this post was submitted on 13 Nov 2025
12 points (77.3% liked)

Linux

10114 readers
1028 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
12
Why call it full-disk encryption when the EFI partition has to be unencrypted? (programming.dev)
submitted 1 day ago by onlinepersona@programming.dev to c/linux@programming.dev
36 comments fedilink hide all child comments
 

Sounds like a misnomer to me.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] TwilightKiddy@programming.dev 7 points 1 day ago (1 children)

As bad as secure boot is, that's exactly the use case for it. Frankly, you can both swap the CD and solder a new BIOS flash if you are really interested in boot poisoning, the latter is just a tiny bit harder to do without some sort of trace.

[โ€“] Jumuta@sh.itjust.works 3 points 1 day ago

I meant software attacks, if your hardware is compromised it's pretty much already game over unless you use something esoteric like heads maybe