Well, it is not good, but I still know big (very big) companies which deliver laptops to their employees with secure boot disabled.
Do you have secure boot enabled in your home PC?
Knowing that many linuxes do not support signed cores, the system was designed to work only for Microsoft.
Will it really make a big difference when it's broken?

Originally posted by BurakZG:

Well, it is not good, but I still know big (very big) companies which deliver laptops to their employees with secure boot disabled.
Do you have secure boot enabled in your home PC?
Knowing that many linuxes do not support signed cores, the system was designed to work only for Microsoft.
Will it really make a big difference when it's broken?

I don't know, I just figured I would inform people and they could make up their own mind about how to handle it. I prefer to have it enabled, especially for work.

Originally posted by BurakZG:

...
Knowing that many linuxes do not support signed cores, the system was designed to work only for Microsoft.
Will it really make a big difference when it's broken?

This is nonsense. Secure boot was developed and designed by the UEFI consortium as a UEFI feature; it was not designed to work only for Microsoft. The majority of major Linux distributions support secure boot because both shim and GRUB2 support it; and they have signed kernels with the secure boot CA.

It makes the same difference as prior to secure boot was developed; systems not using it are vulnerable to boot sector malware which you will not be able to remove from the OS and which can defeat anti-virus detection & removal.

https://wiki.ubuntu.com/UEFI/SecureBoot

"Most x86 hardware comes from the factory pre-loaded with Microsoft keys. This means we can generally rely on the firmware on these systems to trust binaries that are signed by Microsoft, and the Linux community heavily relies on this assumption for Secure Boot to work."

I was installing linuxes on many computers. Different distributions. I also tried to install kernel modules with Secure Boot enabled.

I'm not talking about how things were designed. I'm talking about reality.

Just four characters? Damn

Even personal logins require you to have 6 or 8, and insist upon some character variety requisites on top of that. Its been that way since I do not even remember when. This is incompetence of the highest degree.

I've never used secure boot anyway, it's always been a meme to me. If you make your own hobby operating system it's an annoyance.

I seriously doubt anything with code that cannot be audited offers any real security advantage over what can.

Well, I store absolutely nothing of value on on my PC anyway.