“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”

  • CriticalMiss@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    29 days ago

    How many distros support secure boot out of the box? IIRC it’s only Ubuntu and RHEL. The rest require hacking some shit together with self signed keys.

    • Illecors@lemmy.cafe
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      29 days ago

      Don’t know, been rolling with Gentoo for some time now.

      I wouldn’t trust “out of the box” support anyway as that would imply trusting microsoft keys.

      • raldone01@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        28 days ago

        It is so annoying that one can’t ditch m$ keys and still boot windows. Sure you can sign the windows bootloader with your own keys. However it checks its own signature and just refuses to boot.

        If anyone has a solution let me know.

      • CriticalMiss@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        29 days ago

        I checked my store and there are Canonical keys there, but I don’t think that’s on every computer.