|
|
|
|
|
|
by vetinari
2770 days ago
|
|
|
With UEFI Secure Boot, you can enroll your own "Machine Owner Key" and use the private part for signing, thus having both, freedom and to a certain degree security (the hardware has firmware, that with high degree of probability won't be signed by your key, so you will have to keep someone else key enrolled too; so it is not perfect either). Platforms like T2, which allow only on/off, but not key enrollments, are a step back. |
|
|