[DougHaber]

What if I prefer Debian over Ubuntu? Can I be upset then? I'm sure this will be possible to hack around, but we shouldn't have to hack our own computers to use them. A simple option to disable secure boot would solve all the problems. The vendors know this, so I'm curious why they would chose to not provide the option. Is there some belief that by even having the option, the system would be inherently more insecure?

I'm sure that some vendors will provide an option, so this will just likely be an extra thing to research before buying a new system.

[mark_l_watson]

Doug, if you use a Linux distro that is not signed, then yes, it is an issue because you will have to track down laptops that allow allow disabling secure boot. BTW, I didn't intend to sound flippant in my original comment, it is just that as I get older (I turn 2^8 next month, yeah :-) I am more concerned with convenience, fun and productive development environments, etc.

[Twirrim]

So what if Microsoft decide to no longer allow Ubuntu or Redhat to get signed keys?

[gnoway]

I would be more worried about other OS projects that are either too disorganized to meet whatever the signing qualifications are, or have ideological issues which prevent them from participating.

[pgeorgi]

Canonical doesn't enforce signature checks for module loading (which is useful for DKMS based kernel modules, and is also a "freedom to tinker" matter). That may well lead to a revoked Secure Boot key at some point...

[polar]

> I turn 2^8 next month

256‽

[mark_l_watson]

Good catch. I meant 2^6

[vezzy-fnord]

Thankfully, that's just about any x86 laptop at present.