[weightedreply]

Microsoft's certification states that OEM's must allow the user to configure secure boot to trust other bootloader's.

https://learn.microsoft.com/en-us/windows/security/operating...

However OEM's like HP are ignoring the certification requirements:

https://h30434.www3.hp.com/t5/Notebook-Operating-System-and-...

https://h30434.www3.hp.com/t5/Notebook-Boot-and-Lockup/How-t...

[irusensei]

Interesting. I had a 705 G4 (or 74 g5? Idk the one with the Ryzen 2400Ge) and the firmware supported putting the machine secure boot system on setup mode.

[ChocolateGod]

Some cases OEMs ignore the requirement the other way round, e.g. the MSI boards that perform zero signature checking with secure boot on.