Before we start, maybe I will quickly explain what Secure Boot is. It is a security feature, which allows our computer to decline booting operating systems that have not been signed by a key that the firmware trusts.
On 2022-12-11, I decided to setup Secure Boot on my new desktop with a help of
sbctl
. Unfortunately I have found that my firmware was… accepting every OS image I gave it, no matter if it was trusted or not. It wasn’t the first time that I have been self-signing Secure Boot, I wasn’t doing it wrong.As I have later discovered on 2022-12-16, it wasn’t just broken firmware, MSI had changed their Secure Boot defaults to allow booting on security violations(!!). MSI’s (in)Secure Boot
so.cl
MSI's (in)Secure Boot
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer
MSI's (in)Secure Boot