Linux

8602 readers

707 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

192

Linux users are about to face another major Microsoft Secure Boot issue (www.techradar.com)

submitted 4 days ago by Sunshine@lemmy.ca to c/linux@programming.dev

48 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] TeddE@lemmy.world 5 points 2 days ago* (last edited 2 days ago)

For you and me, that's fine, but for little johnny first time, it's adding friction and new points of failure that push the whole idea further away from their comfort zone.

It could be argued that Microsoft knows this and is deliberately weaponizing peoples insecurities to keep them in line.

Also, "Been available since 2023" means Microsoft gave distros 2-3 years to implement the new signing keys. Yet they'll give themselves decades between signing and updating their own root certificates.

Example: on my work machine, "Microsoft RSA Root Certificate Authority 2017" is valid from 2019 to 2042. It's valid for 25 years, but it took Microsoft 2 whole years to deploy the certificate within it's own structure, specifically to get all the relevant sign-offs needed to issue the cert.