Hacker News new | ask | show | jobs
by nottorp 739 days ago
Can you use this to install linux on motherboards locked to windows boot loaders in firmware? :)
1 comments
kukrimate 738 days ago
No.

But on essentially all existing UEFI systems you can trivially overwrite the "db" keystore in flash and install anything you please.

Also most (all?) UEFI systems are not locked to Windows and allow customizing the keystore via the firmware console interface anyhow.

link
Foxboron 738 days ago
> Also most (all?) UEFI systems are not locked to Windows and allow customizing the keystore via the firmware console interface anyhow.

All of them.

The Secured Core machines still allows you to reset Secure Boot into user mode as mandated by the spec.

link
josephcsible 738 days ago
Isn't this only true of x86 ones, not ARM ones?
link
Foxboron 738 days ago
If ARM implements the UEFI specification then there are escape hatches to enroll your own PKI.

I don't own ARM machines with UEFI so I have no clue.

link