 6 days ago)

Good thing windows encrypts your disk too.

Also if someone has physical access to your machine to do nefarious things tor you’re already fucked.

[–] Hirom@beehaw.org 3 points 1 week ago (1 children)

You're talking of an attacker with physical access. This can indeed defeats secure boot, but physical access defeat most computer security. In an evil maid scenario even LUKS can be defeated. An attacker with physical access can clone the drive, install a keylogger (hardware or software) and capture the passphrase the next time the machine boots.

Secure Boot can be useful to prevent malware from inserting themselves into the boot process, preventing them from elevating privilege or gaining persistence https://www.xda-developers.com/secure-boot/

Secure Boot isn't perfect but it's widely available and is an useful extra layer of protection, on top of disk encryption (eg LUKS).

[–] h_ramus@piefed.social -2 points 1 week ago (1 children)

I can't take any Microsoft attempt at security seriously. One of the most important elements to improve security is to delete windows. Secure boot is lots of things but not secure.

[–] FreedomAdvocate@lemmy.net.au 1 points 6 days ago* (last edited 6 days ago)

These are all basically “if your machine is already compromised, they can also get around these other security measures” type exploits though, which are irrelevant.