this post was submitted on 08 Apr 2026
221 points (100.0% liked)
Technology
83696 readers
525 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Secure Boot has nothing to do with Microsoft, it's a UEFI feature.
You can enroll your own Platform Key and have complete control over the entire Secure Boot system.
https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot
I use a signed Unified Kernel Image to use Secure Boot and my machine has zero Microsoft software on it. (Arch, btw)
wasn't there some dumb shit like every linux distro using fedora keys which were from microsoft?
Microsoft signs Red Hat certs then Red Hat signs everyone's certs, so the only thing Microsoft can do is to revoke Linux as a whole.
It's the most feasible solution since most computers are designed for Windows.
I think it is just chain of trust. Many used Microslop as the trust authority (may be due to convenience? I have no idea). Debian has a nice page on Secure boot and how it works.