Eclypsium researchers have discovered UEFI shells, authorized via Secure Boot, on Framework laptops. The UEFI shells contain capabilities that allow attackers to bypass Secure Boot on roughly 200,000 affected Framework laptops and desktops.
So don’t use it? How much or how little actual security secure boot provides is a topic that has been discussed to oblivion. I brought it up to make a point of how badly people are overreacting about the severity of this latest framework news.
I still have no idea what secure-boot really does and this was me turning the metaphorical secure-boot dial while checking the crowd to see whether they start gasping in horror.
So don’t use it? How much or how little actual security secure boot provides is a topic that has been discussed to oblivion. I brought it up to make a point of how badly people are overreacting about the severity of this latest framework news.
I still have no idea what secure-boot really does and this was me turning the metaphorical secure-boot dial while checking the crowd to see whether they start gasping in horror.
I believe it only means “I paid Microsoft to get a certificate”, so it does absolutely nothing for security.